0
PHYSICAL SECURITYAttacker
Physical SecurityNot all attacks on your organizationdata come across the networkMany companies focus on an “iron-clad” n...
Physical Security   An example of this would be the recent identity theft    incident at the Department of Veterans Affai...
Physical Security   Increased importance   Given the trend toward smaller, more lightweight PC    components, physical s...
Physical Security   Attackers : Two Categories       Outside the company       From within the company
Physical Security                  Impact of an attack   These attackers can often cause systems to fail, and    they can...
Physical Security   Preventing Outside attackers   Natural barriers: landscape and terrain   Fencing: type and construc...
Physical Security    Preventing Outside attackers    Frequency of patrols and security checks    Door and window locati...
Physical SecurityArmed Guards and Bulldogs are a good way to keep out attackers.
Physical SecurityPreventing attackers from within   Ex: Disgruntled or greedy employers or contactors.   It’s important ...
Physical SecurityGuidelines for restricting personal access:   Create a badge program that includes an employee picture  ...
Physical SecurityGuidelines for restricting personal access:   Dont allow anyone – including vendors, salespeople, etc. –...
Physical SecurityEnforcement
Physical SecurityGuidelines for protecting information and equipment access:   Place monitors and printers away from wind...
Physical SecurityGuidelines for protecting information and equipment access:   Lock up portable equipment (e.g., laptops,...
Physical Security
Physical Security    Strong Room
Physical Security              Strong Rooms / Server Room   This hardware contains highly sensitive information and acces...
Physical Security           Strong Rooms / Server Room   The room should have increased security mechanisms to    prevent...
Physical SecurityEnforcement
Upcoming SlideShare
Loading in...5
×

Physical security.ppt

8,314

Published on

Physical Security & IT

Published in: Education, Business, Technology
0 Comments
5 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
8,314
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
506
Comments
0
Likes
5
Embeds 0
No embeds

No notes for slide

Transcript of "Physical security.ppt"

  1. 1. PHYSICAL SECURITYAttacker
  2. 2. Physical SecurityNot all attacks on your organizationdata come across the networkMany companies focus on an “iron-clad” networksecurity, but that does not protect them from physicalassault or theft of data.
  3. 3. Physical Security An example of this would be the recent identity theft incident at the Department of Veterans Affairs, which began with the theft of a company laptop.
  4. 4. Physical Security Increased importance Given the trend toward smaller, more lightweight PC components, physical security is growing increasingly important. It’s important to implement a physical access control program in a company and strictly enforce the measures.
  5. 5. Physical Security Attackers : Two Categories  Outside the company  From within the company
  6. 6. Physical Security Impact of an attack These attackers can often cause systems to fail, and they can compromise password-protected computers by using a removable hard drive to gain access. Attackers can directly access networks by adding or rearranging the connections, and they can easily steal physical objects if theyre already on the inside.
  7. 7. Physical Security Preventing Outside attackers Natural barriers: landscape and terrain Fencing: type and construction Walls and ceiling construction: high risk areas Gate facilities: security checkpoints
  8. 8. Physical Security Preventing Outside attackers Frequency of patrols and security checks Door and window locations and security devices used Reception areas: location and control of entry Employee surveillance and vigilance Parking areas: entrance/exit, access to facility
  9. 9. Physical SecurityArmed Guards and Bulldogs are a good way to keep out attackers.
  10. 10. Physical SecurityPreventing attackers from within Ex: Disgruntled or greedy employers or contactors. It’s important to implement a physical access control program in a company and strictly enforce the measures. If an attacker has physical access to a system they can wreak havoc.
  11. 11. Physical SecurityGuidelines for restricting personal access: Create a badge program that includes an employee picture and possibly color-code specific areas of access. Make it a policy to question anyone who doesnt have a visible ID badge. Escort, observe, and supervise guests for their entire visit.
  12. 12. Physical SecurityGuidelines for restricting personal access: Dont allow anyone – including vendors, salespeople, etc. – to connect personal laptops (or any other computing device) to the network. Dont allow anyone to add hardware or software to computers without proper authorization. Watch out for "tailgaters." These people wait for someone with access to enter a controlled area (such as one with a locked door) and then follow the authorized person through the door. Tailgaters enter without using their own key, card key, or lock combination.
  13. 13. Physical SecurityEnforcement
  14. 14. Physical SecurityGuidelines for protecting information and equipment access: Place monitors and printers away from windows and areas where unauthorized persons could easily observe them. Shred or otherwise destroy all sensitive information and media when its no longer necessary. Dont leave documents unattended at fax machines or printers. Require all users to log off or power down workstations at the end of the working day.
  15. 15. Physical SecurityGuidelines for protecting information and equipment access: Lock up portable equipment (e.g., laptops, PDAs, media, memory sticks) out of sight in a safe storage place overnight. Dont allow the removal of computers or storage media from the work area or facility without ensuring that the person removing it has authorization and a valid reason. Provide locks or cables to prevent theft, and lock computer cases.
  16. 16. Physical Security
  17. 17. Physical Security Strong Room
  18. 18. Physical Security Strong Rooms / Server Room This hardware contains highly sensitive information and access privileges that affect a company’s data system. Only a select few administrators should have access to this room.
  19. 19. Physical Security Strong Rooms / Server Room The room should have increased security mechanisms to prevent unauthorized entry. There should be camera/personnel surveillance on the entrance to ensure security.
  20. 20. Physical SecurityEnforcement
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×