Your SlideShare is downloading. ×
Physical security.ppt
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Physical security.ppt

7,450
views

Published on

Physical Security & IT

Physical Security & IT

Published in: Education, Business, Technology

0 Comments
5 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
7,450
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
454
Comments
0
Likes
5
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. PHYSICAL SECURITYAttacker
  • 2. Physical SecurityNot all attacks on your organizationdata come across the networkMany companies focus on an “iron-clad” networksecurity, but that does not protect them from physicalassault or theft of data.
  • 3. Physical Security An example of this would be the recent identity theft incident at the Department of Veterans Affairs, which began with the theft of a company laptop.
  • 4. Physical Security Increased importance Given the trend toward smaller, more lightweight PC components, physical security is growing increasingly important. It’s important to implement a physical access control program in a company and strictly enforce the measures.
  • 5. Physical Security Attackers : Two Categories  Outside the company  From within the company
  • 6. Physical Security Impact of an attack These attackers can often cause systems to fail, and they can compromise password-protected computers by using a removable hard drive to gain access. Attackers can directly access networks by adding or rearranging the connections, and they can easily steal physical objects if theyre already on the inside.
  • 7. Physical Security Preventing Outside attackers Natural barriers: landscape and terrain Fencing: type and construction Walls and ceiling construction: high risk areas Gate facilities: security checkpoints
  • 8. Physical Security Preventing Outside attackers Frequency of patrols and security checks Door and window locations and security devices used Reception areas: location and control of entry Employee surveillance and vigilance Parking areas: entrance/exit, access to facility
  • 9. Physical SecurityArmed Guards and Bulldogs are a good way to keep out attackers.
  • 10. Physical SecurityPreventing attackers from within Ex: Disgruntled or greedy employers or contactors. It’s important to implement a physical access control program in a company and strictly enforce the measures. If an attacker has physical access to a system they can wreak havoc.
  • 11. Physical SecurityGuidelines for restricting personal access: Create a badge program that includes an employee picture and possibly color-code specific areas of access. Make it a policy to question anyone who doesnt have a visible ID badge. Escort, observe, and supervise guests for their entire visit.
  • 12. Physical SecurityGuidelines for restricting personal access: Dont allow anyone – including vendors, salespeople, etc. – to connect personal laptops (or any other computing device) to the network. Dont allow anyone to add hardware or software to computers without proper authorization. Watch out for "tailgaters." These people wait for someone with access to enter a controlled area (such as one with a locked door) and then follow the authorized person through the door. Tailgaters enter without using their own key, card key, or lock combination.
  • 13. Physical SecurityEnforcement
  • 14. Physical SecurityGuidelines for protecting information and equipment access: Place monitors and printers away from windows and areas where unauthorized persons could easily observe them. Shred or otherwise destroy all sensitive information and media when its no longer necessary. Dont leave documents unattended at fax machines or printers. Require all users to log off or power down workstations at the end of the working day.
  • 15. Physical SecurityGuidelines for protecting information and equipment access: Lock up portable equipment (e.g., laptops, PDAs, media, memory sticks) out of sight in a safe storage place overnight. Dont allow the removal of computers or storage media from the work area or facility without ensuring that the person removing it has authorization and a valid reason. Provide locks or cables to prevent theft, and lock computer cases.
  • 16. Physical Security
  • 17. Physical Security Strong Room
  • 18. Physical Security Strong Rooms / Server Room This hardware contains highly sensitive information and access privileges that affect a company’s data system. Only a select few administrators should have access to this room.
  • 19. Physical Security Strong Rooms / Server Room The room should have increased security mechanisms to prevent unauthorized entry. There should be camera/personnel surveillance on the entrance to ensure security.
  • 20. Physical SecurityEnforcement

×