The Perimeter Protection Issues, Technique and Operation

1,608 views

Published on

The Perimeter Protection Issues, Technique and Operation

Published in: Business, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,608
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
41
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

The Perimeter Protection Issues, Technique and Operation

  1. 1. The Perimeter Protection Issues, Technique and Operation Assoc Prof Dr Zuraini Ismail / Hafiza Abas
  2. 2. Information Protection Requirements o Classified information systems and the classified material on them must be physically located in a security area appropriate to the classification and sensitivity of the data. o Users have an important role in ensuring that the system and associated classified information are protected to the required levels.
  3. 3. Information Protection Requirements • The classified information system and associated classified information must be physically located in a security area appropriate to the classification and sensitivity of the data. • Classified information system equipment has varying separation distance requirements depending on the work performed (including computers, cables, telephones, radios, etc.). • Users must check with their respective ISSO ( Info Sys Sec Officer) for the appropriate physical distance protection requirements before beginning classified work. • Connections between classified systems and unclassified systems or networks are prohibited (dilarang).
  4. 4. Information Protection Requirements • Removable classified electronic media may not be present in a work area containing unclassified systems that can read or write to similar media. • Computer equipment may not be connected, disconnected, or moved unless authorized by the ISSO. • Monitors, printers, and other devices that display or output classified information must be positioned to deter unauthorized individuals from reading the information without the knowledge of the user. • During classified processing it is required that the classification level and category of the system accreditation be displayed on the monitor using a placard or sticker.
  5. 5. Information Protection Requirements o o The Physical (Environmental) Security domain addresses the threats (ancaman), vulnerabilities (kelemahan), and countermeasures (langkah-langkah) that can be utilized to physically protect an enterprise’s resources and sensitive information. These resources include people, the facility in which they work, and the data, equipment, support systems, media, and supplies they utilize.
  6. 6. Information Protection Environment • Primary consideration in physical security is that nothing should impede (dihalang) “life safety goals.” o Eg.: Do not lock the only fire exit door from the outside. • Safety: Deals with the protection of life and assets against fire, natural disasters, and devastating accidents. • Security: Addresses vandalism, theft (kecurian), and attacks (serangan) by individuals.
  7. 7. Physical Security Planning • Physical security, like general information security, should be based on a layered defense model. • Layers are implemented at the perimeter and moving towards an asset. • Layers include: Deterrence, Delaying, Detection, Assessment, Response
  8. 8. http://www.softwaresecuritysolutions.com/layered-security.html
  9. 9. http://technet.microsoft.com/en-us/library/cc875841.aspx
  10. 10. http://www.secureworks.com/cyber-threat-intelligence/advanced-persistent-threats/assessment/
  11. 11. http://technet.microsoft.com/en-us/library/cc767969.aspx
  12. 12. http://www.ricoh.com/products/security/
  13. 13. Physical Security Planning • A physical security program must address: o o o o o Crime and disruption protection through deterrence (fences, security guards, warning signs, etc.). Reduction of damages through the use of delaying mechanisms (e.g., locks, security personnel, etc.). Crime or disruption (gangguan) detection (e.g., smoke detectors, motion detectors, CCTV, etc.). Incident assessment through response to incidents and determination of damage levels. Response procedures (fire suppression mechanisms, emergency response processes, etc.).
  14. 14. Physical Security Planning • Before an effective physical security plan is rolled out: o Identify the team o Carry out risk analysis to determine the threats, vulnerabilities and calculate business impact on each threats. o Work with the management to identify acceptable risk level for the physical security program
  15. 15. Physical Security Planning • Crime Prevention Through Environmental Design (CPTED) o o o Is a discipline that outlines how the proper design of a physical environment can reduce crime by directly affecting human behavior. Crime deterrence (pencegahan) through environmental design. Concepts developed in 1960’s. As of 2004, elements of the CPTED approach have gained wide international acceptance due to law enforcement attempts to embrace it.
  16. 16. Physical Security Planning • CPTED has three main strategies: o Natural Access Control o Natural Surveillance o Territorial Reinforcement
  17. 17. http://www.cityoftaylor.com/node/29575
  18. 18. http://targetcrime.ca/2009/02/22/solutions-for-safe-communities/
  19. 19. Physical Security Planning • Natural Access Control o limits the opportunity for crime by taking steps to clearly differentiate between public space and private space. o By selectively placing entrances and exits, fencing, lighting and landscape to limit access or control flow, natural access control occurs. http://wsblockwatchnet.wordpress.com/2011/05/25/crime-prevention-through-environmental-designcpted-slides-from-our-may-24th-meeting/
  20. 20. Physical Security Planning • Natural Surveillance o o (pengawasan secara semula jadi) Increases the threat of apprehension by taking steps to increase the perception that people can be seen Natural surveillance occurs by designing the placement of physical features, activities and people in such a way as to maximize visibility and foster positive social interaction among legitimate users of private and public space.
  21. 21. http://www.lancastercsc.org/CPTED/Natural_Surveillance.html The diagram shows good lines of sight on a neighborhood street. People and vehicles can clearly be seen from many different angles.
  22. 22. The following examples show how landscaping can affect lines of sight around a home. This first picture shows how the plants don't allow people to see the street or other people in the area easily. This creates place for people to hid or commit crimes that won't be easily caught.
  23. 23. This picture shows how appropriate plants and lighting can allow everyone to see what is happening on and near the street around a home. This reduces the incentive for a someone to commit a crime in the area.
  24. 24. Physical Security Planning • Territorial Reinforcement o o Promotes social control through increased definition of space and improved proprietary concern. Creates physical designs that highlight the company’s area of influence to give legitimate owners a sense of ownership. (sah) o Accomplished through the use of walls, lighting, landscaping, etc.
  25. 25. Physical Security Planning • CPTED is not the same as Target Hardening • Target hardening focuses on denying access through physical and artificial barriers (can lead to restrictions on use, enjoyment, and aesthetics of the environment). • Target hardening refers to strengthening the security of your building so that it is difficult for criminals to attack. • The goal is to increase the time and effort needed to compromise your facility to the point where a criminal will move on to a softer target. • One way to begin a target hardening program is to consider Existence, Capability, and History.
  26. 26. Please Read: http ://www.emeraldinsight.com/journals.htm?articleid
  27. 27. Physical Security Planning • Existence Who may want to do you harm? • Capability What means have been used to carry out attacks against businesses like yours in the past? • History. Study the history of attacks against businesses like yours. What have attackers accomplished in the past?
  28. 28. Physical Security Planning • Issues with selecting a facility site: o Visibility (terrain, neighbors, population of area, building markings) o Surrounding area and external factors (crime rate, riots, terrorism, first responder locations) o Accessibility (road access, traffic, proximity to transportation services) o Natural Disasters (floods, tornados, earthquakes)
  29. 29. Physical Security Planning • Other facility considerations: o Physical construction materials and structure composition  Be familiar with: load, light frame construction material, heavy timber construction material, incombustible material, dire resistant material (know the fire ratings and construction properties).
  30. 30. Physical Security Planning Mantrap: A small room with two doors. The first door is locked; a person is identified and authenticated. Once the person is authenticated and access is authorized, the first door opens and allows the person into the mantrap. The person has to be authenticated again in order to open the second door and access a critical area. The mantrap area could have a weight sensing floor as an additional control to prevent literal piggybacking. “
  31. 31. Physical Security Planning Automatic door lock configuration: •“Fail safe:” If a power disruption occurs, the door defaults to being unlocked. •“Fail secure:” If a power disruption occurs, the door defaults to being locked.
  32. 32. Physical Security Planning • Windows can also be used to promote physical security. • Know the different types of glass: o Standard o Tempered o Acrylic o Wired o Laminated o Solar Window Film o Security Film
  33. 33. Insulated Glass
  34. 34. Physical Security Planning • Consider use of internal partitions carefully: o o True floor to true ceiling to counter security issues Should never be used in areas that house sensitive systems and devices
  35. 35. Power Supply Power issues: o o o A continuous supply of electricity assures the availability of company resources and business continuity. Data centers should be on a different power supply from the rest of the building Redundant power supplies: two or more feeds coming from two or more electrical substations
  36. 36. Ensuring Power Supply o UPS Systems  Maintain continuous supply of power  Use voltage stabilizer  Online UPS systems  Standby UPS System o Maintain proper operating temperature  High temp can affect the power supply to cause damage to devices  Proper cooling systems  PC and exhaust fans are working properly & unobstructed
  37. 37. Types of Voltage Fluctuations Power Excess (quick burst of voltage)   Spike (momentary high voltage)) Surge (prolonged high voltage) Power Failure   Fault (momentary power outrage) Blackout (prolonged power lost, drops to zero) Power Degradation (under voltage)    Sag/dip (short term power shortage) Brownout (under voltage) Inrush Current (initial surge to startup a load)
  38. 38. Common power supply problems o Line Noise  o Frequency  o Variation of power waveform Switching Transient  o Distortion superimposed on power waveform Under-voltage or over-voltage up to a few nanoseconds Harmonic Distortion  Multiples of power freq superimposed on power waveform.
  39. 39. Internal Support System Environmental Issues (in Brief) o Positive Drains: Contents flow out instead of in. o Static Electricity due to low humidity, hygrometer used o Ventilation :  Closed loop == do not bring outside air in.  Positive pressurization *
  40. 40. Internal Support System Environmental Issues: Static Electricity o To prevent:      Use antistatic flooring in data processing areas Ensure proper humidity Proper grounding No carpeting in data centers Antistatic bands
  41. 41. Internal Support System Environmental Issues: Temperature Computing components can be affected by temperature:    Magnetic Storage devices: 100 0F. Computer systems and peripherals: 175 0F. Paper products: 350 0F.
  42. 42. Kinds of Ventilation Natural Ventilation  Uncontrolled movement of air thro cracks, small holes & vents. Whole-house ventilation  Controlled & uniform air movement. Spot ventilation  Controlled air movement that improve the effectiveness of natural & whole-house ventilation by removing indoor pollutants and/or moisture at their very source.
  43. 43. Internal Support System • Fire Prevention: Includes training employees on how to react, supplying the right equipment, enabling fire suppression supply, proper storage of combustible elements. • Fire Detection: Includes alarms, manual detection pull boxes, automatic detection response systems with sensors, etc. • Fire Suppression: Is the use of a suppression agent to put out a fire.
  44. 44. Internal Support System American Society for Testing and Materials (ASTM) is the organization that creates the standards that dictate how fire resistant ratings tests should be carried out and how to properly interpret results. results
  45. 45. Internal Support System o Fire needs oxygen and fuel to continue to grow. o Ignition sources can include the failure of an electrical device, improper storage of materials, malfunctioning heating devices, arson, etc. o Special note on “plenum areas:” The space above drop down ceilings, wall cavities, and under raised floors. Plenum areas should have fire detectors and should only use plenum area rated cabling.
  46. 46. Internal Support System Types of Fire: A: Common Combustibles • Elements: Wood products, paper, laminates • Suppression: Water, foam B: Liquid • Elements: Petroleum products and coolants • Suppression: Gas, CO2, foam, dry powders C: Electrical • Elements: Electrical equipment and wires • Suppression: Gas, CO2, dry powders D: Combustible Metals • Elements: magnesium, sodium, potassium • Suppression: Dry powder K: Commercial Kitchens • Elements: Cooking oil fires • Suppression: Wet chemicals such as potassium acetate.
  47. 47. Internal Support System Types of Fire Detectors o o Smoke Activated Heat Activated Know the types and properties of each general category.
  48. 48. Internal Support System • Types of suppression agents:       Water Halon and halon substitutes Foams Dry Powders CO2 Soda Acid   Know suppression agent properties and the types of fires that each suppression agent combats. Know the types of fire extinguishers (A,B,C, D) that combat different types of fires.
  49. 49. Internal Support System
  50. 50. Internal Support System Types of Sprinklers     Wet Pipe Systems (aka Closed Head System) Dry Pipe Systems Pre action Systems Deluge Systems
  51. 51. Perimeter Security – Tools and Techniques • The first line of defense is perimeter control at the site location, to prevent unauthorized access to the facility. • Perimeter security has two modes:   Normal facility operation Facility closed operation
  52. 52. Perimeter Security – Tools and Techniques Proximity protection components put in place to provide the following services:     Control of pedestrian and vehicle traffic Various levels of protection for different security zones Buffers and delaying mechanisms to protect against forced entry Limit and control entry points
  53. 53. Perimeter Security – Tools and Techniques Protection services can be provided by       Access Control Mechanisms Physical Barriers Intrusion Detection Assessment Response Deterrents
  54. 54. Perimeter Security – Tools and Techniques Perimeter Intrusion Detection and Assessment System (PIDAS):   A type of fencing that has sensors on the wire mesh and base of the fence. A passive cable vibration sensor sets off an alarm if an intrusion is detected.
  55. 55. Perimeter Security – Tools and Techniques Gates have 4 distinct types:     Class I: Residential usage Class II: Commercial usage, where general public access is expected (eg., public parking lot, gated community, self storage facility) Class III: Industrial usage, where limited access is expected (eg., warehouse property entrance not intended to serve public) Class IV: Restricted access (eg., a prison entrance that is monitored either in person or via CCTV)
  56. 56. Perimeter Security – Tools and Techniques • Locks are inexpensive access control mechanisms that are widely accepted and used. • Locks are considered delaying devices. • Know your locks.
  57. 57. Perimeter Security – Tools and Techniques
  58. 58. Perimeter Security – Tools and Techniques Types of Locks o Mechanical Locks  o o Combination Locks Cipher Locks (aka programmable locks)  o Warded & Tumbler Smart locks Device Locks  Cable locks, switch controls, slot locks, port controls, peripheral switch controls, cable traps
  59. 59. Perimeter Security – Tools and Techniques Lock Strengths: o o o Grade 1 (commercial and industrial use) Grade 2 (heavy duty residential/light duty commercial) Grade 3 (residential and consumer expendable) •Cylinder Categories o o o Low Security (no pick or drill resistance) Medium Security (some pick resistance) High Security (pick resistance through many different mechanisms—used only in Grade 1 & 2 locks)
  60. 60. Perimeter Security – Tools and Techniques Lighting o o o Know lighting terms and types of lighting to use in different situations (inside v. outside, security posts, access doors, zones of illumination). It is important to have the correct lighting when using various types of surveillance equipment. Lighting controls and switches should be in protected, locked, and centralized areas.
  61. 61. Perimeter Security – Tools and Techniques • Continuous lighting: An array of lights that provide an even amount of illumination across an area. • Controlled lighting: An organization should erect lights and use illumination in such a way that does not blind its neighbors or any passing cars, trains, or planes. • Standby Lighting: Lighting that can be configured to turn on and off at different times so that potential intruders think that different areas of the facility are populated. • Redundant or backup lighting: Should be available in case of power failures or emergencies. • Response Area Illumination: Takes place when an IDS detects suspicious activities and turns on the lights within the specified area.
  62. 62. Perimeter Security – Tools and Techniques Surveillance Devices o o These devices usually work in conjunction with guards or other monitoring mechanisms to extend their capacity. Know the factors in choosing CCTV, focal length, lens types (fixed v. zoom), iris, depth of field, illumination requirements
  63. 63. Perimeter Security – Tools and Techniques • Focal length: The focal length of a lens defines its effectiveness in viewing objects from a horizontal and vertical view. • The sizes of images that will be shown on a monitor along with the area that can be covered by one camera are defined by focal length. o Short focal length = wider angle views o Long focal length = narrower views
  64. 64. Perimeter Security – Tools and Techniques • Depth of field: Refers to the portion of the environment that is in focus. • Shallow depth of focus: Provides a softer backdrop and leads viewers to the foreground object. • Greater depth of focus: Not much distinction between objects in the foreground and background.
  65. 65. Perimeter Security – Tools and Techniques • Intrusion Detection Systems (IDS) are used to detect unauthorized entries and to alert a responsible entity to respond. • Know the different types of IDS systems (electro-mechanical v. volumetric) and changes that can be detected by an IDS system.
  66. 66. Perimeter Security – Tools and Techniques • Patrol Force and Guards Use in areas where critical reasoning skills are required • Auditing Physical Access Need to log and review such as Date & time of access attempt Entry point User ID Unsuccessful access attempts
  67. 67. Perimeter Security – Tools and Techniques Final Concept to Guide in Assessing Physical Security Issues: o Deterrence o Delay o Detection o Assessment o Response

×