PACE-IT, Security+2.7: Physical Security and Enviornmental Controls

Physical security
and environmental
controls.

Instructor, PACE-IT Program – Edmonds Community College
Areas of expertise Industry Certifications
 PC Hardware
 Network Administration
 IT Project Management
 Network Design
 User Training
 IT Troubleshooting
Qualifications Summary
Education
 M.B.A., IT Management, Western Governor’s University
 B.S., IT Security, Western Governor’s University
Entrepreneur, executive leader, and proven manger
with 10+ years of experience turning complex issues
into efficient and effective solutions.
Strengths include developing and mentoring diverse
workforces, improving processes, analyzing
business needs and creating the solutions
required— with a focus on technology.

PACE-IT.
– Control types.
– Physical security.
– Environmental controls.

Physical security and environmental controls.

There are three main types
of controls that can be used
to mitigate security risks.
Administrative (management): written documentation that is
used to help secure systems from risks.
Technical: the security measures used to control access or
reduce risk to any particular resource or asset. They may be
digital in nature (e.g., a firewall) or they may be physical in nature
(e.g., a door lock on a server room).
Operational: procedures that are put in place to help ensure that
day-to-day operations can occur—even after a risk event has
happened (e.g., implementing the recovery procedure after a
hard drive failure).

– Classification of control types.
» The categories of control types can be further broken
down into what they are designed to achieve.
• Deterrent: used to deter an action from being
performed (e.g., the threat of discipline for breaking a
security policy).
• Preventative: used to prevent a security threat from
occurring (e.g., locking server rooms to prevent
unauthorized access).
• Detective: used to detect the occurrence of a risk event
(e.g., a NIDS detecting a firewall breach).
• Compensating: used to compensate for any residual
risk that may remain after another classification of
control has been put in place (e.g., purchasing
insurance to safeguard against loss resulting from a
data loss event due to a network breach).

Physical security measures
can be used for multiple
purposes, including keeping
people safe in the workplace.
The use of proper lighting and signage can direct employees to
emergency exits and/or keep them safe at night in the parking lot.
Fences and barricades can be used to secure sensitive areas,
while guards (used in conjunction with access lists) ensure that
only authorized personnel are present, creating a safer work
environment.
Physical security measures can also be used to restrict access to
sensitive resources through the use of alarms (e.g., motion
sensors or closed-circuit sensors) or video surveillance.

Hardware locks.
Keeping assets where
they belong.
A technical preventative control that
can be used to keep resources
secure. Locks may simple (e.g., use
a key) or they be more complex
(e.g., electronic locks).
Biometrics.
Making people prove
who they are.
An authentication method that is
based on a person’s physical
attributes (e.g., fingerprint or voice
pattern) or on physical actions
(using typing style to authenticate a
user).
Proximity readers.
Tracking movement
within a facility.
Radio frequency ID badges or
tokens can be used to determine the
exact location of personnel within a
facility. As an added benefit, they
can be used to activate electronic
door locks.

Some work environments
require more security than
others. One example is the
wiring distribution point of
IT networks.
Allowing unlimited access to the wiring distribution room is an
extreme example of a security risk. Anybody would have access
to all of the network’s communication and/or equipment, thus
making them the “owner” of the network.
In a highly sensitive, risk intolerant environment, it may be
necessary to implement a mantrap to control access to specific
areas of an organization. A mantrap often involves two locking
doors with a space between them. A person is allowed through
the first door, but not the second, until after additional verification,
trapping the person until authorization is granted.

A network’s health and
safety can be affected by
more than just a network
interface failing or a
possible security breach.
Network and systems administrators also need to be concerned
about environmental factors. Some of those factors include
electrical power, heat, and humidity.
A properly designed HVAC (heating ventilation and air
conditioning) system can aid in protecting critical components
from damage (or loss of functionality). This is especially true
when they are designed with a hot and cold aisle approach (the
equipment’s air intakes are pointed toward AC vents, while the
equipment’s exhaust fans are pointed toward the AC system’s
cold air intake).

– Power monitoring.
» Systems and tools can be used to evaluate the amount of, and
the quality of, the electrical power being delivered to the
system.
• Power monitoring is often deployed with, or alongside, an
uninterruptable power supply (UPS).
– Humidity monitors.
» Humidity monitoring.
• Monitors allow administrators to control humidity levels.
– Fire suppression systems.
» Need to be specifically designed for the resources they protect.
– Electromagnetic interference shielding.
» In some work environments, it may be necessary to use
shielded cabling to protect networks from electromagnetic
interference (EMI).

There are three main types of controls used to mitigate security risks. They
are management controls, technical controls, and operational controls.
These can be broken down into different classifications. These classification
include: deterrent, preventative, detective, and compensating.
Topic
Control types.
Summary
Physical security measures can be used for multiple purposes, including
keeping people safe in the workplace. Some of the physical security
controls that can be put in place include: lighting and signage, fencing and
barricades, guards, alarms, locks, biometrics, and proximity readers.
Additionally, a mantrap can be used for highly secure areas in order to
control access.
Physical security.
A network’s health and safety can be affected by more than just a network’s
interface failing or a possible security breach. A properly designed HVAC
system can aid in protecting critical components. Additional environmental
monitoring should be done on electrical power systems and humidity levels.
Fire suppression systems need to be specifically designed for the resources
they protect. In some environments, shielded cabling may be required to
negate the effects of EMI.
Environmental controls.

This workforce solution was 100 percent funded by a $3 million grant awarded by the
U.S. Department of Labor's Employment and Training Administration. The solution was
created by the grantee and does not necessarily reflect the official position of the U.S.
Department of Labor. The Department of Labor makes no guarantees, warranties, or
assurances of any kind, express or implied, with respect to such information, including
any information on linked sites and including, but not limited to, accuracy of the
information or its completeness, timeliness, usefulness, adequacy, continued availability
or ownership. Funded by the Department of Labor, Employment and Training
Administration, Grant #TC-23745-12-60-A-53.
PACE-IT is an equal opportunity employer/program and auxiliary aids and services are
available upon request to individuals with disabilities. For those that are hearing
impaired, a video phone is available at the Services for Students with Disabilities (SSD)
office in Mountlake Terrace Hall 159. Check www.edcc.edu/ssd for office hours. Call
425.354.3113 on a video phone for more information about the PACE-IT program. For
any additional special accommodations needed, call the SSD office at 425.640.1814.
Edmonds Community College does not discriminate on the basis of race; color; religion;
national origin; sex; disability; sexual orientation; age; citizenship, marital, or veteran
status; or genetic information in its programs and activities.

PACE-IT, Security+2.7: Physical Security and Enviornmental Controls

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (20)

Similar to PACE-IT, Security+2.7: Physical Security and Enviornmental Controls

Similar to PACE-IT, Security+2.7: Physical Security and Enviornmental Controls (20)

More from Pace IT at Edmonds Community College

More from Pace IT at Edmonds Community College (20)

Recently uploaded

Recently uploaded (20)

PACE-IT, Security+2.7: Physical Security and Enviornmental Controls