Uploaded byCanlasJohnMichael
PDF, PPTX1,163 views

physical-security (1).pdf

This document discusses physical security. It begins by defining physical security as protecting people, property, and assets from threats that could cause damage or loss. It then identifies some of the most common threats like theft, vandalism, natural disasters, and terrorism. The document explains that human error is a leading cause of security breaches through actions like sharing credentials or accidental data sharing. Physical security components are then outlined, including access control and surveillance. Specific security controls are provided like fences, alarms, and AI analytics. The document concludes by discussing how physical and digital security are becoming more intertwined through devices like internet-connected surveillance systems and how to develop comprehensive physical security policies.

Embed presentation

Download as PDF, PPTX
PHYSICAL SECURITY Prepared by: Canlas, John Michael Garcia,AshleyVeynard BSIT-3B
Physical security is the protection of people, property, and physical assets from actions and events that could cause damage or loss.
WHY PHYSICAL SECURITY IS IMPORTANT Physical security is about keeping your facilities, people and assets safe from real-world threats. It includes physical deterrence, detection of intruders, and responding to those threats.
MOST COMMON THREATS TO PHYSICAL SECURITY • Theft and burglary • Vandalism • Natural disasters • Terrorism or sabotage • Violence in the workplace
HUMAN ERROR IS ACTUALLY ONE OF THE LEADING CAUSE OF SECURITY BREACHES • Employees sharing their credentials with others • Accidental release or sharing of confidential data and information • Tailgating incidents with unauthorized individuals • Easily hacked authentication processes • Slow and limited response to security incidents
PHYSICAL SECURITY LARGELY COMES DOWN TO A COUPLE OF CORE COMPONENTS: ACCESS CONTROL AND SURVEILLANCE.
COMPONENTS OF PHYSICAL SECURITY CONTROLS 1. DETERRENCE – THESE ARE THE PHYSICAL SECURITY MEASURES THAT KEEP PEOPLE OUT OR AWAY FROM THE SPACE. 2. DETECTION - THE COMPONENTS OF YOUR PHYSICAL SECURITY SYSTEM HELP IDENTIFY A POTENTIAL SECURITY EVENT OR INTRUDER. 3. DELAY – THERE ARE CERTAIN SECURITY SYSTEMS THAT ARE DESIGNED TO SLOW INTRUDERS DOWN AS THEY ATTEMPT TO ENTER A FACILITY OR BUILDING. 4. RESPONSE – THE COMPONENTS THAT ARE IN PLACE ONCE A BREACH OR INTRUSION OCCURS.
ACCESS CONTROL • Access Control Encompasses a large area that includes basic barriers to more sophisticated things such as keypad, ID card or biometrically-restricted doors. • The first line of defense is the building itself
SURVEILLANCE • Surveillance includes everything from guards on patrol, burglar alarms and CCTV to sound and movement sensors and keeping a log of who went where. • At more high-risk locations, companies can deploy far more sophisticated detectors such as proximity, infrared, image, optical, temperature, smoke and pressure sensors to maintain a holistic view of their facilities
EXAMPLES OF PHYSICAL SECURITY CONTROLS WARNING SIGNS FENCES RESTRICTED ACCESS POINTS CCTV CAMERAS MOTION SENSORS INTRUDER ALARMS AI ANALYTICS COMPUTER ROOMS AND WIRING CLOSETS
MOST COMMON THREAT TO PHYSICAL SECURITY THEFT OR BURGLARY VANDALISM NATURAL DISASTERS TERRORISM OR SABOTAGE VIOLENCE INTHE WORKPLACE
IOT AND AI BRING PHYSICAL SECURITY INTO THE DIGITAL WORLD
IOT AND AI BRING PHYSICAL SECURITY INTO THE DIGITAL WORLD • WHERE TYPICALLY PHYSICAL SECURITY AND DIGITAL SECURITY USED TO BE ENTIRELY SEPARATE REALMS, THEY ARE SLOWLY BECOMING MORE AND MORE INTERTWINED. SURVEILLANCE SYSTEMS ARE INCREASINGLY CONNECTED TO THE INTERNET, ACCESS CONTROL SYSTEMS AND MONITORING SYSTEMS ARE KEEPING DIGITAL LOGS, WHILE USE CASES FOR AI IN PHYSICAL SECURITY ARE BECOME MORE POPULAR. • FOR EXAMPLE, CCTV-BASED IMAGE RECOGNITION CAN ALERT YOU TO THE ARRIVAL OF PEOPLE OR VEHICLES.
PHYSICAL SECURITY POLICIES • CREATES GUIDELINES AND RULES FOR PERSONNEL AND EQUIPMENT THAT ENSURE THAT YOUR BUSINESS'S INFORMATION, RESOURCES, AND FACILITIES ARE PROTECTED FROM DANGER, DAMAGE, OR REMOVAL.
TAKE A RISK BASED-APPROACH AND DO YOUR RESEARCH • MAP YOUR RISK PROFILE AND PUT IN APPROPRIATE CONTROLS. DON’T EMPLOY A TEAM OF ARMED GUARDS WHERE A SIMPLE CARD LOCK WITH CCTV WILL DO. “A SUPPLIER NEEDS TO PROTECT THEMSELVES IN ORDER TO PROTECT THEIR CUSTOMERS SO SUPPLY CHAIN DUE DILIGENCE IN A MUST” SAYS KENNY. “WHO ARE WE WORKING WITH, WHAT SORT OF INTERNAL PROCESSES AND POLICIES DO THEY FOLLOW, WHAT FRAMEWORKS DO THEY FOLLOW AROUND HARDENING SYSTEMS?" MAKE SURE THAT THE PEOPLE YOU'RE BUYING TECHNOLOGIES FROM UNDERSTAND THE RISKS AND HAVE THINGS IN PLACE LIKE VULNERABILITY MANAGEMENT PROGRAMS, SECURITY ADVISORY NOTIFICATIONS IF SOMETHING DOES GO WRONG.
MAKE SURE ACCESS CONTROLS ARE TIED TO PEOPLE AND CUSTOMIZE ACCESS • EACH ID CARD OR KEYCODE SHOULD HAVE A UNIQUE PERSON TIED TO IT. BLANKET ACCESS CARDS OR CODES MAKE DATA LEAKS MORE LIKELY AND HARDER TO TRACK. IF YOUR FACILITY HAS STRICT SCHEDULES, ENSURE ACCESS IS TIED TO TIMES--FOR EXAMPLE, NO OVERNIGHT ACCESS FOR CATERERS.
HAVE AUDIT TRAILS AND KEEP INVENTORY • KEEP LOGS OF NOT ONLY WHO ACCESSED WHAT, BUT ALSO OF ATTEMPTS. REPEATED FAILED ATTEMPTS TO ACCESS MIGHT SIGNAL BAD ACTORS. KNOW WHO IS IN PROCESSION OF ALL CARDS, KEYS AND OTHER ACCESS ITEMS. REVOKE ACCESS IF A CARD IS LOST OR WHEN EMPLOYEE CIRCUMSTANCES CHANGE. CLAIM BACK KEYS AS SOON AS POSSIBLE IF SOMEONE LEAVES.
EDUCATE STAFF TO FOLLOW PROTOCOL FOR DEALING WITH GUESTS • PEOPLE ARE USUALLY FRIENDLY AND WANT TO HELP. TEACHING EMPLOYEES – INCLUDING GUARDS -- TO KEEP A HEALTHY SKEPTICISM, FOLLOW PROPER PROCEDURE, AND NOT GIVE OUT TOO MUCH INFORMATION CAN REDUCE THE CHANCE OF YOUR OWN WORKERS BEING USED AGAINST YOU.
TEST YOUR CAPABILITIES AND PROCESSES • RUN SIMULATIONS; TRY TO GAIN ACCESS TO YOUR OWN FACILITIES. IN THE SAME WAY COMPANIES WILL OFTEN SEND OUT FAKE PHISHING EMAILS AS TEST OF WORKERS' ATTENTION TO DETAIL, SEE IF YOUR WORKERS GIVE OUT INFORMATION OVER THE PHONE OR LET UNVERIFIED GUESTS IN.
TOP CONSIDERATIONS FOR PHYSICAL SECURITY PLANNING 1. IDENTIFY THE SCOPE OF YOUR PHYSICAL SECURITY PLANS. THIS SHOULD INCLUDE THE TYPES OF EMPLOYEES THE POLICIES APPLY TO, AND HOW RECORDS WILL BE COLLECTED AND DOCUMENTED. 2. DETERMINE WHO IS RESPONSIBLE FOR IMPLEMENTING YOUR PHYSICAL SECURITY PLANS, AS WELL AS THE KEY DECISION -MAKERS FOR MAKING ADJUSTMENTS OR CHANGES TO THE PLAN. 3. INCLUDE THE DIFFERENT PHYSICAL SECURITY TECHNOLOGY COMPONENTS YOUR POLICY WILL COVER. 4. STATE THE TYPES OF PHYSICAL SECURITY CONTROLS YOUR POLICY WILL EMPLOY. INCLUDE ANY PHYSICAL ACCESS CONTROL SYSTEMS , PERMISSION LEVELS, AND TYPES OF CREDENTIALS YOU PLAN ON USING. 5. LIST OUT KEY ACCESS POINTS, AND HOW YOU PLAN TO KEEP THEM SECURE.
TOP CONSIDERATIONS FOR PHYSICAL SECURITY PLANNING 6 . D E F I N E YO U R M O N I TO R I N G A N D D E T E C T I O N S YS T E M S . W H AT T Y P E S O F V I D E O S U RV E I L L A N C E , S E N S O R S , A N D A L A R M S W I L L YO U R P H YS I C A L S E C U R I T Y P O L I C I E S I N C L U D E ? I D E N T I F Y W H O W I L L B E R E S P O N S I B L E F O R M O N I TO R I N G T H E S YS T E M S , A N D W H I C H P RO C E S S E S W I L L B E AU TO M AT E D. 7 . O U T L I N E A L L I N C I D E N T R E S P O N S E P O L I C I E S . YO U R P H YS I C A L S E C U R I T Y P L A N N I N G N E E D S TO A D D R E S S H OW YO U R T E A M S W I L L R E S P O N D TO D I F F E R E N T T H R E AT S A N D E M E R G E N C I E S . 8 . S C O P E O U T H OW TO H A N D L E V I S I TO R S , V E N D O R S , A N D C O N T R AC TO R S T O E N S U R E YO U R P H YS I C A L S E C U R I T Y P O L I C I E S A R E N OT V I O L AT E D. 9 . C R E AT E A C Y B E R S E C U R I T Y P O L I C Y F O R H A N D L I N G P H YS I C A L S E C U R I T Y T E C H N O L O G Y DATA A N D R E C O R D S . I N C L U D E YO U R P O L I C I E S F O R E N C RY P T I O N , V U L N E R A B I L I T Y T E S T I N G , H A R DWA R E S E C U R I T Y, A N D E M P L OY E E T R A I N I N G . 1 0 . A D D R E S S H OW P H YS I C A L S E C U R I T Y P O L I C I E S A R E C O M M U N I C AT E D T O T H E T E A M , A N D W H O R E Q U I R E S AC C E S S TO T H E P L A N .
THANK YOU FOR LISTENING!

More Related Content

PPTX
Physical Security.pptx
byGeraldHernandez17
 
PPTX
Physical Security Assessment
byFaheem Ul Hasan
 
PPSX
6 Physical Security
byAlfred Ouyang
 
PPT
Physical Security
byKriscila Yumul
 
PPT
Personal Security In High Risk Areas
byFrancisco Mateo, CPP, CFE
 
PPT
Module 10 Physical Security
byleminhvuong
 
PPTX
Physical security
byTariq Mahmood
 
PPTX
Security Awareness training for employee
bymarkperdon1
 
Physical Security.pptx
byGeraldHernandez17
 
Physical Security Assessment
byFaheem Ul Hasan
 
6 Physical Security
byAlfred Ouyang
 
Physical Security
byKriscila Yumul
 
Personal Security In High Risk Areas
byFrancisco Mateo, CPP, CFE
 
Module 10 Physical Security
byleminhvuong
 
Physical security
byTariq Mahmood
 
Security Awareness training for employee
bymarkperdon1
 

What's hot

PDF
04 Evidence Collection and Data Seizure - Notes
byKranthi
 
PDF
Computer Forensic
byNovizul Evendi
 
PPTX
The need for security
bySaman Sara
 
PPTX
Cyber Forensics Overview
byYansi Keim
 
PPTX
Hacking and Types of Hacker.
byCoder Tech
 
PPTX
Physical access control
byAhsin Yousaf
 
PDF
Physical Security Presentation
byWajahat Rajab
 
PPTX
Intro to cyber forensics
byChaitanya Dhareshwar
 
PPTX
Cyber Security ( Action Against Cyber Crime )
byTechnoHacks_Infosystem
 
PDF
Threat Intelligence
byDeepak Kumar (D3)
 
PPTX
PPT-Security-for-Management.pptx
byRSAArcher
 
PPTX
Cybersecurity Awareness for employees.pptx
byAbdullaFatiya3
 
PPTX
Mobile Forensics
byabdullah roomi
 
PPTX
Basic Security Training for End Users
byCommunity IT Innovators
 
PPTX
XG Firewall
byDeServ - Tecnologia e Servços
 
PPT
Cyber crime
byMuhammad Osama Khalid
 
PPTX
SIEM presentation final
byRizwan S
 
PDF
Digital Evidence in Computer Forensic Investigations
byFilip Maertens
 
PDF
Physical Security Management System
byDaniel Suchy, CPP, MSyI
 
PPTX
Bank security
byPLN9 Security Services Pvt. Ltd.
 
04 Evidence Collection and Data Seizure - Notes
byKranthi
 
Computer Forensic
byNovizul Evendi
 
The need for security
bySaman Sara
 
Cyber Forensics Overview
byYansi Keim
 
Hacking and Types of Hacker.
byCoder Tech
 
Physical access control
byAhsin Yousaf
 
Physical Security Presentation
byWajahat Rajab
 
Intro to cyber forensics
byChaitanya Dhareshwar
 
Cyber Security ( Action Against Cyber Crime )
byTechnoHacks_Infosystem
 
Threat Intelligence
byDeepak Kumar (D3)
 
PPT-Security-for-Management.pptx
byRSAArcher
 
Cybersecurity Awareness for employees.pptx
byAbdullaFatiya3
 
Mobile Forensics
byabdullah roomi
 
Basic Security Training for End Users
byCommunity IT Innovators
 
XG Firewall
byDeServ - Tecnologia e Servços
 
Cyber crime
byMuhammad Osama Khalid
 
SIEM presentation final
byRizwan S
 
Digital Evidence in Computer Forensic Investigations
byFilip Maertens
 
Physical Security Management System
byDaniel Suchy, CPP, MSyI
 
Bank security
byPLN9 Security Services Pvt. Ltd.
 

Similar to physical-security (1).pdf

PDF
The Importance of Physical Security Safeguarding Your Assets.pdf
byMax Secure Ltd
 
PPS
Physical security.ppt
byFaheem Ul Hasan
 
PPTX
PSM NOTES.pptx FOR BEGINNERS WANTING TO UNDERSTAND PHYSICAL SECURITY
byMajor K. Subramaniam Kmaravehlu
 
PPTX
IMPORTANCE AND CORE PRINCIPLE OF PHYSICAL SECURITY.pptx
byEmilyJarioDelaCruz
 
PPTX
Info securitty and physical issues .pptx
bysufyanriazahmad912
 
PPTX
Physical Security
bykavitha muneeshwaran
 
PDF
Physical security is a fundamental component of any secure infrastru.pdf
byfeelinggift
 
PPT
ch16computer sceurity chapter four and Managing Communication and Network Sec...
byhaymanottaddess2015m
 
PDF
WP82 Physical Security in Mission Critical Facilities
bySE_NAM_Training
 
PPTX
Physical Security - Why Your Business Needs It
byTerra Verde
 
PPT
physical security importance-22040 1201 431.ppt
byRohitGhulanavar2
 
PPT
Physical Security.ppt
byssuserb680dd
 
PPT
Physical Security.ppt
byBiggBoss4Unseen
 
PPT
Physical Security.ppt
bymaritesalcantara5
 
PPTX
Network Security: Physical security
bylalithambiga kamaraj
 
PDF
physical security abdullah hassan al alyani
byAeliani92
 
PPT
The Perimeter Protection Issues, Technique and Operation
byHafiza Abas
 
PPTX
Introduction to Security
byNateBrown60
 
PPTX
Advanced Operating System Principles.pptx
byyuvapapa26
 
PDF
CISA-Exam-Prep-Domain-5-2019.pdf. CISA exam
bygregtap1
 
The Importance of Physical Security Safeguarding Your Assets.pdf
byMax Secure Ltd
 
Physical security.ppt
byFaheem Ul Hasan
 
PSM NOTES.pptx FOR BEGINNERS WANTING TO UNDERSTAND PHYSICAL SECURITY
byMajor K. Subramaniam Kmaravehlu
 
IMPORTANCE AND CORE PRINCIPLE OF PHYSICAL SECURITY.pptx
byEmilyJarioDelaCruz
 
Info securitty and physical issues .pptx
bysufyanriazahmad912
 
Physical Security
bykavitha muneeshwaran
 
Physical security is a fundamental component of any secure infrastru.pdf
byfeelinggift
 
ch16computer sceurity chapter four and Managing Communication and Network Sec...
byhaymanottaddess2015m
 
WP82 Physical Security in Mission Critical Facilities
bySE_NAM_Training
 
Physical Security - Why Your Business Needs It
byTerra Verde
 
physical security importance-22040 1201 431.ppt
byRohitGhulanavar2
 
Physical Security.ppt
byssuserb680dd
 
Physical Security.ppt
byBiggBoss4Unseen
 
Physical Security.ppt
bymaritesalcantara5
 
Network Security: Physical security
bylalithambiga kamaraj
 
physical security abdullah hassan al alyani
byAeliani92
 
The Perimeter Protection Issues, Technique and Operation
byHafiza Abas
 
Introduction to Security
byNateBrown60
 
Advanced Operating System Principles.pptx
byyuvapapa26
 
CISA-Exam-Prep-Domain-5-2019.pdf. CISA exam
bygregtap1
 

Recently uploaded

PDF
CISA-certification-252955007.pdf CISA-certification-252955007.pdf
byFernando Sanchez Risco
 
PPTX
nursing care delivery model16_Scenarios_Tutorials.pptx
bysofiamansoor4
 
PDF
Agile's Post-Transformation Era (RSG-Banff 2025).pdf
byRichard Dolman
 
PPTX
14 Management Principles by Henri Fayol (Overview)
bySujan Chaudhary
 
PDF
PPST.RP_Module 9.pdf Selected, developed, organized and used appropriate teac...
byMARYJANEISRAEL3
 
PDF
Future Trends in Knowledge Management Systems
byWritegenic AI
 
PDF
Inspiring Global Change_ How the ICC Geller Fellowship Develops Tomorrow’s Le...
byJacob Baime ICC
 
PPTX
CH5 PROJECT IMPLEMENTATION, MONITORING & EVALUATION
byAtoshe Elmi
 
PPTX
How to Choose the Right Compliance Management System for Your Business
byhepburnindia
 
PPTX
global trend chapter three power point .
bydessiea134
 
CISA-certification-252955007.pdf CISA-certification-252955007.pdf
byFernando Sanchez Risco
 
nursing care delivery model16_Scenarios_Tutorials.pptx
bysofiamansoor4
 
Agile's Post-Transformation Era (RSG-Banff 2025).pdf
byRichard Dolman
 
14 Management Principles by Henri Fayol (Overview)
bySujan Chaudhary
 
PPST.RP_Module 9.pdf Selected, developed, organized and used appropriate teac...
byMARYJANEISRAEL3
 
Future Trends in Knowledge Management Systems
byWritegenic AI
 
Inspiring Global Change_ How the ICC Geller Fellowship Develops Tomorrow’s Le...
byJacob Baime ICC
 
CH5 PROJECT IMPLEMENTATION, MONITORING & EVALUATION
byAtoshe Elmi
 
How to Choose the Right Compliance Management System for Your Business
byhepburnindia
 
global trend chapter three power point .
bydessiea134
 

physical-security (1).pdf

  • 1.
    PHYSICAL SECURITY Prepared by: Canlas,John Michael Garcia,AshleyVeynard BSIT-3B
  • 2.
    Physical security isthe protection of people, property, and physical assets from actions and events that could cause damage or loss.
  • 3.
    WHY PHYSICAL SECURITYIS IMPORTANT Physical security is about keeping your facilities, people and assets safe from real-world threats. It includes physical deterrence, detection of intruders, and responding to those threats.
  • 4.
    MOST COMMON THREATSTO PHYSICAL SECURITY • Theft and burglary • Vandalism • Natural disasters • Terrorism or sabotage • Violence in the workplace
  • 5.
    HUMAN ERROR ISACTUALLY ONE OF THE LEADING CAUSE OF SECURITY BREACHES • Employees sharing their credentials with others • Accidental release or sharing of confidential data and information • Tailgating incidents with unauthorized individuals • Easily hacked authentication processes • Slow and limited response to security incidents
  • 6.
    PHYSICAL SECURITY LARGELYCOMES DOWN TO A COUPLE OF CORE COMPONENTS: ACCESS CONTROL AND SURVEILLANCE.
  • 7.
    COMPONENTS OF PHYSICALSECURITY CONTROLS 1. DETERRENCE – THESE ARE THE PHYSICAL SECURITY MEASURES THAT KEEP PEOPLE OUT OR AWAY FROM THE SPACE. 2. DETECTION - THE COMPONENTS OF YOUR PHYSICAL SECURITY SYSTEM HELP IDENTIFY A POTENTIAL SECURITY EVENT OR INTRUDER. 3. DELAY – THERE ARE CERTAIN SECURITY SYSTEMS THAT ARE DESIGNED TO SLOW INTRUDERS DOWN AS THEY ATTEMPT TO ENTER A FACILITY OR BUILDING. 4. RESPONSE – THE COMPONENTS THAT ARE IN PLACE ONCE A BREACH OR INTRUSION OCCURS.
  • 8.
    ACCESS CONTROL • AccessControl Encompasses a large area that includes basic barriers to more sophisticated things such as keypad, ID card or biometrically-restricted doors. • The first line of defense is the building itself
  • 9.
    SURVEILLANCE • Surveillance includeseverything from guards on patrol, burglar alarms and CCTV to sound and movement sensors and keeping a log of who went where. • At more high-risk locations, companies can deploy far more sophisticated detectors such as proximity, infrared, image, optical, temperature, smoke and pressure sensors to maintain a holistic view of their facilities
  • 10.
    EXAMPLES OF PHYSICAL SECURITYCONTROLS WARNING SIGNS FENCES RESTRICTED ACCESS POINTS CCTV CAMERAS MOTION SENSORS INTRUDER ALARMS AI ANALYTICS COMPUTER ROOMS AND WIRING CLOSETS
  • 11.
    MOST COMMON THREAT TOPHYSICAL SECURITY THEFT OR BURGLARY VANDALISM NATURAL DISASTERS TERRORISM OR SABOTAGE VIOLENCE INTHE WORKPLACE
  • 12.
    IOT AND AIBRING PHYSICAL SECURITY INTO THE DIGITAL WORLD
  • 13.
    IOT AND AIBRING PHYSICAL SECURITY INTO THE DIGITAL WORLD • WHERE TYPICALLY PHYSICAL SECURITY AND DIGITAL SECURITY USED TO BE ENTIRELY SEPARATE REALMS, THEY ARE SLOWLY BECOMING MORE AND MORE INTERTWINED. SURVEILLANCE SYSTEMS ARE INCREASINGLY CONNECTED TO THE INTERNET, ACCESS CONTROL SYSTEMS AND MONITORING SYSTEMS ARE KEEPING DIGITAL LOGS, WHILE USE CASES FOR AI IN PHYSICAL SECURITY ARE BECOME MORE POPULAR. • FOR EXAMPLE, CCTV-BASED IMAGE RECOGNITION CAN ALERT YOU TO THE ARRIVAL OF PEOPLE OR VEHICLES.
  • 14.
    PHYSICAL SECURITY POLICIES •CREATES GUIDELINES AND RULES FOR PERSONNEL AND EQUIPMENT THAT ENSURE THAT YOUR BUSINESS'S INFORMATION, RESOURCES, AND FACILITIES ARE PROTECTED FROM DANGER, DAMAGE, OR REMOVAL.
  • 15.
    TAKE A RISKBASED-APPROACH AND DO YOUR RESEARCH • MAP YOUR RISK PROFILE AND PUT IN APPROPRIATE CONTROLS. DON’T EMPLOY A TEAM OF ARMED GUARDS WHERE A SIMPLE CARD LOCK WITH CCTV WILL DO. “A SUPPLIER NEEDS TO PROTECT THEMSELVES IN ORDER TO PROTECT THEIR CUSTOMERS SO SUPPLY CHAIN DUE DILIGENCE IN A MUST” SAYS KENNY. “WHO ARE WE WORKING WITH, WHAT SORT OF INTERNAL PROCESSES AND POLICIES DO THEY FOLLOW, WHAT FRAMEWORKS DO THEY FOLLOW AROUND HARDENING SYSTEMS?" MAKE SURE THAT THE PEOPLE YOU'RE BUYING TECHNOLOGIES FROM UNDERSTAND THE RISKS AND HAVE THINGS IN PLACE LIKE VULNERABILITY MANAGEMENT PROGRAMS, SECURITY ADVISORY NOTIFICATIONS IF SOMETHING DOES GO WRONG.
  • 16.
    MAKE SURE ACCESSCONTROLS ARE TIED TO PEOPLE AND CUSTOMIZE ACCESS • EACH ID CARD OR KEYCODE SHOULD HAVE A UNIQUE PERSON TIED TO IT. BLANKET ACCESS CARDS OR CODES MAKE DATA LEAKS MORE LIKELY AND HARDER TO TRACK. IF YOUR FACILITY HAS STRICT SCHEDULES, ENSURE ACCESS IS TIED TO TIMES--FOR EXAMPLE, NO OVERNIGHT ACCESS FOR CATERERS.
  • 17.
    HAVE AUDIT TRAILSAND KEEP INVENTORY • KEEP LOGS OF NOT ONLY WHO ACCESSED WHAT, BUT ALSO OF ATTEMPTS. REPEATED FAILED ATTEMPTS TO ACCESS MIGHT SIGNAL BAD ACTORS. KNOW WHO IS IN PROCESSION OF ALL CARDS, KEYS AND OTHER ACCESS ITEMS. REVOKE ACCESS IF A CARD IS LOST OR WHEN EMPLOYEE CIRCUMSTANCES CHANGE. CLAIM BACK KEYS AS SOON AS POSSIBLE IF SOMEONE LEAVES.
  • 18.
    EDUCATE STAFF TOFOLLOW PROTOCOL FOR DEALING WITH GUESTS • PEOPLE ARE USUALLY FRIENDLY AND WANT TO HELP. TEACHING EMPLOYEES – INCLUDING GUARDS -- TO KEEP A HEALTHY SKEPTICISM, FOLLOW PROPER PROCEDURE, AND NOT GIVE OUT TOO MUCH INFORMATION CAN REDUCE THE CHANCE OF YOUR OWN WORKERS BEING USED AGAINST YOU.
  • 19.
    TEST YOUR CAPABILITIESAND PROCESSES • RUN SIMULATIONS; TRY TO GAIN ACCESS TO YOUR OWN FACILITIES. IN THE SAME WAY COMPANIES WILL OFTEN SEND OUT FAKE PHISHING EMAILS AS TEST OF WORKERS' ATTENTION TO DETAIL, SEE IF YOUR WORKERS GIVE OUT INFORMATION OVER THE PHONE OR LET UNVERIFIED GUESTS IN.
  • 20.
    TOP CONSIDERATIONS FORPHYSICAL SECURITY PLANNING 1. IDENTIFY THE SCOPE OF YOUR PHYSICAL SECURITY PLANS. THIS SHOULD INCLUDE THE TYPES OF EMPLOYEES THE POLICIES APPLY TO, AND HOW RECORDS WILL BE COLLECTED AND DOCUMENTED. 2. DETERMINE WHO IS RESPONSIBLE FOR IMPLEMENTING YOUR PHYSICAL SECURITY PLANS, AS WELL AS THE KEY DECISION -MAKERS FOR MAKING ADJUSTMENTS OR CHANGES TO THE PLAN. 3. INCLUDE THE DIFFERENT PHYSICAL SECURITY TECHNOLOGY COMPONENTS YOUR POLICY WILL COVER. 4. STATE THE TYPES OF PHYSICAL SECURITY CONTROLS YOUR POLICY WILL EMPLOY. INCLUDE ANY PHYSICAL ACCESS CONTROL SYSTEMS , PERMISSION LEVELS, AND TYPES OF CREDENTIALS YOU PLAN ON USING. 5. LIST OUT KEY ACCESS POINTS, AND HOW YOU PLAN TO KEEP THEM SECURE.
  • 21.
    TOP CONSIDERATIONS FORPHYSICAL SECURITY PLANNING 6 . D E F I N E YO U R M O N I TO R I N G A N D D E T E C T I O N S YS T E M S . W H AT T Y P E S O F V I D E O S U RV E I L L A N C E , S E N S O R S , A N D A L A R M S W I L L YO U R P H YS I C A L S E C U R I T Y P O L I C I E S I N C L U D E ? I D E N T I F Y W H O W I L L B E R E S P O N S I B L E F O R M O N I TO R I N G T H E S YS T E M S , A N D W H I C H P RO C E S S E S W I L L B E AU TO M AT E D. 7 . O U T L I N E A L L I N C I D E N T R E S P O N S E P O L I C I E S . YO U R P H YS I C A L S E C U R I T Y P L A N N I N G N E E D S TO A D D R E S S H OW YO U R T E A M S W I L L R E S P O N D TO D I F F E R E N T T H R E AT S A N D E M E R G E N C I E S . 8 . S C O P E O U T H OW TO H A N D L E V I S I TO R S , V E N D O R S , A N D C O N T R AC TO R S T O E N S U R E YO U R P H YS I C A L S E C U R I T Y P O L I C I E S A R E N OT V I O L AT E D. 9 . C R E AT E A C Y B E R S E C U R I T Y P O L I C Y F O R H A N D L I N G P H YS I C A L S E C U R I T Y T E C H N O L O G Y DATA A N D R E C O R D S . I N C L U D E YO U R P O L I C I E S F O R E N C RY P T I O N , V U L N E R A B I L I T Y T E S T I N G , H A R DWA R E S E C U R I T Y, A N D E M P L OY E E T R A I N I N G . 1 0 . A D D R E S S H OW P H YS I C A L S E C U R I T Y P O L I C I E S A R E C O M M U N I C AT E D T O T H E T E A M , A N D W H O R E Q U I R E S AC C E S S TO T H E P L A N .
  • 22.
    THANK YOU FORLISTENING!