Physical Security Controls 3.9 Part 1 Flashcards
Proper Lighting
Bad guys don’t want to be seen. Non IR cameras can see better. Lighting angles are important to avoid glare and shadows. You need to be able to see faces through the cameras.
Signs
Signs need to keep people away from restricted areas. Consider that you visitors need to know where they can and cant go. Personal safety signs need to exist. You need fire exit signs and warning signs for anything hazardous. Also have sings for medical purposes.
Fencing
Build a perimeter. The fence needs to be robust, not easy to break through. It also needs to be tall enough and potentially needs razor wire at the top to prevent climbing over. Consider if you want people to be able to see through or not.
Rack Monitoring and Security
Do you need a monitoring system? Environmental sensors, webcams? You can integrate these with an enterprise monitoring system. You may need closed racks or fencing in the data center.
Guards and Access Lists
Security guards may need to physically protect you areas. They can man a security checkpoint. This is obviously a good place to validate existing employees and have a guest access. Use ID badges, picture, name, other details. Must be worn at all times. Access list can be provided to allow/disallow.
Alarms
Alarms help protect since security teams cant be everywhere at all times. These can protect doors, windows, fencing, and the perimeter. Motion detection through radio reflection or passive infrared. Useful in areas not often traveled. You might also need to have a duress button.
Safe
A safe can secure important hardware and media. Backups, laptops, hard drives. It provides protection against fire and water, its difficult to steal because of its weight. Need a backup plan if you lose the combination. Don’t share the combination.
Locking Cabinets
Data center hardware is often managed by different groups. Responsibility lies with the owner. Racks can be installed together side by side. These will need to be protected from temperature with ventilation.
Protected Distribution System (PDS)
You must also protect your cables. The bad guys can tap into your network via wires taps or shut your network down with wire cuts. It’s very common to use a sealed metal conduit to protect the wires. Preform visual inspections on the conduits.
Air Gap Network
Air gap networks are a physical separation of your network from the internet/infrastructures. This is not very common. You only use these for specialized networks such as stock market networks, power systems, extremely critical things.
