Physical and Environmental Security

Chapter 5Part 2

Pages 457 to 499

Protecting Assets

• Laptop thefts• Cost to replace stolen items– Productivity– Reputation– Cost to restore lost data

Laptop Thefts

• Page 457 list• Tracking software• Safe for backups

Electric Power

• August 2003, 8 east coast states and portions of Canada lost power for several days

• Need a plan for fall back for storms, hardware failure, lightning and other disruptions of power

UPS

• Uninterrupted Power Supply• Figure 5-6 on page 460• Standby UPS– Inactive until power failure– Switch to battery pack

• Online UPS Systems– AC Voltage line charges, constantly provide power– Most faster than standby

UPS

• Some just provide enough power to gracefully shutdown

• Others will allow systems to run for a longer period of time.

• Should be tested periodically

Line Noise

• Figure 5-7 on page 461• RFI – Radio Frequency Interference• EMI – Electromagnetic Interference

Voltage Fluctuations

• Page 462 list• When an electrical device is turned on it can

draw a large amount of current (in-rush current).

• This can cause a sag in current for surrounding devices.

• It is a good idea to have the data center on a different wiring segment

Voltage Fluctuations

• Surge– A common problem– Storms, lightning– Surge protector

• Blackout– Voltage drops to zero

• Brownout– High demand such as a heatwave

Voltage Fluctuations

• Voltage regulators and line conditioners to ensure clean and smooth distribution of power.

• Figure 5-8 on page 464• List on page 465

Shutoff Valves

• Figure 5-9 on page465• Gas – in case of fire• Water – in case of water pipe break

Environment & Electronic Equipment

• High humidity – corrosion• Low humidity – static electricity– Spark from your finger several thousand volts– Winter and dry climates– Preventive step on page 467

Environment & Electronic Equipment

• Low Temperature – stop working• High Temperature– Table 5-1 on page 466

• Ventilation– Closed-loop filters and recycles air

• Positive pressurization – outside air does not enter

• Dust – clogs up fans

Fire

• Fire Prevention– Train employees to react properly when faced

with a fire

Fire Detection

• Ignition – Combustible materials, malfunctioning heating

devices, arson• Computer systems are not combustible• Electric fires are caused by overheating of wire

insulation or overheating of electrical components that ignite surrounding plastic

Fire Detection

• Smoke activates– Figure 5-11 on page 470

• Heat activated– Fixed Temperature – Rate-of-rise of temperature• Quicker, more false positives

• Figure 5-12 on page 471– Where the wiring is

Fire Suppression

• Page 472 – Figure 5-2• Page 473 – Figure 5-3– Halon has not been manufactured since 1992

• HVAC should shutdown in case of fire so smoke is not spread throughout the building

Water Sprinklers

• In a electrical fire, water can increase the intensity of the fire because it can work as a conductor for electricity

• Wet pipe – water in pipe• Dry pipe – water in holding tank until it is

released• Preaction – Not held in pipe. Released when

pressurized air within the pipe is reduced.

Perimeter Security

• Layered Defense• Figure on page 476• Two modes

1. When the facility is open2. When the facility is closed

Facility Access Control

• “Having personnel in sensitive areas is one of the best security controls because they can personally detect suspicious behavior.”

• Entrances and Exits – Figure 15-4 on page 417

Locks

• Locks can be picked or broken.• Ward Lock– Figure 5-16 on page 479

• Tumbler Lock– Figure 5-17 on page 479

• Combination Lock• Cipher Lock– Use keypad

Administrative Responsibility

• Key maintenance and procedures• Lock choice• Master Key, Submaster keys, individual keys

Circumventing Locks

• Tension wrench– Holds down internal cylinders while figuring out

next cylinder

Personnel Access Control

• Identification of person attempting to access the facility– Biometric– Smart Card– Photo ID– Key– Card with PIN or Password

• Piggybacking

External Boundary Protection

• Bullets on pages 484-5• Fences– Height (Pages 485-6)– Gauge and Mesh (Page 486)– Classification (Page 487)

• Bollards– Small concrete pillars

Lighting• Unlit parking areas invite car break ins and

attacking employees.• Higher wattage more illumination.• If the area has clean concrete and light-

colored painted surfaces, then not as much illumination is required.

• Direct lighting toward where intruders will come from and away from security forces.

Lighting

• Direct lighting toward where intruders will come from and away from security forces. (glare protection).

• Responsive illumination– When IDS detects suspicious activity.– Turn on CCTV cameras to scan for intruders.

• Protect against lights being turned off or power cut to them.

Surveillance Devices

• Closed –Circuit TV (CCTV)– Figure 5-10 on page 491– Considerations for purchase• Internal or External Areas• Large or small area• Lit, unlit, sunlight

– Charged-coupled devices (CCD)• Light to electronic signals• Extraordinary details

CCTV

• “When both wide scenes and close-up captures are needed, zoom lens is best.”

Intrusion Detection Systems

• Sense changes in the environment• Perimeter scanning device– Figure 5-22 on page 494

• Strip of foil embedded in a window• Pressure pad under a carpet• Photoelectric system detects change in a light

beam

• Security Guards– Costly– Screening is important– Need to be trained

• Dogs– Detect intruders– Hearing and sight outperforms humans