Definition: Physical Security

The physical measures and their associated procedures to safeguard and protect against:
Damage Loss Theft

Introduction
Primary consideration in physical security is that nothing should impede life safety goals.
Ex.: Dont lock the only fire exit door from the outside.

Safety: Deals with the protection of life and assets against fire, natural disasters, and devastating accidents. Security: Addresses vandalism, theft, and attacks by individuals.

Definition: Threat
Any indication, circumstance or event with the potential to cause:
Loss of or Damage to an Asset Personal Injury Loss of Live

Threat Types
Natural / Environmental
Earthquakes, floods, storms, Tsunami, fires, smoke, snow Consequence of Natural Phenomenon Normally not preventable

Human Made / Political Events

Explosions, vandalism, theft, terrorist attacks, riots Result of a state of mind, attitude, weakness or character trait Acts of commission or omission Disrupt or destroy

Examples of Threats
Emergencies
Fire and Smoke Building Collapse or Explosion Utility Loss (Power, AC, Heat) Water Damage (Broken Pipes) Toxic Materials Release

 Natural Disasters

Examples of Threats (2)

Earth Movement (Earthquakes or Mudslides) Storm Damage (Snow, Ice, Floods, Hurricanes)

Human Intervention
Sabotage Vandalism War Strikes

Site Location
Security Should include WHERE the building is and HOW it should be built: Choosing a Secure Site
Visibility Usually low visibility is the rule to follow. What types of neighbors and markings on the building? Local Considerations Near hazardous waste dump? In flood control plain? Local crime rate, riots, strike-prone area? Natural Disasters Weather-related problems, tornados, flooding, heavy snow, earthquake zone

Site Location (2)

Choosing a Secure Site
Transportation Excessive highway, air or road traffic in area, failed bridges will cause building access problems? Joint Tenancy Are access to HVAC and environmental controls shared in building? Adjacent Buildings External Services Proximity to local Fire, Police, Hospital/Medical Facilities?

 WALLS

Designing a Secure Site

All walls MUST have an acceptable Fire Rating. Be Floor to Ceiling Any Closets or Rooms that Store Media must also have Fire Rating

CEILINGS
Be aware if they are WEIGHT BEARING and their Fire Rating

Designing a Secure Site (2)

FLOORS
Slab or Raised? SLAB
If concrete then concerns are Weight Bearing (aka Loading) Usually 150 pounds per square foot.

RAISED
Concerned with Fire Rating, Electrical Conductivity (Grounding against static electricity) Must employ non-conducting surface material in data center

Designing a Secure Site (3)

DOORS
Must resist Forced Entry
Solid or Hollow Secured hinges

Fire Rating Equal to Walls Emergency Exits Must Be Clearly Marked, Monitored, or Alarmed Electrical Doors on Emergency Exits Should Revert to Disabled State if Power Outage Occurs For Safe Evacuation TIP!! Personnel Safety ALWAYS Takes Precedence! Doors Can Be Guarded During an Emergency

Designing a Secure Site (4)

SPRINKLER SYSTEM
Location and Type of Suppression System Must Always Be Known

LIQUID or GAS LINES

Know Where the Shut Off Valves Are Water, Steam and Gas Lines Should Have POSITIVE Drains
i.e., Flow Outward and Away from Building

Designing a Secure Site (5)

AIR CONDITIONING
AC Units Should Have Dedicated Power Circuits Know Where the Emergency Power Off (EPO) Switch is Located Provide Outward, Positive Air Pressure to Building Protected Intake Vents to Prevent Inflow of Potential Toxins Into a Facility

Designing a Secure Site (6)

WINDOWS
Located to Prevent Viewing Monitors or Desks Standard Plate Glass (Brittle, Breaks Easily) Tempered Glass (Stronger, Breaks into Small Shards) Acrylic Materials Polycarbonate Windows
Glass and Polycarbonate Combinations Combine Best of Glass and Acrylics

Wire Mesh Layers Bomb Blast Film (Prevent Viewing In and Reinforce Window) Bullet Resistant Windows Glass Breakage Sensors Usually Not Accepted in Data Center
If Installed, Should Be Translucent and Shatterproof

Frames Secured to Walls, Windows Can Be Locked, Glass Cant be Removed

Procedural Controls
Guard Post Checking and Escorting Visitors on Site Managing Deliveries to the Site
Building-Specific

16

Facility Security Management

Administrative Security Controls NOT Related to Initial Planning Process
Audit Trails or Access Logs
Vital to Know Where Attempts to Enter Existed and Who Attempted Them

Emergency Procedures
Should be Clearly Documented and Readily Accessible Copies Stored Offsite in the Event of a Disaster Updated Periodically

Audit Trails
These are known as DETECTIVE rather than PREVENTIVE
Date and Time of Access Attempt Whether the Attempt was Successful or Not Where the Access was Granted (i.e., which door) Who Attempted the Access Who Modified the Access Privileges at the Supervisor Level Can Send Alarms or Alerts if Required

Emergency Procedures
Should Include the Following:
Emergency System Shutdown Procedures Evacuation Procedures Employee Training, Awareness Programs, and Periodic Drills Periodic Equipment and Systems Tests

Administrative Personnel Controls

Pre-Employment Screening
Employment, References and Educational History Checks Background Investigation and/or Credit Rating Checks for Sensitive Positions

On-Going Employee Checks

Security Clearances Ongoing Employee Ratings or Reviews by Supervisors

Post-Employment Procedures
Exit Interview, Removal of Network Access, Return of Computers, etc.

Environmental Safety Controls

Three Areas of Environmental Control 1. Electrical Power 2. Fire Detection and Suppression 3. Heating, Ventilation and Air Conditioning (HVAC)

Electrical Power
Disruptions in Electrical Power Can Have a Serious Business Impact Goals:
Clean and Steady Power Excellent Power Quality Dedicated Feeders Alternate Power Source Access Controls Secure Breaker and Transformer Rooms

Design Considerations:

Electrical Power Threat Elements

NOISE
Electromagnetic Interference (EMI) Radio Frequency Interference (RFI)

ANOMOLIES
Brownout, Blackout, Fault, etc.

ELECTROSTATIC DISCHARGE (ESD)

Affected by Low Humidity

Electrical Noise
Def: Random Disturbance Interfering With Devices
Electromagnetic Interference (EMI)
Caused by Motors, Lightning, etc.

Radio Frequency Interference (RFI)

Caused by Components of Electrical System Caused by Electrical Cables, Fluorescent Lighting, Truck Ignitions, etc. Can Cause Permanent Damage to Sensitive Components in a System

Protective Measures for NOISE

Proper Line Conditioning Proper Grounding of the System to Earth Cable Shielding Limited Exposure to Magnets, Electrical Motors, Space Heaters and Fluorescent Lights

Electrical Anomalies
Electrical Event Blackout Fault Brownout Sag Definition Total loss of power Momentary loss of power Prolonged drop in voltage (up to 10%) Short drop in voltage

Inrush
Spike Surge

Initial power rush

Momentary rush of power, Momentary high voltage Prolonged rush of power, prolonged high voltage

Electrostatic Discharge (ESD)

Power Surge Generated by a Person or Device Contacting Another Device and Transferring a High Voltage Shock Affected by Low Humidity

Now, About Humidity

Ideal Humidity Range = 40% to 60%
High Humidity > 60%
Causes Problems with Condensation on Computer Equipment Cause Corrosion of Electrical Connections sort of like Electroplating and Impedes Electrical Efficiency

Low Humidity < 40%

Can Cause Increase in Electrostatic Discharge

Precautions for Static Electricity

Use Anti-Static Sprays Where Possible Operations or Computer Centers Should Have Anti-Static Flooring Building and Computer Rooms Should be Grounded Properly Anti-Static Table or Floor Mats HVAC Should Maintain Proper Level of Humidity in Computer Rooms Anti-static bands should be used

Electrical Support Systems

Surge Suppressors Uninterruptible Power Supplies
Only for Duration Needed to Safely Shutdown Systems

Emergency Shutoff (EPO Switch)

Have Monitored by Camera

Alternate Power Supply

Generator
30

FIRE PROTECTION
1. Fire Prevention 2. Fire Detection 3. Fire Suppression

Fire Triangle

A FIRE Needs These Three Elements to Burn Fire Fighting Removes One of These Three Elements OR By Temporarily Breaking Up the Chemical Reaction

Fire Prevention
Use Fire Resistant Materials for Walls, Doors, Furnishings, etc. Reduce the Amount of Combustible Papers Around Electrical Equipment Provide Fire Prevention Training to Employees
REMEMBER: Life Safety is the Most Important Issue!

Conduct Fire Drills on All Shifts So that Personnel Know How to Exit A Building

Fire Detection
Ionization-type Smoke Detectors
Detect Charged Particles in Smoke

Optical (Photoelectric) Detectors

React to Light Blockage Caused by Smoke

Fixed or Rate-of-Rise Temperature Sensors

Heat Detectors That React to the Heat of a Fire Fixed Sensors Have Lower False Positives

Flame Actuated
Senses Infrared Energy of Flame or Pulsating of the Flame Very FAST Response Time, Expensive

Fire Detection (2)

Automatic Dial-Up Fire Alarm
System Dials the Local Fire or Police Department and Plays a Prerecorded Message When a Fire is Detected Usually Used in Conjunction with One of the Other Type of Fire Detectors This Type of System Can Be Easily/Intentionally Subverted

Combinations are Usually Used for The Best Effectiveness in Detecting a Fire

Fire Classes and Suppression/Extinguishing Methods

Class Description (Fuel)
Common combustibles such as paper, wood, furniture, clothing

Extinguishing Method
Water, Foam

A B
C D K

Burnable fuels such as gasoline or oil

Electrical fires such as computers and electronics

Inert Gas, CO2

Inert Gas, CO2(Note: Most important step: Turn off electricity first!)

Special fires, such as chemical, metal Commercial Kitchens

Dry Powder (May require total immersion or other special techniques) Wet Chemicals

Fire Suppression
Carbon Dioxide (CO2)/ Halon/ FM200, Foam, Inert Gas and Dry Power Extinguishers DISPLACE Oxygen to Suppress a Fire Water Suppresses the Temperature Required to Sustain a Fire

Fire Suppression - Water

Wet Pipe
Always Contains Water Most Popular and Reliable 165 Fuse Melts Can Freeze in Winter Pipe Breaks Can Cause Floods No Water in Pipe Preferred for Computer Installations Water Held Back by Clapper Air Blows Out of Pipe, Water Flows

Dry Pipe

Fire Suppression Water (2)

Deluge
Type of Dry Pipe Water Discharge is Large Not Recommended for Computer Installations

Preaction
Combines Both Dry and Wet Pipes Water Released into Pipe First Then After Fuse Melts in Nozzle the Water is Dispersed

Heating Ventilation & Air Conditioning (HVAC)

Usually the Focal Point for Environmental Controls You Need to Know Who is Responsible for HVAC in Your Building Clear Escalation Steps Need to Be Defined Well in Advance of an EnvironmentalThreatening Incident

HVAC Issues
Are Computerized Components Involved? Does It Maintain Appropriate Temperature and Humidity Levels? Air Quality?
Ideal Temperature = 70 to 74 F Ideal Humidity = 40% to 60%

Maintenance Procedures Should Be Documented Preventive Maintenance Performed and Documented

Elements of Physical Security

Badges Restricted Areas Lights Dogs CCTV Locks Access Control Barriers Security Forces Fences Intrusion Detection Systems

Functions of Physical Security

1. 2. 3. 4. 5. Deter Delay Detect Assess Respond

Perimeter Protection
Perimeter Security Controls are the First Line of Defense Protective Barriers Natural or Structural
Natural Barriers
Terrains That are Difficult to Cross Landscaping (Shrubs, Trees, Spiny Shrubs)

Structural Barriers
Fences, Gates, Bollards, Facility Walls

Fences
Know These Fencing Heights:
3 ft 4 ft High 6 ft 8 ft High 8 ft High with 3 Strands of Barbed Wire Deters Casual Trespassers Too Hard to Climb Easily

Deters Intruders

3 Types of Fencing
Chain Link Barbed Wire Barbed Tape or Concertina Wire

This is at least 8 Feet

Chain Link

Fences (2)

6 Feet Tall (Excluding Top Guard) 8 Feet Tall (with Top Guard) 2 inch Openings or Less Reach within 2 Inches of Ground or On Soft Ground It Is Below the Surface Be Sure Vegetation or Adjacent Structures Do Not Bridge Over the Fence

Intrusion Detection & Surveillance

Perimeter Intrusion Detection Systems
Sensors That Detect Access Into the Area
Photoelectric (Usu. Infrared Light) Ultrasonic Microwave Passive Infrared (PIR) Pressure Sensitive (Dry Contact Switch)

Surveillance Devices
Closed-Circuit Television (CCTV)

Motion Detectors
3 Categories
Wave Pattern Generates a Frequency Wave Pattern. If Pattern is Disturbed as it is Reflected Back to its Receiver (low, ultrasonic or microwave range) Capacitance Monitor an Electrical Field Around an Object. If Field is Disturbed the Alarm is Triggered. Used for Spot Protection. Audio Detectors Monitor for any Abnormal Sound Wave Generation. (Lots of False Alarms)

Intrusion Detection Systems

Can Be Installed On:
Windows, Doors, Ceilings, Walls Any Other Entry Points Such as HVAC, Roof Access Openings, Ducts, etc.

They Detect Change In:

Electrical Circuits, Light Beams Sounds, Vibrations, Motion Capacitance Due to Penetration of An Electrostatic Field Biometrics

CCTV
Def: A Television Transmission System That Uses Cameras to Transmit Pictures To Connected Monitors CCTV Levels:
Detection: The Ability to Detect the Presence of an Object Recognition: The Ability to Determine the Type of Object (animal, blowing debris, crawling human) Identification: The Ability to Determine the Object Details (person, large rabbit, small deer, tumbleweed)

Remember: Monitoring Live Events is Preventive and Recording of Events is Detective

CCTV Components
Camera
Fixed, Zoom Pan & Tilt

Transmission Media
Coax Cable Fiber Cable Wireless

Monitor

CCTV Deployment Features

Cameras High Enough to Avoid Physical Attack Cameras Distributed to Exclude Blind Areas Appropriate Lenses Pan, Tilt, Zoom (PTZ) as Required Ability to be Recorded Camera System Tied to Alarm System Number and Quality of Video Frames Increased During Alarm Event Regular Service of Moving Parts Cleaning Lenses Human Intervention

CCTV Legal and Practical Implications

Storage Implications of Recorded Data Video Tapes Must Be Stored to Prevent Deterioration Digital Records Must Be Maintained to Assert Integrity Human Rights and Privacy Implications in Recording People Requirements to Blurr/Pixelate Individuals Other than Accused

Lighting
Provides a Deterrent to Intruders Makes Detection Likely if Entry Attempted Should be Used With Other Controls Such as Fences, Patrols, Alarm Systems, CCTV

Access Control
Card Access
Smart Cards Mag Stripe Cards Proximity Cards

Biometrics
Fingerprint Retina or Iris Scans Hand Geometry Signature Dynamics
Prepared by Ernie Hayden, CISSP CEH 55

Locks
Tip: Locks are Considered DELAY Devices Only All Locks Can Be Defeated By Force and/or the Proper Tools Locks Must Never Be Considered a StandAlone Method of Security

Locks (2)
Types of Locks
Key Locks Combination Locks

Key Locks
Key-in-Knob or Key-in-Lever (Cylindrical Lockset) Only for Low Security Apps Dead Bolt Locks or Tubular Dead Bolts Good for Storerooms, Houses Mortise Locks (Lock Case is Recessed or Mortised into the Edge of Door) Low Security Apps Padlocks

Combination Locks
Combinations Must Be Changed at Specific Times and Under Specific Circumstances

Keyless and Smart Locks

Keyless (Cipher) Locks
Push-button locks

Smart Locks
Permit Only Authorized People Into Certain Doors at Certain Times
E.g., Magnetic Stripe Card that is Time Sensitive

58

Lock Security Measures

Key Control Procedures
Restrict Issue of Keys on a Long-Term Basis to Outside Maintenance or Janitorial Personnel Keep a Record of All Issued Keys Investigate the Loss of All Keys
When in Doubt, Rekey the Affected Locks

Use as Few Master Keys as Possible Issue Keys on a Need-to-Go Basis Remember Keys are a Single-Factor Authentication Mechanism That Can Be Lost, Stolen, or Copied.
(Use 2-Factor Methods for More Secure Spaces)

Compartmentalized Area
Def: Location Where Sensitive Equipment is Stored and Where Sensitive Information is Processed Must Have a Higher Level of Security Controls

60

 Walls

Data Center

Extend from True Floor to True Ceiling

Access Controls
Depending Upon Sensitivity of the Information and Value of Equipment, Electronic Access Controls May Need to be Installed

Portable Device Security

Laptops, PDAs, Etc.
Protect the Device Protect the Data in the Device

Examples:
Locking Cables for Docking Stations Tracing Software Audible Motion Alarm Encryption Software PIN Protection for PDAs Inventory System

Alarm Systems
1. Local Alarm Systems Alarm Sounds Locally and Must be Protected from Tampering and Audible for at Least 400 Feet 2. Central Station Units Monitored 7x24 and Signaled Over Leased Lines Usually within <10 Minutes Travel Time (Private Security Firms) 3. Auxiliary Station Systems Systems that Ring at Local Fire or Police Stations

Drills & Testing

Drills/Exercises/Testing
Keeps Everyone Aware of Their Responsibilities Building Evacuation Drills Are Important

Physical Vulnerability/Penetration Tests

Should Identify Weak Entry Points Findings Should Be Documented Ref: Ira Winkler Stories

Media Storage Requirements

Common Storage Areas for Media
On Site safes, desks, storage cabinets Off Site data backup vaults (Transportation can be a security concern)

Elements and Resources in Control to Protect the Media

Physical Access Control at Storage Area Environmental Controls (fire, water protection) Inventory Controls and Monitoring Audits

Physical Summary
Physical and Procedural Countermeasures:
Provide Identification and Authentication Authorization (Access Control) Accountability Provide Physical Contingency Resources and Alternate Procedures

Organized in a DEFENSE IN DEPTH Strategy Effectiveness Relies on Knowledge, Skills and Awareness of Staff