COURSE CODE: IT311 – Information Assurance and

Security
Module 12

Week 10-14: November 2-8, 2020 | 1st Semester, S.Y. 2020-2021

Introduction
As you learned in Chapter 1, information security requires the protection of both
data and physical assets. You have already learned about many of the
mechanisms used to protect data, including firewalls, intrusion detection systems,
COURSE MODULE

and monitoring software.

Physical security encompasses the design, implementation, and maintenance of
countermeasures that protect the physical resources of an organization, including
the people, hardware, and supporting system elements and resources that control
information in all its states (transmission, storage, and processing). Most technology-
based controls can be circumvented if an attacker gains physical access to the
devices being controlled. In other words, if it is easy to steal the hard drives from a
computer system, then the information on those hard drives is not secure. Therefore,
physical security is just as important as logical security to an information security
program.

Intended Learning Outcomes

 Discuss the relationship between information security and physical security
 Describe key physical security considerations, including fire control and
surveillance systems
 Identify critical physical environment considerations for computing facilities,
including uninterruptible power supplies

Topic 1 – Physical Security

Physical Access Controls

A number of physical access controls are uniquely suited to governing the
movement of people within an organization’s facilities—specifically, controlling their
physical access to company resources. While logical access to systems, in this age
of the Internet, is a very important subject, the control of physical access to the
assets of the organization is also of critical importance. Some of the technology
used to control physical access is also used to control logical access, including
biometrics, smart cards, and wireless enabled keycards.

Before learning more about physical access controls, you need to understand what
makes a facility secure. An organization’s general management oversees its
physical security. Commonly, a building’s access controls are operated by a group
called facilities management. Larger organizations may have an entire staff
dedicated to facilities management, while smaller organizations often outsource
these duties.
In facilities management, a secure facility is a physical location that has in place
controls to minimize the risk of attacks from physical threats. The term secure facility
might bring to mind military bases, maximum-security prisons, and nuclear power
plants, but while securing a facility requires some adherence to rules and
procedures, the environment does not necessarily have to be that constrained. It is
also not necessary that a facility resemble a fortress to minimize risk from physical
attacks. In fact, a secure facility can sometimes use its natural terrain, local traffic
flow, and surrounding development to enhance its physical security, along with
protection mechanisms such as fences, gates, walls, guards, and alarms.
 Physical Security Controls
There are a number of physical security controls that an organization’s communities
of interest should consider when implementing physical security inside and outside
the facility. Some of the major controls are:
 Walls, fencing, and gates
 Guards
 Dogs
 ID Cards and Badges
 Locks and Keys
 Mantraps
 Electronic Monitoring
COURSE MODULE

 Alarms and alarm system

 Computer room and wiring closets
 Interior walls and doors

Walls, Fencing, and Gates Some of the oldest and most reliable elements of
physical security are walls, fencing, and gates. While not every organization needs
to implement external perimeter controls, walls and fences with suitable gates are
an essential starting point for organizations whose employees require access to
physical locations the organization owns or controls. These types of controls vary
widely in appearance and function, ranging from chain link or privacy fences that
control where people should park or walk, to imposing concrete or masonry barriers
designed to withstand the blast of a car bomb. Each exterior perimeter control
requires expert planning to ensure that it fulfills the security goals and that it presents
an image appropriate to the organization.

Guards Controls like fences and walls with gates are static, and are therefore
unresponsive to actions, unless they are programmed to respond with specific
actions to specific stimuli, such as opening for someone who has the correct key.
Guards, on the other hand, can evaluate each situation as it arises and make
reasoned responses. Most guards have clear standard operating procedures (SOPs)
that help them to act decisively in unfamiliar situations. In the military, for example,
guards are given general orders (see the Offline on guard duty), as well as special
orders that are particular to their posts.

Dogs If an organization is protecting valuable resources, dogs can be a valuable

part of physical security if they are integrated into the plan and managed properly.
Guard dogs are useful because their keen sense of smell and hearing can detect
intrusions that human guards cannot, and they can be placed in harm’s way when
necessary to avoid risking the life of a person.

ID Cards and Badges An identification (ID) card is typically concealed, whereas

a name badge is visible. Both devices can serve a number of purposes. First, they
serve as simple forms of biometrics in that they use the cardholder’s picture to
authenticate his or her access to the facility. The cards may be visibly coded to
specify which buildings or areas may be accessed. Second, ID cards that have a
magnetic strip or radio chip that can be read by automated control devices allow
an organization to restrict access to sensitive areas within the facility. ID cards and
name badges are not foolproof, however; and even the cards designed to
communicate with locks can be easily duplicated, stolen, or modified. Because of
this inherent weakness, such devices should not be an organization’s only means of
controlling access to restricted areas.
Another inherent weakness of this type of physical access control technology is the
human factor. As depicted in this chapter’s opening vignette, tailgating occurs
when an authorized person presents a key to open a door, and other people, who
may or may not be authorized, also enter. Launching a campaign to make
employees aware of tailgating is one way to combat this problem. There are also
technological means of discouraging tailgating, such as mantraps (which are
discussed in a following section) or turnstiles. These extra levels of control are usually
 expensive, in that they require floor space and/or construction, and are
inconvenient for those required to use them. Consequently, anti-tailgating controls
are only used where there is significant security risk from unauthorized entry.

Locks and Keys There are two types of lock mechanisms: mechanical and
electromechanical. The mechanical lock may rely on a key that is a carefully
shaped piece of metal, which is rotated to turn tumblers that release secured loops
of steel, aluminum, or brass (as in, for example, brass padlocks). Alternatively, a
mechanical lock may have a dial that rotates slotted discs until the slots on multiple
disks are aligned, and then retracts a securing bolt (as in combination and safe
locks). Although mechanical locks are conceptually simple, some of the
technologies that go into their development are quite complex. Some of these
modern enhancements have led to the creation of the electromechanical lock.
COURSE MODULE

Electromechanical locks can accept a variety of inputs as keys, including magnetic

strips on ID cards, radio signals from name badges, personal identification numbers
(PINs) typed into a keypad, or some combination of these to activate an electrically
powered locking mechanism. Locks can also be divided into four categories based
on the triggering process: manual, programmable, electronic, and biometric.
Manual locks such as padlocks and combination locks, are commonplace and well
understood. If you have the key (or combination) you can open the lock. These
locks are often preset by the manufacturer and therefore unchangeable. In other
words, once manual locks are installed into doors, they can only be changed by
highly trained locksmiths. Programmable locks can be changed after they are put
in service, allowing for combination or key changes without a locksmith and even
allowing the owner to change to another access method (key or combination) to
upgrade security. Many examples of these types of locks are shown in Figure 9-1.
Mechanical push button locks, shown in the left-most photo in Figure 9-1, are
popular for securing computer rooms and wiring closets, as they have a code that
can be reset and don’t require electricity to operate.
 Electronic locks can be integrated into alarm systems and combined with other
building management systems. Also, these locks can be integrated with sensors to
create various combinations of locking behavior. One such combination is a system
that coordinates the use of fire alarms and locks to improve safety during alarm
conditions (i.e., fires). Such a system changes a location’s required level of access
authorization when that location is in an alarm condition. Another example is a
combination system in which a lock is fitted with a sensor that notifies guard stations
when that lock has been activated. Another common form of electronic locks is
electric strike locks, which usually require people to announce themselves before
being “buzzed” through a locked door. In general, electronic locks lend themselves
to uses where they can be activated or deactivated by a switch controlled by an
agent, usually a secretary or guard. Electronic push button locks, like their
mechanical cousins, have a numerical keypad over the knob, requiring the
COURSE MODULE

individual user to enter a personal code and open the door. These locks usually use
battery backups to power the keypad in case of a power failure.

Mantraps A common
enhancement for locks in
high security areas is the
mantrap. A mantrap is a
small enclosure that has
separate entry and exit
points. To gain access to the
facility, area, or room, a
person enters the mantrap,
requests access via some
form of electronic or
biometric lock and key, and
if confirmed, exits the
mantrap into the facility.

TRY THIS!
Type your activity here
 Electronic Monitoring Monitoring equipment can be used to record events within
a specific area that guards and dogs might miss, or in areas where other types of
physical controls are not practical. Although you may not know it, many of you are,
thanks to the silver globes attached to the ceilings of many retail stores, already
subject to cameras viewing you from odd corners—that is, video monitoring.
Attached to these cameras are video cassette recorders (VCRs) and related
machinery that capture the video feed. Electronic monitoring includes closed-
circuit television (CCT) systems. Some CCT systems collect constant video feeds,
while others rotate input from a number of cameras, sampling each area in turn.

These
video
COURSE MODULE

monitoring systems have drawbacks: for the most part they are passive and do not
prevent access or prohibited activity.

Another drawback to these systems is that people must view the video output,
because there are no intelligent systems capable of reliably evaluating a video
feed. To determine if unauthorized activities have occurred, a security staff member
must constantly review the information in real time or review the information
collected in video recordings. For this reason, CCT is most often used as an evidence
collection device after an area has been broken into than as a detection
instrument. In high-security areas (such as banks, casinos, and shopping centers),
however, security personnel monitor CCT systems constantly, looking for suspicious
activity.

Alarms and Alarm Systems Closely related to monitoring are the alarm systems
that notify people or systems when a predetermined event or activity occurs.
Alarms, which are similar to the IDPSs you learned about in Chapter 7, can detect a
physical intrusion or other untoward event. This could be a fire, a break-in, an
environmental disturbance such as flooding, or an interruption in services such as a
loss of power. One example of an alarm system is the burglar alarm commonly
found in residential and commercial environments. Burglar alarms detect intrusions
into unauthorized areas and notify either a local or remote security agency to react.
To detect intrusions, these systems rely on a number of different types of sensors:
motion detectors, thermal detectors, glass breakage detectors, weight sensors, and
contact sensors. Motion detectors detect movement within a confined space and
are either active or passive. Some motion sensors emit energy beams, usually in the
form
 of infrared or laser light, ultrasonic sound or sound waves, or some form of
electromagnetic radiation. If the energy from the beam projected into the area
being monitored is disrupted, the alarm is activated. Other types of motion sensors
are passive in that they constantly measure the energy (infrared or ultrasonic) from
the monitored space and detect rapid changes in this energy. The passive
measurement of these energies can be blocked or disguised and is therefore
fallible. Thermal detectors measure rates of change in the ambient temperature in
the room. They can, for example, detect when a person with a body temperature
of 98.6 degrees Fahrenheit enters a room with a temperature of 65 degrees
Fahrenheit, because the person’s presence changes the room’s ambient
temperature. Thermal detectors are also used in fire detection (as is described in
later sections). Contact and weight sensors work when two contacts are connected
as, for example, when a foot steps on a pressure sensitive pad under a rug, or a
COURSE MODULE

window is opened, triggering a pin-and-spring sensor. Vibration sensors also fall into
this category, except that they detect movement of the sensor rather than
movement in the environment.

Computer Rooms and Wiring Closets Computer rooms and wiring and
communications closets require special attention to ensure the confidentiality,
integrity, and availability of information. For an outline of the physical and
environmental controls needed for computer rooms, read the Technical Details box
entitled “Physical and Environmental Controls for Computer Rooms.” Logical access
controls are easily defeated if an attacker gains physical access to the computing
equipment. Custodial staff members are often the least scrutinized employees (or
nonemployees) who have access to an organization’s offices. Yet custodians are
given the greatest degree of unsupervised access. They are often handed the
master keys to the entire building and then ignored, even though they collect paper
from every office, dust many desks, and move large containers from every area. It
is, therefore, not difficult for this type of worker to gather critical information and
computer media or copy proprietary and classified information. All this is not to say
that an organization’s custodial staff should be under constant suspicion of
espionage, but to note that the wide-reaching access that custodians have can
be a vulnerability that attackers exploit to gain unauthorized information. Factual
accounts exist of technically trained agents working as custodians in the offices of
their competition. Thus, custodial staffs should be carefully managed not only by
the organization’s general management, but also by IT management.

Interior Walls and Doors The security of information assets can sometimes be
compromised by the nature of the construction of the walls and doors of the facility.
The walls in a facility are typically of two types: standard interior and firewall. Building
codes require that each floor have a number of firewalls, or walls that limit the
spread of damage should a fire break out in an office. While the network firewalls
discussed in an earlier chapter isolate the logical sub-networks of the organization,
physical firewalls isolate the physical spaces of the organization’s offices. Between
the firewalls, standard interior walls compartmentalize the individual offices. Unlike
firewalls, these interior walls reach only part way to the next floor, which leaves a
space above the ceiling but below the floor of the next level up. This space is called
a plenum, and is usually one to three feet to allow for ventilation systems that can
inexpensively collect return air from all the offices on the floor. For security, however,
this design is not ideal, because it means that an individual can climb over the wall
from one office to the other. As a result, all high-security areas, such as computer
rooms and wiring closets, must have firewall-grade walls surrounding them. This
provides physical security not only from potential intruders, but also from fires.

Fire Security and Safety

The most important security concern is the safety of the people present in an
organization’s physical space—workers, customers, clients, and others. The most
serious threat to that safety is fire. Fires account for more property damage, personal
injury, and death than any other threat to physical security. As a result, it is
imperative that physical security plans examine and implement strong measures to
detect and respond to fires and fire hazards.
 Fire Detection and Response
Fire suppression systems are devices that are installed and maintained to detect
and respond to a fire, potential fire, or combustion danger situation. These systems
typically work by denying an environment one of the three requirements for a fire
to burn: temperature (ignition source), fuel, and oxygen.
While the temperature of ignition, or flame point, depends upon the material, it can
be as low as a few hundred degrees. Paper, the most common combustible in the
office, has a flame point of 451 degrees Fahrenheit (a fact that is used to dramatic
effect in Ray Bradbury’s novel Fahrenheit 451). Paper can reach that temperature
when it is exposed to a carelessly dropped cigarette, malfunctioning electrical
equipment, or other accidental or purposeful misadventures. Water and water mist
systems, which are described in detail in subsequent paragraphs, work both to
COURSE MODULE

reduce the temperature of the flame in order to extinguish it and to saturate some
types of fuels (such as paper) to prevent ignition. Carbon dioxide systems (CO2) rob
fire of

It’s oxygen. Soda acid systems deny fire its fuel, preventing the fire from spreading.
Gas-based systems, such as Halon and its Environmental Protection Agency-
approved replacements, disrupt the fire’s chemical reaction but leave enough
oxygen for people to survive for a short time. Before a fire can be suppressed,
however, it must be detected.
 Fire Detection Fire detection systems fall into two general categories: manual and
automatic. Manual fire detection systems include human responses, such as calling
the fire department, as well as manually activated alarms, such as sprinklers and
gaseous systems. Organizations must use care when manually triggered alarms are
tied directly to suppression systems, since false alarms are not uncommon.
Organizations should also ensure that proper security remains in place until all
employees and visitors have been cleared from the building and their evacuation
has been verified. During the chaos of a fire evacuation, an attacker can easily slip
into offices and obtain sensitive information. To help prevent such intrusions, fire
safety programs often designate an individual from each office area to serve as a
floor monitor. There are three basic types of fire detection systems: thermal
detection, smoke detection, and flame detection. Thermal detection systems
contain a sophisticated heat sensor that operates in one of two ways. Fixed
COURSE MODULE

temperature sensors detect when the ambient temperature in an area reaches a

predetermined level, usually between 135 degrees Fahrenheit and 165 degrees
Fahrenheit, or 57 degrees Centigrade to 74 degrees Centigrade.5 Rate-of-rise
sensors detect an unusually rapid increase in the area temperature within a
relatively short period of time. In either case, if the criteria are met, the alarm and
suppression systems are activated. Thermal detection systems are inexpensive and
easy to maintain. Unfortunately, thermal detectors usually don’t catch a problem
until it is already in progress, as in a full-blown fire. As a result, thermal detection
systems are not a sufficient means of fire protection in areas where human safety
could be at risk. They are also not recommended for areas with high value items or
items that could be easily damaged by high temperatures.

Fire Suppression Fire suppression systems can consist of portable, manual, or

automatic apparatus. Portable extinguishers are used in a variety of situations
where direct application of suppression is preferred, or fixed apparatus is
impractical. Portable extinguishers are much more efficient for smaller fires,
because triggering an entire building’s sprinkler systems can do a lot of damage.
Portable extinguishers are rated by the type of fire they can combat, as follows:
 Class A fires: Those fires that involve ordinary combustible fuels such as wood,
paper, textiles, rubber, cloth, and trash. Class A fires are extinguished by
agents that interrupt the ability of the fuel to be ignited. Water and
multipurpose dry chemical fire extinguishers are ideal for these types of fires.
 Class B fires: Those fires fueled by combustible liquids or gases, such as
solvents, gasoline, paint, lacquer, and oil. Class B fires are extinguished by
agents that remove oxygen from the fire. Carbon dioxide, multipurpose dry
chemical, and Halon fire extinguishers are ideal for these types of fires.
 Class C fires: Those fires with energized electrical equipment or appliances.
Class C fires are extinguished with non-conducting agents only. Carbon
dioxide, multipurpose dry chemical, and Halon fire extinguishers are ideal for
these types of fires. Never use a water fire extinguisher on a Class C fire.
 Class D fires: Those fires fueled by combustible metals, such as magnesium,
lithium, and sodium. Class D fires require special extinguishing agents and
techniques.
The Technical Details box on Halon and the EPA describes the ban on new
installations of Halon-based systems and lists the approved replacements.
COURSE MODULE
COURSE MODULE

A dry-pipe system is designed to work in areas where electrical equipment is used.

Instead of water, the system contains pressurized air. The air holds valves closed,
keeping the water away from the target areas. When a fire is detected, the sprinkler
heads are activated, the pressurized air escapes, and water fills the pipes and exits
through the sprinkler heads. This reduces the risk of accidental leakage from the
system. Some sprinkler system, called deluge systems, keep open all of the individual
sprinkler heads, and as soon as the system is activated, water is immediately applied
to all areas. This is not, however, the optimal solution for computing environments,
since there are other more sophisticated systems that can suppress the fire without
damage to computer equipment.
COURSE MODULE

A variation of the dry-pipe system is the pre-action system. This approach has a
two-phase response to a fire. Under normal conditions, the system has nothing in
the delivery pipes. When a fire is detected, the first phase is initiated, and valves
allow water to enter the system. At that point, the system resembles a wet-pipe
system.

The pre-action system does not deliver water into the protected space until the
individual sprinkler heads are triggered, at which time water flows only into the
area of the activated sprinkler head.

Water mist sprinklers are the newest form of sprinkler systems and rely on ultra-fine
mists instead of traditional shower-type systems. The water mist systems work like
traditional water system by reducing the ambient temperature around the flame,
therefore minimizing its ability to sustain the necessary temperature needed to
maintain combustion. Unlike traditional water sprinkler systems, however, these
systems produce a fog-like mist that, because the droplets are much less susceptible
to gravity, stays buoyant (airborne) much longer. As a result, a much smaller
quantity of water is required; also the fire is extinguished more quickly, which causes
 less collateral damage. Relative to gaseous systems (which are discussed shortly),
water-based systems are low cost, nontoxic, and can often be created by using an
existing sprinkler system that may have been present in earlier construction.

Gaseous Emission Systems Gaseous (or chemical gas) emission systems can be
used in the suppression of fires. They are often used to protect chemical and
electrical processing areas, as well as facilities that house computing systems. A
typical configuration of such systems is shown in Figure 9-4.
COURSE MODULE

Gaseous fire suppression systems are either self-pressurizing or must be pressurized

with an additional agent. Until recently there were only two major types of gaseous
systems: carbon dioxide and Halon. Carbon dioxide extinguishes a fire by removing
its supply of oxygen. Unfortunately, any living organisms that also rely on oxygen are
similarly extinguished. As a result, carbon dioxide systems are not commonly used in
residential or office environments where people or animals are likely to be present.
The alternative is Halon. Halon is one of a few chemicals designated as a clean
agent, which means that it does not leave any residue after use, nor does it interfere
with the operation of electrical or electronic equipment. As a result, Halon gas-
based systems are the preferred solution for computer rooms and communications
closets. Unlike carbon dioxide, Halon does not rob the fire of its oxygen but instead
relies on a chemical reaction with the flame to extinguish it. As a result, Halon is
much safer than carbon dioxide when people or animals are present. Although
Halon can cause suffocation like a carbon dioxide system, the dosage levels
required are much higher, and therefore Halon-based systems provide additional
time for people to exit areas. Because the EPA has classified Halon as an ozone-
depleting substance, new installations of the controlled types of Halon are
prohibited in commercial and residential locations. There are a number of
alternatives, as presented in Table 9-1 in the Technical Details box called Halon Q &
A although, as is often the case, the alternatives are reported to be less effective
than Halon.

A physical security plan requires that every building have clearly marked fire exits
and maps posted throughout the facility. It is important to have drills to rehearse fire
alarm responses and designate individuals to be in charge of escorting everyone
from the location and ensuring that no one is left behind. It is also important to have
fire suppression systems that are both manual and automatic, and that are
inspected and tested regularly.

Failure of Supporting Utilities and Structural Collapse

 Supporting utilities, such as heating, ventilation and air conditioning, power, water,
and other utilities, have a significant impact on the safe operation of a facility.
Extreme temperatures and humidity levels, electrical fluctuations and the
interruption of water, sewage, and garbage services can create conditions that
inject vulnerabilities in systems designed to protect information. Thus, each of these
utilities must be properly managed in order to prevent damage to information and
information systems.

Heating, Ventilation, and Air Conditioning

Although traditionally a facilities management responsibility, the operation of the
heating, ventilation, and air-conditioning (HVAC) system can have dramatic
impact on information and information systems operations and protection.
Specifically, the temperature, filtration, humidity, and static electricity controls must
COURSE MODULE

be monitored and adjusted to reduce risks to information systems.

Temperature and Filtration Computer systems are electronic, and as such are
subject to damage from extreme temperature and particulate contamination.
Temperatures as low as 100 degrees Fahrenheit can damage computer media, and
at 175 degrees Fahrenheit, computer hardware can be damaged or destroyed.
When the temperature approaches 32 degrees Fahrenheit, media are susceptible
to cracking and computer components can actually freeze together. Rapid
changes in temperature, from hot to cold or from cold to hot, can produce
condensation, which can create short circuits or otherwise damage systems and
components. The optimal temperature for a computing environment (and for
people) is between 70 and 74 degrees Fahrenheit. Properly installed and
maintained systems keep the environment within the manufacturer-recommended
temperature range. In the past it was thought necessary to fully filter all particles
from the air flow from the HVAC system. Modern computing equipment is designed
to work better in typical office environments, and thus the need to provide extensive
filtration for air-conditioning is now limited to particularly sensitive environments such
as chip fabrication and component assembly areas.

Humidity and Static Electricity Humidity is the amount of moisture in the air. High
humidity levels create condensation problems, and low humidity levels can
increase the amount of static electricity in the environment. With condensation
comes the short circuiting of electrical equipment and the potential for mold and
rot in paper-based information storage. Static electricity is caused by a process
called triboelectrification, which occurs when two materials make contact and
exchange electrons, and results in one object becoming more positively charged
and the other more negatively charged. When a third objects with an opposite
charge or ground is encountered, electrons flow again, and a spark is produced.
One of the leading causes of damage to sensitive circuitry is electrostatic discharge
(ESD). Integrated circuits in a computer are designed to use between two and five
volts of electricity; any voltage level above this range introduces a risk of microchip
damage. Static electricity is not even noticeable to humans until levels approach
1,500 volts, and the spark can’t be seen until the level approaches 4,000 volts.
Moreover, a person can generate up to 12,000 volts of static current by merely
walking across a carpet. Table 9-2 shows some static charge voltages and the
damage they can cause to systems.
 Ventilation Shafts While the ductwork in residential buildings is quite small, in large
COURSE MODULE

commercial building, it may be large enough for a person to climb through. This is
one of Hollywood’s favorite methods for villains or heroes to enter buildings, but
these ventilation shafts aren’t quite as negotiable as the movies would have you
believe. In fact, with moderate security precautions, these shafts can be completely
eliminated as security vulnerability. In most new buildings, the ducts to the individual
rooms are no larger than 12 inches in diameter and are flexible, insulated tubes. The
size and nature of the ducts precludes most people from using them, but access
may be possible via the plenum. If the ducts are much larger, the security team can
install wire mesh grids at various points to compartmentalize the runs.

Power Management and Conditioning

Electrical power is another aspect of the organization’s physical environment that
is usually considered within the realm of physical security. It is critical that power
systems used by information-processing equipment be properly installed and
correctly grounded. Interference with the normal pattern of the electrical current is
referred to as noise. Because computers sometimes use the normal 60 Hertz cycle
of the electricity in alternating current to synchronize their clocks, noise that
interferes with this cycle can result in inaccurate time clocks or, even worse,
unreliable internal clocks inside the CPU.

Grounding and Amperage Grounding ensures that the returning flow of current
is properly discharged to the ground. If the grounding elements of the electrical
system are not properly installed, anyone touching a computer or other electrical
device could become a ground source, which would cause damage to equipment
and injury or death to the person. Computing and other electrical equipment in
areas where water can accumulate must be uniquely grounded, using ground fault
circuit interruption (GFCI) equipment. GFCI is capable of quickly identifying and
interrupting a ground fault—that is, a situation in which a person has come into
contact with water and becomes a better ground than the electrical circuit’s
current source.

Uninterruptible Power Supply (UPS) The primary power source for an organization’s
computing equipment is most often the electric utility that serves the area where
the organization’s buildings are located. This source of power can experience
interruptions. Therefore, organizations should identify the computing systems that
are critical to their operations (in other words, the systems that must continue to
operate during interruptions) and make sure those systems are connected to a
device that assures the delivery of electric power without interruption—that is, an
uninterruptible power supply (UPS).
 The capacity of UPS devices is measured using the volt-ampere (or VA)
power output rating. UPS devices typically run up to 1,000 VA and can be
engineered to exceed 10,000 VA. A typical PC might use 200 VA, and a
server in a computer room may need 2,000 to 5,000 VA, depending on how
much running time is needed.
 A standby or offline UPS is an offline battery backup that detects the
interruption of power to the equipment and activates a transfer switch that
provides power from batteries, through a DC to AC converter, until the
power is restored or the computer is shut down.
  A ferroresonant standby UPS improves upon the standby UPS design. It is still
an offline UPS, with the electrical service providing the primary source of
power and the UPS serving as a battery backup.
 The line-interactive UPS has a substantially different design than the
previously mentioned UPS models. In line-interactive UPSs, the internal
components of the standby models are replaced with a pair of inverters and
converters.
 In a true online UPS, the primary power source is the battery, and the
power feed from the utility is constantly recharging this battery.
COURSE MODULE

Selecting the best UPS can be a lesson in electrical engineering, because you must
calculate the load that the protected systems require from the UPS. This can be
quite complex and proves challenging in practice. Fortunately, many UPS vendors
provide sample scenarios that can help you select the optimal device. Because a
high-quality UPS may cost several thousand dollars, it is advisable to select the
smallest UPS necessary to provide the desired effect. To calculate manually the
rating needed in a UPS, you should begin by reviewing the computer systems and
all connected support equipment to be protected. For example, the back panel of
a monitor may indicate that the monitor is rated at 110 volts and 2 amps. Since volts
times amps yields the power needs of a device, to calculate the power you need
to run this device, you multiply 110 by 2; the production of this equation is the rating
of the monitor, 220 VA. Now suppose the computer draws 3 amps at 110 volts, and
 therefore has a rating of 330 VA. Together the total is 550 VA. Once you have this
information, you can select a UPS capable of supporting this power level. Generally,
UPS systems provide information on how long they would run at specific VA levels.
Some smaller-scale UPSs can run for approximately six minutes at 600 VA at full
voltage. You should look for a UPS that provides enough time for the computing
equipment to ride out minor power fluctuations, and for the user to shut down the
computer safely if necessary.

Emergency Shutoff One important aspect of power management in any

environment is the ability to stop power immediately should the current represent a
risk to human or machine safety. Most computer rooms and wiring closets are
equipped with an emergency power shutoff, which is usually a large red button that
is prominently placed to facilitate access, and has a cover to prevent unintentional
COURSE MODULE

use. These devices are the last line of defense against personal injury and machine
damage in the event of flooding or sprinkler activation. The last person out of the
computer room hits the switch to stop the flow of electricity to the room, preventing
the water that might be used to extinguish the fire from short-circuiting the
computers. While it is never advisable to allow water to come into contact with a
computer, there is a much higher probability of recovering the systems if they were
not powered up when they got wet. At a minimum, hard drives and other sealed
devices may be recoverable. Some disaster recovery companies specialize in
water damage recovery.

Water Problems
Another critical utility infrastructure element is water service. On the one hand, lack
of water poses problems to systems, including fire suppression and air-conditioning
systems. On the other hand, a surplus of water, or water pressure, poses a real threat.
Flooding, leaks, and the presence of water in areas where it should not be is
catastrophic to paper and electronic storage of information. Water damage can
result in complete failure of computer systems and the structures that house them.
It is therefore important to integrate water detection systems into the alarm systems
that regulate overall facilities operations.

Structural Collapse
Unavoidable environmental factors or forces of nature can cause failures in the
structures that house the organization. Structures are designed and constructed
with specific load limits, and overloading these design limits inevitably results in
structural failure. Personal injury and potential for loss of life are also likely. Scheduling
periodic inspections by qualified civil engineers will enable managers to identify
potentially dangerous structural conditions before the structure fails.

Maintenance of Facility Systems

Just as with any phase of the security process, the implementation of the physical
security phase must be constantly documented, evaluated, and tested; once the
physical security of a facility is established, it must be diligently maintained. Ongoing
maintenance of systems is required as part of the systems’ operations.
Documentation of the facility’s configuration, operation, and function should be
integrated into disaster recovery plans and standard operating procedures. Testing
provides information necessary to improve the physical security in the facility and
identifies weak points.

Interception of Data
There are three methods of data interception: direct observation, interception of
data transmission, and electromagnetic interception. The first method, direct
observation, requires that an individual be close enough to the information to
breach confidentiality. The physical security mechanisms described in the previous
sections limit the possibility of an individual accessing unauthorized areas and
directly observing information. There is, however, a risk when the information is
removed from a protected facility. If an employee is browsing documents over
 lunch in a restaurant or takes work home, the risk of direct observation rises
substantially. A competitor can more easily intercept vital information at a typical
employee’s home than at a secure office. Incidences of interception, such as
shoulder surfing, can be avoided if employees are prohibited from removing
sensitive information from the office or required to implement strong security at their
homes.

Mobile and Portable Systems

Mobile computing requires even more security than the average in-house system.
Most mobile computing systems—laptops, handhelds, and PDAs—have valuable
corporate information stored within them, and some are configured to facilitate
user access into the organization’s secure computing facilities. Forms of access
include VPN connections, dial-up configurations, and databases of passwords. In
COURSE MODULE

addition, many users keep the locations of files and clues about the storage of
information in their portable computers. Many users like the convenience of
allowing the underlying operating systems to remember their usernames and
passwords because it provides easier access and because they frequently have
multiple accounts, with different usernames and passwords, to manage. While it is
tempting to allow operating systems to enable easier access to frequently used
accounts, the downside of setting up these arrangements on a portable system is
obvious: loss of the system means loss of the access control mechanisms.

For maximum security, laptops should be secured at all times. If you are traveling
with a laptop, you should have it in your possession at all times. Special care should
be exercised when flying, as laptop thefts are common in airports. The following list
comes from the Metropolitan Police of the District of Columbia and outlines steps
you can take to prevent your laptop from being stolen or carelessly damaged:

 Don’t leave a laptop in an unlocked vehicle, even if the vehicle is in your

driveway or garage, and never leave it in plain sight, even if the vehicle is
locked—that’s just inviting trouble. If you must leave your laptop in a vehicle,
the best place is in a locked trunk. If you don’t have a trunk, cover it up and
lock the doors.
 Parking garages are likely areas for thefts from vehicles, as they provide
numerous choices and cover for thieves. Again, never leave your laptop in
plain sight; cover it or put it in the trunk.
 Do be aware of the damage extreme temperatures can cause to
computers.
COURSE MODULE

 Carry your laptop in a nondescript carrying case, briefcase, or bag when

moving about. Placing it in a case designed for computers is an immediate
alert to thieves that you have a laptop.
 Going to lunch or taking a break? Don’t leave a meeting or conference
room without your laptop. Take it with you, or you run the risk that it won’t be
there when you return.
 Lock the laptop in your office during off-hours. Don’t have your own office?
Use a cable lock that wraps around a desk or chair leg, or put the laptop in
a locked closet or cabinet.
 Don’t let unaccompanied strangers wander around in your workplace.
Offer assistance and deliver the visitors to their destinations.
 Apply distinctive paint markings to make your laptop unique and easily
identifiable. Liquid white-out is a good substance to apply.
 Consider purchasing one of the new theft alarm systems specially made for
laptops.
 Be aware that if your computer is stolen, automatic logins can make it easy
for a thief to send inappropriate messages with your account.
 Back up your information on disks today, and store the disks at home or the
office.

Remote Computing Security

Remote site computing, which is becoming increasingly popular, involves a wide
variety of computing sites that are distant from the base organizational facility and
includes all forms of telecommuting. Telecommuting is off site computing that uses
Internet connections, dialup connections, connection over leased point-to-point
links between offices, and other connection mechanisms.

Special Considerations for Physical Security

There are a number of special considerations to take into account when
developing a physical security program. The first of these is the question of whether
to handle physical security in house or to outsource it. As with any aspect of
information security, the make-or-buy decision should not be made lightly. There are
a number of qualified and professional agencies that provide physical security
consulting and services. The benefits of outsourcing physical security include
gaining the experience and knowledge of these agencies, many of which have
been in the field for decades. Outsourcing unfamiliar operations always frees an
organization to focus on its primary objectives, rather than support operations. The
downside includes the expense, the loss of control over the individual components
of the physical security solution, and the need to trust another company to perform
an essential business function.

Inventory Management
 Like other organizational resources, computing equipment should be inventoried
and inspected on a regular basis. The management of computer inventory is an
important part of physical security. How else can corporate security know if an
employee has been pilfering computer supplies or a former employee has taken
organizational equipment home? Similarly, classified information should also be
inventoried and managed. In the military, whenever a classified document needs
is reproduced, a stamp is placed on the original before it is copied. This stamp states
the document’s classification level and the text imprint “of” so that the person
making the copies can mark the sequence number for each copy as well as the
total number of copies being made. If, for example, twenty-five copies are to be
made, the person responsible for copying the document writes “26” in the right
blank, makes copies, and then numbers them. Why 26 and not 25? The original is
always document number one. After the numbering, each classified copy is issued
COURSE MODULE

to the assigned person, who signs for it. While this procedure may be overkill for most
organizations, it does ensure that the inventory management of classified
documents is secure at all times. Also, the formality of having to sign for a document
cements its worth in the mind of the recipient.
 Reference

COURSE MODULE  Principles-of-Information-Security-4th-ed.-Michael-E.-Whitman