Chapter 8

Physical Security
Mrs. Shaikha Ali
Instructor, IS –CIT
Office: S40-2035
Learning Objectives
■ Describe how physical security directly affects computer and network
security
■ Discuss steps that can be taken to help mitigate risks
■ Describe the physical security components that can protect your
computers and network
■ Identify environmental factors that can affect security
■ Identify the different types of fires and the various fire suppression
systems designed to limit the damage caused by fires
■ Explain electronic access controls and the principles of convergence
■ Prevent disclosure through electronic emanations
Introduction
• Physical security consists of all mechanisms used to ensure that
physical access to the computer systems and networks is restricted to
only authorized users.
• Additional physical security mechanisms may be used to provide
increased security for especially sensitive systems such as servers as
well as devices such as routers, firewalls, and intrusion detection
systems.
• Physical security is important to computer security, because in many
cases, if an attacker gains physical access, they can steal data and
destroy the system.
 The Security Problem
Physical access can directly affect network security:
• Physical access defeats all network security protections.
• Bootdisks allow file system access.
• Drive imaging is simple to accomplish with physical access.
• Access to the internal network is simple with physical
access.
• Theft of hardware can be an attack in and of itself.
• Physically securing information assets doesn’t mean just
the servers; it means protecting physical access to all the
organization’s computers and its entire network
infrastructure.
 The Security Problem (Cont.)
Steps that can be taken to help mitigate risks:
• Disabling media drives when they are unnecessary can help mitigate
bootdisk attacks.
• Removal of CD-ROM devices also makes physical access attacks more
difficult.
• BIOS passwords should be used to protect the boot sequence.
• USB devices are a threat; if possible, USB drivers should be removed.
• All users need security training.
• Authentication systems should use multiple factors when feasible.
 Physical Security Safeguards
1. Walls and Guards
2. Lights and Signage
3. Physical Access Controls and Monitoring
4. Electronic Access Control Systems
5. Policies and Procedures
1. Walls and Guards
• The primary defense against a majority of physical attacks is the barriers
between the assets and a potential attacker—walls, fences, gates, and
doors.
• Some organizations also employ full- or part-time private security staff
to attempt to protect their assets.
• Walls provide barriers to physical access to company assets. If you are
going to use a wall to protect an asset, make sure no obvious holes
appear in that wall.
• Guards provide an excellent security measure because they are a visible
presence with direct responsibility for security.
• Guards typically monitor entrances and exits and can maintain access
logs of who has entered and departed the building.
2. Lights and Signage

• Unlit or dimly lit areas allow intruders to lurk and conduct unauthorized
activities without a significant risk of observation by guards or other
personnel.
• External building lighting is important to ensure that unauthorized
activities cannot occur without being observed and responded to.
• Internal lighting enables more people to observe activities and see
conditions that are not correct.
• Signs (signage) act as informational devices and can be used in a variety
of ways to assist in physical security.
• Signs can provide information as to areas that are restricted, or they can
indicate where specific precautions, such as keeping doors locked, are
required.
2. Lights and Signage (Cont.)
• Alarms serve to alert operators to abnormal conditions. Physical
security can involve numerous sensors, intrusion alarms, motion
detectors, switches that alert to doors being opened, video and audio
surveillance, and more.
• When one of these systems has information that can be of use to
operational personnel, an alarm is the easiest method of alerting
personnel to the condition.
• Alarms are not simple; if there are too many alarm conditions,
especially false alarms, then the operators will not react to these
conditions as desired. Tuning alarms so that they provide useful,
accurate, and actionable information is important if you want them to
be effective.
3. Physical Access Controls and Monitoring
• Physical access control means control of doors and entry points.
1. Physical locks: high-security locks have been designed to defeat attacks.
Another common feature of high-security locks is key control, which
refers to the restrictions placed on making a copy of the key.
2. Layered access systems: to help prevent an attacker from gaining access
to important assets, these assets should be placed inside multiple
perimeters. (Ex: a combination of the card and a separate PIN code
would be required to open the door to the server room).
3. Electronic access control systems: (to be discussed in the next slide)
4. Closed-circuit television (CCTV) systems: CCTV cameras are used to
monitor a workplace for security purposes. These systems are used in
places with high-value merchandise that is attractive to thieves (Ex: in
banks).
4. Electronic Access Control Systems
• Access tokens: are defined as “something you have.”
• An access token is a physical object that identifies specific access rights.
• Access tokens are frequently used for physical access solutions, just as your
house key is a basic physical access token that allows you access into your
home.
• Keys have several limitations:
• Keys are paired exclusively with a lock or a set of locks, and they are not easily
changed.
• It is easy to add an authorized user by giving the user a copy of the key, but it
is far more difficult to give that user selective access unless that specified area
is already set up as a separate key.
• It is also difficult to take access away from a single key or key holder, which
usually requires a rekey of the whole system.
• Examples: Tokens/Cards, and biometrics.
5. Policies and Procedures
• Physical security policies and procedures relate to two distinct areas:
1. Those that affect the computers themselves
• To combat the threat of bootdisks, begin by removing or disabling the ability
of a system to automatically play connected devices, such as USB flash drives.
• Other activities that typically require physical presence should be protected,
such as access to a system’s BIOS at bootup.
2. Those that affect users.
• The outright theft of a computer is a simple physical attack. This attack can be
mitigated in a number of ways, but the most effective method is to lock up
users’ workstation immediately before they step away from it.
Environmental Controls
• The availability of information is important. Controlling a data center’s
temperature and humidity is important to keeping servers running.
• Servers can generate large levels of heat, and managing the heat is the job of the
environmental control.
• Heating, ventilating, and air conditioning (HVAC) systems are critical for keeping
data centers cool, because typical servers put out between 1000 and 2000 BTUs
of heat.
• The temperature of a data center should be maintained between 70- and 74-
degrees Fahrenheit (°F).
• If the temperature is too low, it may cause mechanisms to slow down.
• If the temperature is too high, it may cause equipment damage.
• The temperature damaging points of different products are:
■ Magnetic media: 100OF ■ Computer hardware: 175OF ■ Paper products: 350OF
Fire Suppression
• The goal obviously should be never to have a fire
• In the event that a fire does occur, it is important that mechanisms
are in place to limit the damage the fire can cause.
1. Water-Based Fire Suppression Systems
2. Halon-Based Fire Suppression Systems
3. Clean-Agent Fire Suppression Systems
4. Handheld Fire Extinguishers
5. Fire Detection Devices
Fire Suppression (Cont.)
1. Water-Based Fire Suppression Systems
• The primary tool to address and control structural fires.
• The electrical equipment found in today’s office environment does not react well
to large applications of water
• Different measures to minimize the damage to electronic equipment exposed to
water:
■ Open cabinet doors, remove side panels and covers, and pull-out chassis drawers to allow
water to run out of equipment.
■ Set up fans to move room-temperature air through the equipment for general drying. Move
portable equipment to dry, air-conditioned areas.
■ Use compressed air at no higher than 50 psi to blow out trapped water.
■ Use handheld dryers on lowest setting to dry connectors, backplane wire wraps, and printed
circuit cards.
■ Use cotton-tipped swabs for hard-to-reach places. Lightly dab the surfaces to remove residual
moisture.
Fire Suppression (Cont.)

2. Halon-Based Fire Suppression Systems

• Halon interferes with the chemical combustion present in a fire.
3. Clean-Agent Fire Suppression Systems
• These alternatives are known as clean-agent fire suppression systems,
because they not only provide fire suppression capabilities but also
protect the contents of the room, including people, documents, and
electronic equipment.
• Examples of clean agents include carbon dioxide, argon, and Inergen.
Fire Suppression (Cont.)
4. Handheld Fire Extinguishers
• The correct use of Handheld extinguishers in offices must be understood or else
disaster can occur.
• All fire extinguishers should be easily accessible and should be clearly marked.
• Before anybody uses an extinguisher, they should know what type of extinguisher
it is and what the source of the fire is.
5. Fire Detection Devices
• An essential complement to fire suppression systems and devices are fire
detection devices (fire detectors).
• Detectors may be able to detect a fire in its very early stages, before a fire
suppression system is activated, and sound a warning that potentially enables
employees to address the fire before it becomes serious enough for the fire
suppression equipment to kick in.
Electromagnetic Environment
• With the appropriate equipment, the exact image of what is being
displayed on a computer monitor can be re-created some distance
away by picking up and then decoding the electromagnetic
interference produced by the monitors, allowing eavesdroppers to
view what you are doing.
Preventing disclosure through electronic emanations:
• Providing a lot of distance between the system you wish to protect
and the closest place an eavesdropper could be is one way to protect
against eavesdropping on electronic emanations.
• Devices can also be shielded so that their emanations are blocked.
Power Protection
• Computer systems require clean electrical power, and for critical systems,
uninterrupted power can be important as well.
• Elements used to manage the power to systems:
• Uninterruptible Power Supply (UPS): is used to protect against short duration
power failures.
• Backup Power and Cable Shielding: A backup power source (e.g., motor
generator) is used to protect against a long-duration power failure. Cable
shielding can also be employed to avoid interference.
• Generator: are used to provide power when normal sources of electricity are
lost.
• Dual Supply: Individual pieces of equipment have power supplies in them to
convert the line power in the facility to the voltages and currents used by the
devices. In cases where a minor outage is okay, having spare power supplies that
can be replaced offline works.
• Managed Power Distribution Units (PDUs): is a device designed to handle the
electrical power for server racks.
Drones/UAVs
• Drones and unmanned aerial vehicles (UAVs) have become a
common thing in the past couple of years.
• Interesting use cases for both offense and defense in cybersecurity:
• Home/hobbyist models that can carry a small camera.
• Larger industrial rigs that can carry larger cameras for longer
periods
• Drones used by railroads to inspect tracks
• Drones used by electric companies to inspect lines.
Chapter 8 Summary
After reading this chapter, you should be able to:
• Describe how physical security directly affects computer and network
security
• Discuss steps that can be taken to help mitigate risks
• Describe the physical security components that can protect your
computers and network
• Identify environmental factors that can affect security
• Identify the different types of fires and the various fire suppression systems
designed to limit the damage caused by fires
• Explain electronic access controls and the principles of convergence
• Prevent disclosure through electronic emanations
End of Chapter 8