Compare & Contrast Physical & Environmental Security Controls -Quick Guide
Last updated on 15th Jul 2020, Blog, General
- Fire suppression
- EMI shielding
- Hot and cold aisles
- Environmental monitoring
- Temperature and humidity controls
In this topic, you will learn about Environmental Controls. Environmental controls are a form of physical security. They are usually implemented while designing a network. The factors to be considered when deciding different environmental controls are:
- Temperature and humidity
- Airborne dust and debris
- Food and drink near sensitive equipment
- Strong magnetic fields
- Electromagnetic fields and Radio Frequency Interference or RFI
- Conditioning the power supply
- Static electricity
- Accurate fire detection and suppression
We will highlight different technologies and techniques to secure the environment and physical space of your infrastructure. Heating, Ventilating, and Air Conditioning or HVAC management is extremely important in an electronic environment like IT. The most important factors are temperature and humidity. In a task-oriented server room, temperature should be maintained at a chosen point to support optimal system operation. In an organization, the preferred optimal temperature level is always in the mid-60s. High humidity may lead to corrosion, and low humidity leads to static discharge. Ideally, humidity levels should always be in the range of 40 to 60 percent.Physical Security
In this topic, you will learn about Physical Security. Physical security is the ignored aspect of security, but a vital one considering the security measures. As a Security Administrator, you need to focus on reducing unauthorized access to data and devices within your network. Also, secure these sensitive resources in all possible ways. This can be accomplished using various mechanisms including prevention, deterrence, and detection. If you want to confirm the accurate physical security, you need to design the layout of your physical environment. This would help you allocate equipment to secured locations, which can be controlled and thoroughly monitored. With strong physical security, you can identify some computers and networks that are important or mission-critical. Physical security includes things like fences and cameras. Servers and mission-critical equipment should be separated and positioned in dedicated equipment rooms with additional security. While managing such equipment rooms, it is important to adhere to the following physical fundamental rules.
- No Windows
- No Drop Ceiling
- Should remain locked at all times
- Authorization is mandatory for anyone entering the room
- Should be monitored at all times
Physical barriers or separation should be placed in each part of the building to avoid attack on sensitive information. This should start with the building with fences. Also concrete barriers should be installed in the parking lot.
Types of Physical Security Locks
In this topic, you will learn the different types of Physical Security Locks. Till now we focused on the barriers used to protect your environment. Now, how would an authorized user pass these security measures? The answer is: You can use a secured unlock pattern that allows only authorized people to access the premises. Doors and gates should always have some unlock pattern that would help people gain access to the desired environment. The common example of this security measure is lock and key, where only authorized users possess the keys. When you choose locks, first ensure they are resistant to lock picking and other forms of criminal entry. The doors are often linked to retinal or biometric scan, which unlocks the door only to an authorized user. Some locks have token or card keys that scan to authenticate the user. These cards come with Electronic Access Controls or EAC systems, which is a door locking and access system that uses an electromagnet to open and close the door. It accepts access credentials and sensors to ensure the door re-closes within a reasonable timeframe. A mantrap is a form of high-security entrance device. There are some high security environments that employ mantraps to secure the most sensitive, dangerous, or valuable areas of the facility. Mantraps consists of two doors.Alarms
Alarms come in varieties. IDS and IPS are systems designed to detect intrusions and raise an alarm. These are digital alarms that notify the administrator of a network intrusion. Any sort of intrusion detection system is only effective when it works along with an intrusion alarm. An alarm notifies the authorities about a breach in physical security. Two things cause intrusion detection and alarms to fail: Power and Communications. If the device that communicates with the administrator or authorities does not function, the alarm cannot be triggered. Also, if there is no power for the device to detect intrusion, the alarm can’t be triggered. Thus, a reliable detection and alarm system includes a heartbeat sensor for line supervision. It is a device by which the communication pathway is either constantly or periodically checked using a test signal. Now let’s see some commonly used alarm types.
- Deterrent Alarms: These alarms assist deterrents, and increase security by adding additional locks, or automatically shutting doors. Anything that makes a detected intrusion difficult can be referred to as deterrent alarms.
- Repellant Alarms: These are usually the ones that trigger a siren or an audible bell, or turn the lights on, or otherwise draw attention to the intrusion activity. Such alarms intend to create panic among the attackers, and to prevent their progress.
- Notification Alarms: These alarms silently notify the authorities of an existing intrusion. Moreover, you can attach recording devices that create and manage log files to notification alarms.
- Local Alarm Systems: These alarm systems broadcast an audible alarm signal that can easily be heard up to 400 feet away
In this topic, you will learn about the different Control Types. Controls are used to spot risks of all nature. An ideal method of prevention is to stop the risk or its possibility right at the beginning. However, this is not always possible. So, controls can be set to mitigate and minimize risk, its impact, and the overall damage or interruption to the systems or network. In this topic, we will review the different control types, and compare their importance with respect to physical and network security. The deterrent access control discourages the violation of security, and this control type is similar to the preventative type. Deterrents depend on the individual deciding not to perform a malicious act, rather than the implemented preventative control.
For Example: Policies, Awareness Training, Locks, Fences, Security badges, Guards, Mantraps, and Security Cameras. The preventative access controls are deployed to stop unwanted activity. These react to unauthorized access or users to stop the attempted intrusion or incident.
Common examples of physical preventative access controls include:
- Security Cameras
- Penetration Testing
- Alarm Systems
- Smart Cards
- Awareness Training
- AV Software
The detective access control is deployed to discover or detect an unauthorized activity, usually after occurrence.