Physical/Environmental Security
{`
Kelly School of Business
Indiana University
Information Systems Graduate Programs
`}
Goals of Physical Security
- Deter
- Delay
- Detect
- Assess
- Respond
Threats to Physical Security
- Natural/Environmental threats
- Hurricanes, tornados, earthquakes, forest fires, floods
- Utility systems
- Electrical, communications
- Malicious threats/Human-made/Political events
- Physical attacks, sabotage, vandalism, arson, theft, riots
- Accidental threats
- Done by insiders inadvertently
Sites
- Location
- Rural vs. Urban location
- Full ownership of facility vs. partial ownership
- Geographical location and possibility of natural disasters
- Site construction and planning
- Crime Prevention through Environmental Design (CPTED)
- Used by architects, city planners, and security professionals as a crime reduction technique that has several key elements applicable to the analysis of the building function and site design against physical attack
- Examples
- Using a single, clearly identifiable, point of entry
- Using climbing thorny plants next to fences to discourage intrusion
Layered Defense Model
Procedural Controls
- Guard post
- Checking/escorting visitors
- Managing deliveries
- Security zones and restricted work areas in buildings
- Security for communication links
Infrastructure Support
- Fire prevention, detection, suppression
- Fire and smoke detection systems
- Fire suppression systems
- Dry pipe vs. wet pipe systems
- Boundary protection
- Perimeter walls, fences
- Vehicle and personnel entry and exit gateways
Building Entry Points
- Keys and locking systems
- Walls, doors and windows
- Access controls
- CCTV
- Intrusion detection systems (for physical intruders)
- Portable device security
- Asset and risk registers
Information Protection and Management Services
- Managed services
- Audits, drills, exercises and testing
- Vulnerability and pen tests
- Maintenance and service issues
- Education, training, awareness
Summary
