Free sample essay on The Importance of Physical Security:
The importance of physical security cannot be understated because it ranges from issues of outright theft of a system or key storage component to intervention with the boot drive during startup. Physical security is the basis of computer security. The two main topics of physical security are protection against natural risks and malicious attacks.
Natural risks are the most common threats to computer physical security. Power interruption may be hard to recover from. Sometimes it may result in permanent system damage, since electronic components are not designed to absorb sudden power fluctuations. UPS (uninterrupted power supply), surge protectors, alternative power generators are possible security measures although many times their effectiveness goes untested.
Use of chemical fire suppressants such as halon or smoke detectors and sprinklers are possible security measures. Chemical fire suppressants like halon can be tricky to use because we want to be able to evacuate people easily, but we also want to seal the room to keep the halon contained. When using water sprinklers to put out fires we have to make sure that the water from the sprinklers will not wet the systems, as this may cause electrical damage or water damage.
Lightning during storms can be very damaging. Using surge protectors alone may not protect against surges of these magnitudes. The increase of waterfall during storms can critically overload pipes and cause them to rupture. There are two distinctions to be made between raising waters and falling waters. The first can happen in case of flood for example. Systems should be placed in high stands and possibly in higher floors of buildings, not in the basement. Falling waters may happen because of leakage during heavy storms or because of fire alarm sprinklers. The easiest form of protection in this case is lot of plastic sheets. The use of foam fire extinguishers instead of water ones would be safer as well.
People or animals may create communications interruption. To protect against accidental severance of communication lines, duplicate lines at different sites are needed. Operator errors such as coffee or coke spills and accidental file deletion are very common. Errors such as mounting the wrong tapes or accidentally hitting the wrong key can also occur.
The previous security measures together with a backup system kept offsite would be ideal. In order to quickly restart the computer system first of all we need up to date backups. The backups should be kept in a separate place possibly miles away. In some cases a cold site may be needed. A cold site is a facility with power, cooling and network connections available to install a computer system. For more critical task hot sites may be required. A hot site is a facility with a computer system ready to run and be used. The cost of maintaining a hot site is high. Many types of backups are possible- daily, weekly, and monthly, as well as full, incremental, and differential. Backups can be used either for quick restart or restoration of damaged systems, as well as for record keeping and tracking purposes. Backups should be separately stored in a secure place away from the system. Backups should be regularly tested to make sure that the data on the backups are intact. Also backups may contain sensitive information so they should be protected since they provide an attacker with a potential entry point to private data other than the computer system itself.
Preventing malicious attacks where attackers need to get close to mount the attack. Here are some reasons why someone might want to attack you:
- Financial gain
- Disgruntled employee seeking revenge
- You are the first available target
- Gain fame
- As a diversion
Physical access control walls and fences define the security perimeter, while guards and locks enforce access control policy. Only authorized users may enter the perimeter. Possible security leaks include:
- Masquerading: A person disguised as an authorized user. This can be done using forged IDs or pretending to be a repairman.
- Piggy-backing A person who enters the security perimeter by following an authorized user.
- Lock-picking: Any locked can be picked. However, many times the easiest way is simply to go through dropped ceilings or removing the hinges from door.
Possible solutions to these attacks include:
- Safes, doors with special locks are useless unless the keys are hard to duplicate and obtain.
- Motion detectors. These devices should be turned on when no one should be in the area.
- Backups. Maintaining system and data backups is fundamental. Securing valuable information through regular backups is the best defense against a natural disaster, a runaway virus, or a hack job.
- Limit physical access to the Boot CD-ROM and Floppy Drives. Physical access to a floppy drive or CD-ROM on a domain controller invites intrusion. It is possible to use boot disks get system access. Turn these features off in the BIOS and password-protect.