5.1 Physical Security
5.1.1 Access Control
126.96.36.199 Physical Barriers
5.1.2 Social Engineering
188.8.131.52 Fire Suppression
Keeping computers and networks secure involves more than just the technical aspects of the systems and networks. You must address the physical environment and the business as it exists. This involves evaluating the physical security, social engineering issues, and environmental issues. All of these issues require a balanced response from both a technical perspective and a business perspective.
This chapter will help you understand the importance of physical security measures, such as access controls, physical barriers, and biometric systems. It also covers social engineering and the environment that your systems need to be safe and operational.
Finally, this chapter also covers business issues including planning, policies, standards, guidelines, security standards, and information classification.
These business issues exceed the scope of the Security
exam. They are intended to give you a
Physical security measures prevent your systems from being accessed in unauthorized ways, primarily preventing an unauthorized
Most networked systems have developed high levels of sophistication and security from outside intruders. However, these systems are
The following section discusses the aspects of physical security that affect your environment, including access controls, social engineering, and the environment.
is a critical part of physical security. Systems must
A key aspect of access control involves
. The objective of a physical barrier is to prevent access to computers and network systems. The most effective physical barrier
Figure 6.1: The three-layer security model
Although these three barriers will not always stop an intruder, they will
Figure 6.2: A mantrap in action
Once inside the facility, additional security and authentication may be required for further entrance. A mantrap makes it difficult for a facility to be overwhelmed, as the mantrap only allows one or two people into the facility at a time. A properly developed mantrap includes bulletproof glass, high-strength doors, and locks. The purpose of the mantrap is to physically contain a potentially
Perimeter security , whether physical or technological, is the first line of defense in your security model. In the case of a physical security issue, the intent is to prevent unauthorized access to resources inside a building or facility.
The network equivalent of physical perimeter security is intended to accomplish for a network what perimeter security does for a building. How do you keep unauthorized intruders from gaining access to systems and information in the network through the network?
In the physical environment, this is accomplished using locks, doors, surveillance systems, and alarm systems. This is not functionally any different from a network, which uses border routers, intrusion-detection systems, and firewalls to prevent unauthorized access. Figure 6.3 illustrates the systems used to prevent network intrusion.
Figure 6.3: Network perimeter defense
Very few security systems can be implemented that do not have weaknesses or vulnerabilities. A determined intruder can, with patience,
If you wanted to prevent intruders from entering your building, you could install improved door locks, coded alarm systems, and magnetic contacts on doors and
Recently, a small business noticed that its network traffic seemed to be very high in the late evening and early morning. The business could not find a network reason for why this was happening. Upon investigation, the security consultant found that a
The investigation discovered that the employee and a friend had figured out a way to slide a piece of cardboard under one of the external doors. This activated the door mechanisms and unlocked them. This allowed the employee to access the building after hours. The door locks were designed to automatically unlock when someone was leaving the building. The intruders took advantage of this weakness in the doors to gain access.
is an area in a building where access is individually monitored and controlled. A large network, such as a large physical plant, can have many areas that require restricted access. In a building, floors, sections of floors, and even offices can be broken down into smaller areas. These smaller zones are referred to as security zones. In the physical environment, each floor is broken into two separate zones. An alarm system that identifies a zone of intrusion can
The networking equivalent of a security zone is a network security zone. They perform the same function. If a smaller network's sections are created, each zone can have its own security considerations and measures—just like a physical security zone. Figure 6.4 illustrates a larger network being broken down into three smaller zones. Notice that the first zone also contains a smaller zone where high-security information is stored. This allows
Figure 6.4: Network security zones
a network is functionally the same as partitioning a building. In a building, walls exist to direct pedestrian flow, provide access control, and separate functional areas. This process allows information and property to be kept under physical lock and key. Partitions can either be temporary structures or they can be permanent. Hallways in an office building are usually built differently from internal office space. Hallways are usually more flame resistant, and they are referred to as fire corridors. These corridors allow people in the building to escape in the event of a fire. Fire corridor walls go from the floor to the ceiling, where internal walls can stop at the ceiling. Most office
Network partitioning accomplishes the same function for a network as physical partitioning does for a building. Buildings have physical walls, while network partitioning involves the creation of private networks within the larger networks. These partitions can be isolated from each other using routers and firewalls.
Therefore, while the network systems are all connected together using wire, the functional view is that of many smaller networks. Figure 6.5 shows a partitioned network. It is important to realize that unless a physical device (such as a router) separates these partitioned networks, all of the signals are shared across the wire. This accomplishes the same function as a hallway or locked door—from a purely physical perspective.
Figure 6.5: Network partitioning separating networks from each other in a larger network
You have been asked to evaluate your building's security system. The president chose you because you understand computers, and after all, these new alarm systems are computerized.
In evaluating the environment, you notice that the building has a single control panel for the whole building. A few motion detectors are located in the main hallway. Beyond that, no additional security
This situation is
Evaluate the building from a multi-tiered approach. Incorporate perimeter security, security zones, and surveillance where needed.
Biometric systems are those that use some kind of unique biological identifier to identify a person. Some of these unique identifiers include
These technologies are becoming more reliable, and they will become widely used over the
As the cost of biometric devices continues to fall, their use will likely increase.
You are being asked to solve the problem of people
You may want to investigate either biometric devices (such as hand scanners) or number access locks that can be used in lieu of smart cards for access. These devices would allow people who forget their smart cards to enter areas that they should be able to access.
Social engineering is the process by which intruders gain access to your facilities, your network, and your
Social engineering attacks can be very subtle in the way they develop. They are also hard to detect. Let's take a look at some "classic" social engineering attacks.
Someone enters your building
Let's look at one more example. (By the way, this is a true situation. It
Social engineering attacks like these are very easy to accomplish in most organizations. Even if your organization uses biometric devices, magnetic card
Preventing social engineering attacks involves more than just training on how to detect and prevent them. It also involves making sure that people stay alert. Social engineering is very easy to do even with all of today's technology at our disposal.
You have just received a call from someone purporting to be from your ISP. She claims that she needs to perform remote maintenance on your network. She says that a setting in your router is wrong, and she needs to change it. How should you handle this?
First of all, remember the discussion about social engineering. How do you know that this person really is from your ISP? You will want to take a phone number down, and tell her that you will call her right back. You should also ask for the main number and her extension. Call the main number. Attempt to verify that this is really the company you are working with, and that the individual is actually part of the maintenance
The environment your business operates in is bigger than the mere physical facility that
The technology is based upon small low-powered transmitters located strategically throughout a coverage area. A cell provider is given approximately 800 separate frequencies to use in a coverage area. The frequencies are then broken down into
Figure 6.6: Cell system in a metropolitan area
The individual cells have a high level of computer intelligence, and they hand off conversations to each other automatically. Cell phones in the U.S. operate in the 824MHz to 894MHz range. The Federal Communications Commission requires police scanners to bypass these frequencies in the United States. Most other
It is a federal crime to monitor or eavesdrop on these frequencies.
Cell phones use analog as well as digital transmission capabilities. The analog cell systems allow approximately 60 simultaneous conversations to occur in a single cell. Digital technology expands that to about 180 simultaneous conversations. New applications, which will allow for cell-based banking and other transactions, are being added to cell technology.
Global System for Mobile Communications (GSM), the newest standard for cell systems, does offer encryption. GSM works in conjunction with a Subscriber Identification Module (SIM), allowing users to change phones. The SIM is a removable card that can be moved from one phone to another. Unfortunately, U.S. and European cell standards are not interchangeable, although many manufacturers are now selling
Many people believe that cell phones are untraceable, and that you cannot determine the location of a cellular user. This is not the case. When a cell phone is turned on, it immediately identifies itself to the cell that is
You have become increasingly
You may want to implement a wireless security protocol (such as WTLS or ECC) in these devices and in your network. This would allow communications to occur between wireless users and your network. ECC is discussed in Chapter 7, "Cryptography Basics and Methods," and it is becoming a standard for wireless communications security.
The location of your computer facility is critical to its security. Computer facilities must be placed in a location that is physically possible to secure. Additionally, the location must have the proper environment capabilities to manage temperature, humidity, and other factors necessary to the health of your computer systems.
Many computer systems require temperature and humidity control for reliable service. The larger servers, communications equipment, and drive arrays generate large amounts of heat. This is
An environmental system for this type of equipment is a significant expense beyond the actual computer system costs. Fortunately,
If the computer systems you are responsible for require special environmental considerations, you will need to establish cooling and humidity control. Ideally, systems are located in the middle of the building, and they are ducted separately from the rest of the system. It is a common practice for modern buildings to use a zone-based air conditioning environment. This allows the environmental plant to be turned off when the building is not occupied. A computer room will typically require
Environmental systems should be monitored to prevent the humidity levels of a computer center from dropping below 50 percent. Electrostatic damage is likely to occur when humidity levels get too low.
Environmental concerns also include considerations about water and flood damage, as well as fire suppression. Computer rooms should have fire and moisture detectors. Most office buildings have water pipes and other moisture-carrying systems in the ceiling. If a water pipe bursts (which is common in minor earthquakes), the computer room could become flooded. Water and electricity do not mix. Moisture
Fire, no matter how small, can cause damage to computer systems. Apart from the high heat that can melt or warp plastics and metals, the smoke from the fire can permeate the computers. Smoke particles are large enough to lodge under the read/write head of a hard disk, thereby
The three critical components of any fire are heat, fuel, and
Computer systems are susceptible to power and interference problems. A computer requires a steady input of AC power to produce reliable DC voltage for its electronic systems.
are designed to operate in a wide
Surge Protectors Surge protectors protect electrical components from momentary or instantaneous
increases(called spikes ) in a power line. Most surge protectors shunt a voltage spike to ground through the use of small devices called Metal Oxide Varistors (MOVs). Large-scale surge protectors are usually found in building power supplies or at power feed points in the building. Portable surge protectors can be purchased as part of an extension cord or power strip. If subsequentsurges occur, the surge protector may not prevent them from being passed through the line to the computer system. Surge protectors are passive devices, and they accomplish no purpose until a surge occurs.
Power Conditioners Power conditioners are active devices that effectively isolate and regulate voltage in a building. These devices are usually active devices that monitor the power in the building and clean it up. Power conditioners usually include filters, surge suppressors, and temporary voltage regulation. Power conditioners can also activate backup power supplies. Power conditioners can be part of the overall building power scheme. It is also common to see power conditioners dedicated
strictlyto computer rooms.
Backup Power Backup power is usually used in situations where continuous power is needed in the event of a power loss. These types of systems are usually designed either for a short-term duration, as in the case of a battery backup system, or for long-
termuses as in an Uninterruptible Power Supply (UPS) . UPS systems usually use batteries to provide short- term power. Longer-term backup power comes from power generators that frequently have their own power-loss-sensing circuitry. Power generators kick in if a power loss is detected, and they provide power until disabled. The generators require a short amount of time to start providing power, and the battery backup systems provide time for the generators to come online. Most generator systems do not automatically turn off when power is restored to a building. Generators are turned off manually. This is necessary because it is very common for several false starts to occur before power is restored from the power grid.
Most power generators are either gas or
dieseloperated, and they require preventative maintenance on a regular basis. These systems are not much use if they do not start when needed or they fail because no oil is in the motor. Newer systems are becoming available that are based on fuel cell technology. These will probably be very reliable and require less maintenance.
refers to the process of preventing electronic emissions from your computer systems from being used to gather intelligence and preventing outside electronic emissions from disrupting your information-processing
Electromagnetic Interference (EMI)
Radio Frequency Interference (RFI)
are two additional environmental considerations. Motors, lights, and other types of electromechanical objects cause EMI. EMI can cause circuit overload, spikes, or electrical component failure. EMI can be minimized by making sure that all signal lines are properly
Figure 6.7: Electromagnetic interference (EMI) pickup in a data cable
RFI is the byproduct of electrical processes, similar to EMI. The major difference is that RFI is usually
Figure 6.8: RF Desensitization occurring as a result of cellular phone interference
Fire suppression is a key consideration in a computer center design. Two primary types of fire suppression systems are in use. These are fire extinguishers and fixed systems. Fixed systems are usually part of the building systems. Fire extinguishers are portable systems.
The selection and use of fire extinguishers is critical. Four primary types of fire extinguishers are available. They are
Wood and Paper
Largely water or chemical
Varies, type specific
Several multipurpose types of extinguishers combine extinguisher capabilities in a single
The recommended procedure for using a fire extinguisher is called the PASS method . PASS stands for Pull, Aim, Squeeze, and Sweep. Fire extinguishers usually operate for only a few seconds. Make sure you do not fixate on a single spot if you need to use one. Most fire extinguishers have a limited effective range of from three to eight feet.
A major concern with electrical fires is that they can reoccur very quickly if the voltage is not removed. Make sure that you remove voltage from systems when a fire occurs.
Most fire extinguishers require an annual inspection. This is a favorite area of citation by fire inspectors. You can contract with services to do this on a regular basis. They will come out and inspect or replace fire extinguishers according to a scheduled agreement.
The most common fixed systems combine fire detectors with fire suppression systems. The detectors usually trigger either because of a rapid temperature change or because of excessive smoke.
Most systems use either water sprinklers or fire-suppressing gas. Water systems work with overhead nozzle systems, such as
Figure 6.9: Water-based fire suppression system
The gas-based systems were originally designed to use carbon dioxide, or later Halon gas. Halon gas is not used anymore because it damages the ozone layer. Environmentally acceptable substitutes are now available for gas systems. The principle of a gas system is that is displaces the oxygen in the room and
Evacuate the room immediately in the event of a fire. Gas-based systems work by removing oxygen from the fire. This can suffocate
The major drawback to gas-based systems is that they require sealed environments to operate. Special