2.7 Physical Security Controls

Physical Security Controls

Barricades/bollards = prevent access Alarms = motion detection, circuit based Signs = clear and specific instructions to keep people away from restricted areas

Video surveillance = CCTV (closed circuit television), motion/object recognition Industrial camouflage = conceal an important facility in plain sight, blends in to the local environment Faraday cage = blocks electromagnetic fields, mesh of conductive material, can restrict access to mobile networks

Screened subnet (DMZ) = additional layer of security between internet and you Protected distribution system (PDS) = physically secure cabled network, all of the data flows through these conduits

Secure Areas

Important part of a security policy is to prevent physical access to critical systems to secure data.

Air gap = network security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecured networks - physical separation between networks - e.g. stock market network | airplanes | nuclear power plant operations | power systems/SCADA

Secure Data Destruction

Data destruction and media sanitization = some information must not be destroyed - you don't want critical information in the trash - ensure nothing is left behind - shred your documents - pulverizing = destroying hard disks, no way to recover

Purge data = remove it from an existing data store, delete some of them Wipe data = unrecoverable removal of data on a storage device