Physical security threats / control mechanisms - Research Paper Example

Physical Security Threats Control Mechanisms What are the major categories of physical security threats? Physical security threats are found in the following categories. Weather: Hurricanes, floods, tornadoes, snow, ice, cold, heat and humidity like factors also impact the operational capabilities of a system. These natural forces may cause the structural damages, communication issues, personal hazards and utilities through flooding, tornadoes, hurricanes and heat (Luber, 2008). Chemical/Fire: Threats from fire or chemicals are potentially lethal and devastating (Security Procedures, 2008).

Paper stored in close proximity of computers becomes the cause of inflammability of fire. When computers and other equipments are exposed to a high temperature, they produce the highly explosive gases. Industrial pollution exiting from the nearby factories also damages the physical security of data center. Sometimes, the smoke or industrial pollution may corrode the devices and equipments installed in the building. Earth Movement: Mudslides and earthquakes are the main forms of earth movement.

Earth movement is dangerous for people when it is in the form of earthquakes, and mudslide. It becomes difficult to protect the people and assets from such harms (Andress, 2011). Structural failure: Both, physical and logical components of a data centre are damaged by the collapse of the building. The structure failure is also due to inappropriate selection of location for a data centre. Construction of building cannot bear the load and results into the structural failure. Potential loss of data and persons working there is also likely (Gerai, 2010).

Energy: All critical systems are impacted by the power loss. Continuous voltage drop is also caused by the related factors such as weather, equipment failure and power load. Biological: Infestation, virus and bacteria of animals or the insects are also considered the physical security threats (Merkow & Breithaupt, 2006). Human (Sabotage, strikes, war and terrorism): Human caused threats are more dangerous than environmental and technical threats. These are less predictable and designed to seek the vulnerable points of attack.

Sometimes, power struggles from politics, religion as well government agencies results into violence. It has been seen that unfortunate struggles occur throughout the world. Wars, bombings, strikes, riots and espionage all have impacted the security of organizations and their capabilities to operate normally (Wan, 2006). What control mechanisms are normally found in data center operations? Physical security is concerned with safeguarding the building, computers and devices. Control of physical security involves the protection of sites from manmade and natural physical threats by a proper planning in order to secure the devices from physical contacts.

Periodic inspection of the building may prevent a big loss of a data center and human lives. Physical security controls are classified in three main fields such as Administrative controls, physical controls and technical controls. A layered approach in physical security perspective is taken to protect the facilities. Physical security controls is employed in the form of multiple layers such as fences, card control system, and servers located in the access control. An intruder cannot approach these areas until some of the physical controls are circumvented or compromised.

Proper fire or smoke detector need are installed there in the location of data centers. In case of a chemical fire, the Halon may work efficiently used in a small quantity. Its concentration must be less than 5%. Water sprinklers are more dangerous when computers are not turned off. Use of fire resistant material, vent closure systems, and firewalls are the best standard control systems to mitigate the fire threats. Merkow & Breithaupt (2006) focused the five main areas in order to address the physical security threats.

These areas include the personnel education, site selection, physical controls, safety control and technical control such as biometrics, intrusion detection, smart cards and audit trails. Employees of an organization are educated about physical security by using the formal instructions, security bulletins, training programs and posters. Each employee is responsible to get training on the awareness of significance of security that supports to secure the surrounding such as data assets (Gupta, 2010).

Administrative control applies to physical sites and assets. These involve the knowledge sharing of skilled persons, appropriate oversight, and separation of duties. Selection of a secure and suitable location is an important administrative control. The site selection considers the neighboring of site, avoidance of possible hazards, site with less natural disasters, and transportation issues. Complete knowledge about local emergency facilities (police, hospitals, fire and medical facilities) is also looked for the site (Krutz and Vines, 2007).

As discussed earlier for the preventive measures security and safety equipment are installed. Technical controls include the smart cards, access logs, biometric access controls and intrusion detection (Newman, 2009). References: Andress, J. (2011). The Basics of Information Security, Elsevier. Gerai, R. (2010). Physical Security Threats - Structural Failure, Available from http://ezinearticles.com/?Physical-Security-Threats---Structural-Failure&id=3573348 Accessed on 04/04/2013. Gupta, P. (2010).

IT Infrastructure & Its Management, (2nd Ed.). Tata McGraw Hill. Krutz, R., and Vines, R. (2007). The CISSP and CAP Prep Guide: Platinum Edition, Wiley Publishing Inc. Luber, G. (2008). “Climate Change and Extreme Heat Events”, Elsevier, American Journal of Preventive Medicine. 35(5), p.p.129-135. Merkow, M., & Breithaupt, J. (2006). Information Security: Principles and Practices, Pearson Prentice Hall. Newman, R. (2009). Security and Access Control Using Biometric Technologies, Cengage Learning.

Security Procedures (2008). 14 physical security threats, Available from http://www.securityprocedure.com/14-physical-security-threats Accessed on 04/04/2013. Wan, K. (2006). CISSP Certification Exam Study Guide, KP Lab Limited.