![[Iris or Retinal Scanner]](Iris_RetinalScanner.jpeg)
![[Fingerprint Scanner]](FingerprintScanner.jpeg)
![[Badge Cards]](BadgeCards.jpeg)
First and foremost you need to restrict access to computers and servers. This is done in a number of ways depending on how security conscious your company needs to be. From the outside in, the various types of restriction start with a locked fence around the property or building, then moves to locked outer doors with a security guard, locked inner doors with keys given only to those who need access. Restriction is also implemented by having doors which require a badge or other type of key card to unlock the door. Access can be restricted with Biometric scanners such as handprint, fingerprint, facial, retina or Iris (EPS). Another very important type of access restriction is user login and passwords. These must be of significant difficulty to prevent being figured out by hackers and crackers. The passwords should also be changed on a regular basis to block entry to anyone whom might have a compromised password in their posession. Normally, the only people who need access to servers is the administrators, and the only person who needs access to a computer is the computer's user.
Air conditioning ducts, drop ceilings and raised floors are also security vulnerabilities. Air conditioning ducts should be small enough not to allow a person to crawl through them. Drop ceilings and raised floors should be monitored for unusual activity. Glass walls allow outsiders to see inside your office and perhaps capture data such as keystrokes. Glass walls and windows also are an easy entry point. Servers, and other sensitive equipment, should not be located in a room with glass walls or large windows (Garfinkel and Spafford)
Since locks do not always stop determined outsiders, have no effect on disgruntled insiders, and do not stop fire or water, it is also important to have various types of security cameras and sensors. The coverage of security cameras can be as light as one camera inside the server room or as heavy as cameras covering every inch of the parking lot, all hallways, and public rooms. The different sensors used can be motion detectors, door contacts, smoke detectors, or heat and water sensors. Also important are fence continuity sensors and emergency alarm stations. Extreme forms of detection are bomb detection systems and metal detectors
![[Security Cameras]](SecurityCameras.jpeg)
![[Security Cameras]](SecurityCameras2.jpeg)
The above mentioned security measures will prevent most, but not all, theft. Not all employees are honorable so one method of preventing computers, especially laptops, from walking off is to attach a cable to the unit. This cable should be made of a thickness and material that is extremely difficult to cut (Securemac.com). Also, adhering a property tag to the item saying what company it belongs to, along with an ID number, will also make the item less appealing to someone looking to make a fast dollar, and will make identification of stolen items easier.
![[Security Cable]](LaptopCables.jpeg)
![[Computer Cables]](ComputerCable.jpeg)
![[Property Tags]](PropertyTag.jpeg)
There are a couple of different issues about electricity. One of them is the interruption of power. Brown-outs happen when the power flickers or fades for a moment but then comes right back on. This can create power spikes that can damage the computers or servers. Complete power outages render computers useless. A Uninteruptable Power Supply (UPS) attached to the machine can mitigate both of these incidents. UPS's provide uninterupted power for a specified period of time once the main power has gone down. It is enough time to exit out of each application that is running, and then turn the computer off in a normal manner. As another precaution an electrical line filter should be installed to filter out voltage spikes.
![[A UPS]](UPS.jpeg)
The second issue about electricity has to do with static discharges around sensitive computer hardware. Static discharges can ruin the electronics on a circuit board. It is extremely important to take actions to prevent such discharges. Anti-static carpeting or mats help to deter static electricity discharges. Also, grounding wrist straps should be worn while working on computers. (University of Chicago Networking Services & Information Technologies)
Electromagnetic signals can be picked up from any electronic, electro-optical and electromechanical device. With the right equipment anyone can intercept these signals and recreate the original text. The US Government has given the name TEMPEST to the technology involved in monitoring or shielding of electromagnetic radiation. The acronym stands for either "Telecommunications Electronics Material Protected from Emanating Spurious Transmissions" or "Transient Electromagnetic Pulse Emanation STandard" depending on who you are talking to. The way to protect your information and equipment from remote interception is to build a Faraday cage around the object or building that needs to be shielded. Many modern devices are already shielded and thus make it harder for their data to be intercepted, however they are not 100% protected. It is possible to buy equipment that is already TEMPEST certified, but the added security associated with these make them very expensive compared to an uncertified equivalent. Only the Government and Government contractors really need to be concerned about remote monitoring of their work. Most other companies should be okay with buying the modern shielded equipment and designing rooms in such a way as to prevent the escape of unintended signals (Goodman).
It is esential to have a plan of action in event of a disaster, whether that be natural or man-made. If the disaster ruined your servers and computers then the first step is to purchase replacements. Once that is done the server software and data need to be reloaded. This process can be severly hampered if the back up tapes were kept on site and were ruined along with the hardware. For that reason it is suggested that all back up media be kept off-site in a fire proof, water proof, environmentally controlled area.
This tutorial is not meant to be a comprehensive primer on physical security. It is only meant to inform the reader of the importance of physical security and some of the methods used to protect the hardware, software and data of a company, such as door locks, security cameras, sensors, TEMPEST monitoring and shielding, and the need for a recovery plan.