Address the following system security domains by providing in-depth analysis and details about implementation and strategic planning for an online system:
> Identify a strategy to manage personnel security.
> Adhering to laws, regulations, and compliance.
> Protecting the security of assets from online malicious access.
> Identify goals from using cryptographic tools
Need 6-8 page report in APA format with minimum 9 peer-reviewed citations besides the attached chapters. Must include introduction and conclusion.
285
Chap ter 10 Phys i cal Se cu rity Re quire ments
THE CISSP EXAM TOP ICS COV ERED IN THIS CHAP TER IN CLUDE:
Do main 3: Se cu rity Ar chi tec ture and En gi neer ing 3.10 Ap ply se cu rity prin ci ples to site and fa cil ity de sign
3.11 Im ple ment site and fa cil ity se cu rity con trols
3.11.1 Wiring clos ets/in ter me di ate dis tri bu tion fa cil i ties
3.11.2 Server rooms/data cen ters
3.11.3 Me dia stor age fa cil i ties
3.11.4 Ev i dence stor age
3.11.5 Re stricted and work area se cu rity
3.11.6 Util i ties and Heat ing, Ven ti la tion, and Air Con di tion ing (HVAC)
3.11.7 En vi ron men tal is sues
3.11.8 Fire pre ven tion, de tec tion, and sup pres sion
Do main 7: Se cu rity Op er a tions 7.15 Im ple ment and man age phys i cal se cu rity
7.15.1 Perime ter se cu rity con trols
7.15.2 In ter nal se cu rity con trols
The topic of phys i cal and en vi ron men tal se cu rity is ref er enced in sev eral do mains. The two pri mary oc cur rences are in do main 3, “Se cu rity Ar chi tec ture and En gi neer ing,” and do main 7, “Se cu rity Op er a tions.” Sev eral sub sec tions of these two do mains of the Com mon Body of Knowl edge (CBK) for the CISSP cer ti fi ca tion exam deal with top ics and is sues re lated to fa cil ity se cu rity, in clud ing foun da tional prin ci ples, de sign and im ple men ta tion, fire pro tec tion, perime ter se cu rity, in ter nal se cu rity, and many more.
The pur pose of phys i cal se cu rity is to pro tect against phys i cal threats. The fol low ing phys i cal threats are among the most com mon: fire and smoke, wa ter (ris ing/fall ing), earth move ment (earth quakes, land slides, vol ca noes), storms (wind, light ning, rain, snow, sleet, ice), sab o tage/van dal ism, ex plo sion/de struc tion, build ing col lapse, toxic ma te ri als, util ity loss (power, heat ing, cool ing, air, wa ter), equip ment fail ure, theft, and per son nel loss (strikes, ill ness, ac cess, trans port).
This chap ter ex plores these is sues and dis cusses safe guards and coun ter mea sures to pro tect against them. In many cases, you’ll need a dis as ter re cov ery plan or a busi ness con ti nu ity plan should a se ri ous phys i cal threat (such as an ex plo sion, sab o tage, or nat u ral dis as ter) oc cur. Chap ter 3, “Busi ness Con ti nu ity Plan ning,” and Chap ter 18, “Dis as ter Re cov ery Plan ning,” cover those top ics in de tail.
Ap ply Se cu rity Prin ci ples to Site and Fa cil ity De sign It should be bla tantly ob vi ous at this point that with out con trol over the phys i cal en vi ron ment, no
col lec tion of ad min is tra tive, tech ni cal, or log i cal ac cess con trols can pro vide ad e quate se cu rity. If a ma li cious per son can gain phys i cal ac cess to your fa cil ity or equip ment, they can do just about any thing they want, from de struc tion to dis clo sure or al ter ation. Phys i cal con trols are your first line of de fense, and peo ple are your last.
There are many as pects of im ple ment ing and main tain ing phys i cal se cu rity. A core el e ment is se lect ing or de sign ing the fa cil ity to house your in for ma tion tech nol ogy (IT) in fra struc ture and your or ga ni za tion’s op er a tions. The process of se lect ing or de sign ing fa cil i ties se cu rity al ways starts with a plan.
Se cure Fa cil ity Plan
286
A se cure fa cil ity plan out lines the se cu rity needs of your or ga ni za tion and em pha sizes meth ods or mech a nisms to em ploy to pro vide se cu rity. Such a plan is de vel oped through a process known as crit i cal path anal y sis. Crit i cal path anal y sis is a sys tem atic ef fort to iden tify re la tion ships be tween mis sion-crit i cal ap pli ca tions, pro cesses, and op er a tions and all the nec es sary sup port ing el e ments. For ex am ple, an e- com merce server used to sell prod ucts over the web re lies on in ter net ac cess, com puter hard ware, elec tric ity, tem per a ture con trol, stor age fa cil ity, and so on.
When crit i cal path anal y sis is per formed prop erly, a com plete pic ture of the in ter de pen den cies and in ter ac tions nec es sary to sus tain the or ga ni za tion is pro duced. Once that anal y sis is com plete, its re sults serve as a list of items to se cure. The first step in de sign ing a se cure IT in fra struc ture is pro vid ing se cu rity for the ba sic re quire ments of the or ga ni za tion and its com put ers. These ba sic re quire ments in clude elec tric ity, en vi ron men tal con trols (in other words, a build ing, air con di tion ing, heat ing, hu mid ity con trol, and so on), and wa ter/sewage.
While ex am in ing for crit i cal paths, it is also im por tant to eval u ate com pleted or po ten tial tech nol ogy con ver gence. Tech nol ogy con ver gence is the ten dency for var i ous tech nolo gies, so lu tions, util i ties, and sys tems to evolve and merge over time. Of ten this re sults in mul ti ple sys tems per form ing sim i lar or re dun dant tasks or one sys tem tak ing over the fea ture and abil i ties of an other. While in some in stances this can re sult in im proved ef fi ciency and cost sav ings, it can also rep re sent a sin gle point of fail ure and be come a more valu able tar get for hack ers and in trud ers. For ex am ple, if voice, video, fax, and data traf fic all share a sin gle con nec tion path rather than in di vid ual paths, a sin gle act of sab o tage to the main con nec tion is all that is re quired for in trud ers or thieves to sever ex ter nal com mu ni ca tions.
Se cu rity staff should par tic i pate in site and fa cil ity de sign con sid er a tions. Oth er wise, many im por tant as pects of phys i cal se cu rity es sen tial for the ex is tence of log i cal se cu rity may be over looked. With se cu rity staff in volved in the phys i cal fa cil ity de sign, you can be as sured that your long-term se cu rity goals as an or ga ni za tion will be sup ported not just by your poli cies, per son nel, and elec tronic equip ment, but by the build ing it self.
Site Se lec tion Site se lec tion should be based on the se cu rity needs of the or ga ni za tion. Cost, lo ca tion, and size are
im por tant, but ad dress ing the re quire ments of se cu rity should al ways take prece dence. When choos ing a site on which to build a fa cil ity or se lect ing a pre ex ist ing struc ture, be sure to ex am ine ev ery as pect of its lo ca tion care fully.
Se cur ing as sets de pends largely on site se cu rity, which in volves nu mer ous con sid er a tions and sit u a tional el e ments. Site lo ca tion and con struc tion play a cru cial role in the over all site se lec tion process. Sus cep ti bil ity to ri ots, loot ing, break-ins, and van dal ism or lo ca tion within a high-crime area are ob vi ously all poor choices but can not al ways be dic tated or con trolled. En vi ron men tal threats such as fault lines, tor nado/hur ri cane re gions, and close prox im ity to other nat u ral dis as ters present sig nif i cant is sues for the site se lec tion process as well be cause you can’t al ways avoid such threats.
Prox im ity to other build ings and busi nesses is an other cru cial con sid er a tion. What sorts of at ten tion do they draw, and how does that af fect your op er a tion or fa cil ity? If a nearby busi ness at tracts too many vis i tors, gen er ates lots of noise, causes vi bra tions, or han dles dan ger ous ma te ri als, they could harm your em ploy ees or build ings. Prox im ity to emer gency-re sponse per son nel is an other con sid er a tion, along with other el e ments. Some com pa nies can af ford to buy or build their own cam puses to keep neigh bor ing el e ments out of play and to en able tighter ac cess con trol and mon i tor ing. How ever, not ev ery com pany can ex er cise this op tion and must make do with what’s avail able and af ford able in stead.
At a min i mum, en sure that the build ing is de signed to with stand fairly ex treme weather con di tions and that it can de ter or fend off overt break-in at tempts. Vul ner a ble en try points such as win dows and doors tend to dom i nate such anal y sis, but you should also eval u ate ob jects (trees, shrubs, or man-made items) that can ob scure break-in at tempts.
Vis i bil ity
Vis i bil ity is im por tant. What is the sur round ing ter rain? Would it be easy to ap proach the fa cil ity by ve hi cle or on foot with out be ing seen? The makeup of the sur round ing area is also im por tant. Is it in or near a res i den tial, busi ness, or in dus trial area? What is the lo cal crime rate? Where are the clos est emer gency ser vices lo cated (fire, med i cal, po lice)? What unique haz ards may be found in the vicin ity (chem i cal plants, home less shel ters, uni ver si ties, con struc tion sites, and so on)?
An other el e ment of vis i bil ity is re lated to the area mon i tored by a se cu rity cam era. Be sure the lo ca tions and ca pa bil i ties of the se cu rity cam eras are co or di nated with the in te rior and ex te rior de sign of the fa cil ity. Cam eras should be po si tioned to have clear site lines of all ex te rior walls, en trance and exit points, and in te rior hall ways.
Nat u ral Dis as ters
287
An other con cern is the po ten tial im pact that nat u ral dis as ters could make in the area. Is it prone to earth quakes, mud slides, sink holes, fires, floods, hur ri canes, tor na does, fall ing rocks, snow, rain fall, ice, hu mid ity, heat, ex treme cold, and so on? You must pre pare for nat u ral dis as ters and equip your IT en vi ron ment to ei ther sur vive an event or be re placed eas ily. As men tioned ear lier, the top ics of busi ness con ti nu ity and dis as ter plan ning are cov ered in Chap ters 3 and 18, re spec tively.
Fa cil ity De sign When de sign ing the con struc tion of a fa cil ity, you must un der stand the level of se cu rity that your
or ga ni za tion needs. A proper level of se cu rity must be planned and de signed be fore con struc tion be gins.
Im por tant is sues to con sider in clude com bustibil ity, fire rat ing, con struc tion ma te ri als, load rat ing, place ment, and con trol of items such as walls, doors, ceil ings, floor ing, HVAC, power, wa ter, sewage, gas, and so on. Forced in tru sion, emer gency ac cess, re sis tance to en try, di rec tion of en tries and ex its, use of alarms, and con duc tiv ity are other im por tant as pects to eval u ate. Ev ery el e ment within a fa cil ity should be eval u ated in terms of how it could be used for and against the pro tec tion of the IT in fra struc ture and per son nel (for ex am ple, pos i tive flows for air and wa ter from in side a fa cil ity to out side its bound aries).
There’s also a well-es tab lished school of thought on “se cure ar chi tec ture” that’s of ten called Crime Pre ven tion through En vi ron men tal De sign (CPTED). The guid ing idea is to struc ture the phys i cal en vi ron ment and sur round ings to in flu ence in di vid ual de ci sions that po ten tial of fend ers make be fore com mit ting any crim i nal acts. The In ter na tional CPTED As so ci a tion is an ex cel lent source for in for ma tion on this sub ject (www.cpted.net), as is Os car New man’s book Cre at ing De fen si ble Space, pub lished by HUD’s Of fice of Pol icy De vel op ment and Re search (you can ob tain a free PDF down load at www.de fen si blespace.com/book.htm).
Im ple ment Site and Fa cil ity Se cu rity Con trols The se cu rity con trols im ple mented to man age phys i cal se cu rity can be di vided into three groups:
ad min is tra tive, tech ni cal, and phys i cal. Be cause these are the same cat e gories used to de scribe ac cess con trols, it is vi tal to fo cus on the phys i cal se cu rity as pects of these con trols. Ad min is tra tive phys i cal se cu rity con trols in clude fa cil ity con struc tion and se lec tion, site man age ment, per son nel con trols, aware ness train ing, and emer gency re sponse and pro ce dures. Tech ni cal phys i cal se cu rity con trols in clude ac cess con trols; in tru sion de tec tion; alarms; closed-cir cuit tele vi sion (CCTV); mon i tor ing; heat ing, ven ti la tion, and air con di tion ing (HVAC) power sup plies; and fire de tec tion and sup pres sion. Phys i cal con trols for phys i cal se cu rity in clude fenc ing, light ing, locks, con struc tion ma te ri als, mantraps, dogs, and guards.
Cor po rate vs. Per sonal Prop erty
Many busi ness en vi ron ments have both vis i ble and in vis i ble phys i cal se cu rity con trols. You see them at the post of fice, at the cor ner store, and in cer tain ar eas of your own com put ing en vi ron ment. They are so per va sive that some peo ple choose where they live based on their pres ence, as in gated ac cess com mu ni ties or se cure apart ment com plexes.
Al i son is a se cu rity an a lyst for a ma jor tech nol ogy cor po ra tion that spe cial izes in data man age ment. This com pany in cludes an in-house se cu rity staff (guards, ad min is tra tors, and so on) that is ca pa ble of han dling phys i cal se cu rity breaches.
Brad ex pe ri enced an in tru sion—into his per sonal ve hi cle in the com pany park ing lot. He asks Al i son whether she ob served or recorded any one break ing into and en ter ing his ve hi cle, but this is a per sonal item and not a com pany pos ses sion, and she has no con trol or reg u la tion over dam age to em ployee as sets.
This is un der stand ably un nerv ing for Brad, but he un der stands that she’s pro tect ing the busi ness and not his be long ings. When or where would you think it would be nec es sary to im ple ment se cu rity mea sures for both? The usual an swer is any where busi ness as sets are or might be in volved. Had Brad been us ing a com pany ve hi cle parked in the com pany park ing lot, then per haps Al i son could make al lowances for an in ci den tal break-in in volv ing Brad’s things, but even then she isn’t re spon si ble for their safe keep ing. On the other hand, where key peo ple are also im por tant as sets (ex ec u tive staff at most en ter prises, se cu rity an a lysts who work in sen si tive po si tions, heads of state, and so forth), pro tec tion and safe guards usu ally ex tend to em brace them and their be long ings as part of as set pro tec tion and risk mit i ga tion. Of course, if dan ger to em ploy ees or what they carry with them be comes a prob lem, se cur ing the park ing garage with key cards and in stalling CCTV mon i tors on ev ery floor be gins to make sense. Sim ply put, if the costs of al low ing break-ins to oc cur ex ceeds that of in stalling pre ven tive mea sures, it’s pru dent to put them in place.
288
When de sign ing phys i cal se cu rity for an en vi ron ment, fo cus on the func tional or der in which con trols should be used. The or der is as fol lows:
1. De ter rence
2. De nial
3. De tec tion
4. De lay
Se cu rity con trols should be de ployed so that ini tial at tempts to ac cess phys i cal as sets are de terred (bound ary re stric tions ac com plish this). If de ter rence fails, then di rect ac cess to phys i cal as sets should be de nied (for ex am ple, locked vault doors). If de nial fails, your sys tem needs to de tect in tru sion (for ex am ple, us ing mo tion sen sors), and the in truder should be de layed suf fi ciently in their ac cess at tempts to en able au thor i ties to re spond (for ex am ple, a ca ble lock on the as set). It’s im por tant to re mem ber this or der when de ploy ing phys i cal se cu rity con trols: first de ter rence, then de nial, then de tec tion, then de lay.
Equip ment Fail ure No mat ter the qual ity of the equip ment your or ga ni za tion chooses to pur chase and in stall, even tu ally it
will fail. Un der stand ing and pre par ing for this even tu al ity helps en sure the on go ing avail abil ity of your IT in fra struc ture and should help you to pro tect the in tegrity and avail abil ity of your re sources.
Pre par ing for equip ment fail ure can take many forms. In some non-mis sion-crit i cal sit u a tions, sim ply know ing where you can pur chase re place ment parts for a 48-hour re place ment time line is suf fi cient. In other sit u a tions, main tain ing on site re place ment parts is manda tory. Keep in mind that the re sponse time in re turn ing a sys tem to a fully func tion ing state is di rectly pro por tional to the cost in volved in main tain ing such a so lu tion. Costs in clude stor age, trans porta tion, pre-pur chas ing, and main tain ing on site in stal la tion and restora tion ex per tise. In some cases, main tain ing on site re place ments is not fea si ble. For those cases, es tab lish ing a ser vice-level agree ment (SLA) with the hard ware ven dor is es sen tial. An SLA clearly de fines the re sponse time a ven dor will pro vide in the event of an equip ment fail ure emer gency.
Ag ing hard ware should be sched uled for re place ment and/or re pair. The sched ule for such op er a tions should be based on the mean time to fail ure (MTTF) and mean time to re pair (MTTR) es ti mates es tab lished for each de vice or on pre vail ing best or ga ni za tional prac tices for man ag ing the hard ware life cy cle. MTTF is the ex pected typ i cal func tional life time of the de vice given a spe cific op er at ing en vi ron ment. MTTR is the av er age length of time re quired to per form a re pair on the de vice. A de vice can of ten un dergo nu mer ous re pairs be fore a cat a strophic fail ure is ex pected. Be sure to sched ule all de vices to be re placed be fore their MTTF ex pires. An ad di tional mea sure ment is that of the mean time be tween fail ures (MTBF). This is an es ti ma tion of the time be tween the first and any sub se quent fail ures. If the MTTF and MTBF val ues are the same or fairly sim i lar, man u fac tur ers of ten only list the MTTF to rep re sent both val ues.
When a de vice is sent out for re pairs, you need to have an al ter nate so lu tion or a backup de vice to fill in for the du ra tion of the re pair time. Of ten, wait ing un til a mi nor fail ure oc curs be fore a re pair is per formed is sat is fac tory, but wait ing un til a com plete fail ure oc curs be fore re place ment is an un ac cept able se cu rity prac tice.
Wiring Clos ets
Wiring clos ets used to be a small closet where the telecom mu ni ca tions ca bles were or ga nized for the build ing us ing punch-down blocks. To day, a wiring closet is still used for or ga ni za tional pur poses, but it serves as an im por tant in fra struc ture pur pose as well. A mod ern wiring closet is where the net work ing ca bles for a whole build ing or just a floor are con nected to other es sen tial equip ment, such as patch pan els, switches, routers, lo cal area net work (LAN) ex ten ders, and back bone chan nels. Other more tech ni cal names for wiring clos ets in clude premises wire dis tri bu tion room andin ter me di ate dis tri bu tion fa cil i ties (IDF). It is fairly com mon to have one or more racks of in ter con nec tion de vices sta tioned in a wiring closet (see Fig ure 10.1).
Larger build ings may re quire mul ti ple wiring clos ets in or der to stay within the max i mum ca ble run lim i ta tions. For the com mon cop per-based twisted-pair ca bling, the max i mum run length is 100 me ters. How ever, in elec tri cally noisy en vi ron ments, this run length can be sig nif i cantly re duced. Wiring clos ets also serve as a con ve nient lo ca tion to link mul ti ple floors to gether. In such a mul ti story con fig u ra tion, the wiring clos ets are of ten lo cated di rectly above or be low each other on their re spec tive floor.
289
FIG URE 10.1 A typ i cal wiring closet Source: https://www.flickr.com/pho tos/cloned milk men/4390901323/
Wiring clos ets are also com monly used to house and man age the wiring for many other im por tant el e ments of a build ing, in clud ing alarm sys tems, cir cuit breaker pan els, tele phone punch-down blocks, wire less ac cess points, and video sys tems, in clud ing se cu rity cam eras.
Wiring closet se cu rity is ex tremely im por tant. Most of the se cu rity for a wiring closet fo cuses on pre vent ing phys i cal unau tho rized ac cess. If an unau tho rized in truder gains ac cess to the area, they may be able to steal equip ment, pull or cut ca bles, or even plant a lis ten ing de vice. Thus, the se cu rity pol icy for the wiring closet should in clude a few ground rules, such as the fol low ing:
Never use the wiring closet as a gen eral stor age area.
Have ad e quate locks, which might in clude bio met ric el e ments.
Keep the area tidy.
Do not store flammable items in the area.
Set up video sur veil lance to mon i tor ac tiv ity in side the wiring closet.
Use a door open sen sor to log en tries.
Do not give keys to any one ex cept the au tho rized ad min is tra tor.
Per form reg u lar phys i cal in spec tions of the wiring closet’s se cu rity and con tents.
In clude the wiring closet in the or ga ni za tion’s en vi ron men tal man age ment and mon i tor ing, in or der to en sure ap pro pri ate en vi ron men tal con trol and mon i tor ing, as well as de tect dam ag ing con di tions such as flood ing or fire.
It is also im por tant to no tify your build ing man age ment of your wiring closet se cu rity pol icy and ac cess re stric tions. This will fur ther re duce unau tho rized ac cess at tempts.
290
Wiring clos ets are just one el e ment of a ca ble plant man age ment pol icy. A ca ble plant is the col lec tion of in ter con nected ca bles and in ter me di ary de vices (such as cross-con nects, patch pan els, and switches) that es tab lish the phys i cal net work. El e ments of a ca ble plant in clude the fol low ing:
En trance fa cil ity: Also known as the de mar ca tion point, this is the en trance point to the build ing where the ca ble from the provider con nects the in ter nal ca ble plant.
Equip ment room: This is the main wiring closet for the build ing, of ten con nected to or ad ja cent to the en trance fa cil ity.
Back bone dis tri bu tion sys tem: This pro vides wired con nec tions be tween the equip ment room and the telecom mu ni ca tions rooms, in clud ing cross-floor con nec tions.
Telecom mu ni ca tions room: Also known as the wiring closet, this serves the con nec tion needs of a floor or a sec tion of a large build ing by pro vid ing space for net work ing equip ment and ca bling sys tems. It also serves as the in ter con nec tion point be tween the back bone dis tri bu tion sys tem and the hor i zon tal dis tri bu tion sys tem.
Hor i zon tal dis tri bu tion sys tem: This pro vides the con nec tion be tween the telecom mu ni ca tion room and work ar eas, of ten in clud ing ca bling, cross-con nec tion blocks, patch pan els, and sup port ing hard ware in fra struc ture (such as ca ble trays, ca ble hang ers, and con duits).
Server Rooms/Data Cen ters Server rooms, data cen ters, com mu ni ca tions rooms, wiring clos ets, server vaults, and IT clos ets are
en closed, re stricted, and pro tected rooms where your mis sion-crit i cal servers and net work de vices are housed. Cen tral ized server rooms need not be hu man com pat i ble. In fact, the more hu man in com pat i ble a server room is, the more pro tec tion it will of fer against ca sual and de ter mined at tacks. Hu man in com pat i bil ity can be ac com plished by in clud ing Halotron, Py ro Gen, or other halon-sub sti tute oxy gen-dis place ment fire de tec tion and ex tin guish ing sys tems, low tem per a tures, lit tle or no light ing, and equip ment stacked with lit tle room to ma neu ver. Server rooms should be de signed to sup port op ti mal op er a tion of the IT in fra struc ture and to block unau tho rized hu man ac cess or in ter ven tion.
Server rooms should be lo cated at the core of the build ing. Try to avoid lo cat ing these rooms on the ground floor, on the top floor, and in the base ment when ever pos si ble. Ad di tion ally, the server room should be lo cated away from wa ter, gas, and sewage lines. These pose too large a risk of leak age or flood ing, which can cause se ri ous dam age and down time.
The walls of your server room should also have a one-hour min i mum fire rat ing.
Mak ing Servers In ac ces si ble
The run ning joke in the IT se cu rity realm is that the most se cure com puter is one that is dis con nected from the net work and sealed in a room with no doors or win dows. No, se ri ously, that’s the joke. But there’s a mas sive grain of truth and irony in it as well.
Car los op er ates se cu rity pro cesses and plat forms for a fi nan cial bank ing firm, and he knows all about one-way sys tems and un reach able de vices. Sen si tive busi ness trans ac tions oc cur in frac tions of a sec ond, and one wrong move could pose se ri ous risks to data and in volved par ties.
In his ex pe ri ence, Car los knows that the least ac ces si ble and least hu man-friendly places are his most valu able as sets, so he stores many of his ma chines in side a sep a rate bank vault. You’d have to be a tal ented bur glar, a skilled safe cracker, and a de ter mined com puter at tacker to breach his se cu rity de fenses.
Not all busi ness ap pli ca tions and pro cesses war rant this ex treme sort of pre ven tion. What se cu rity rec om men da tions might you sug gest to make a server more in con ve nient or in ac ces si ble, short of ded i cat ing a vault? An in te rior room with lim ited ac cess, no win dows, and only one en try/exit point makes an ex cel lent sub sti tute when an empty vault isn’t avail able. The key is to se lect a space with lim ited ac cess and then to es tab lish se ri ous hur dles to en try (es pe cially unau tho rized en try). CCTV mon i tor ing on the door and mo tion de tec tors in side the space can also help main tain proper at ten tion to who is com ing and go ing.
For many or ga ni za tions their dat a cen ter and their server room are one and the same. For some or ga ni za tions, a dat a cen ter is an ex ter nal lo ca tion used to house the bulk of their back end com puter servers,
291
data stor age equip ment, and net work man age ment equip ment. This could be a sep a rate build ing nearby the pri mary of fices or it could be a re mote lo ca tion. A dat a cen ter might be owned and man aged ex clu sively by your or ga ni za tion, or it could be a leased ser vice from a dat a cen ter provider. A dat a cen ter could be a sin gle- ten ant con fig u ra tion or a mul ti tenant con fig u ra tion. No mat ter what the vari a tion, in ad di tion to the con cerns of a server room, many other con cepts are likely rel e vant.
In many dat a cen ters and server rooms, a va ri ety of tech ni cal con trols are em ployed as ac cess con trol mech a nisms to man age phys i cal ac cess. These in clude, but are not lim ited to: smart/dumb cards, prox im ity read ers, bio met rics, in tru sion de tec tion sys tems (IDSs), and a de sign based around de fense in depth.
Smart cards
Smart cards are credit-card-sized IDs, badges, or se cu rity passes with an em bed ded mag netic strip, bar code, or in te grated cir cuit chip. They con tain in for ma tion about the au tho rized bearer that can be used for iden ti fi ca tion and/or au then ti ca tion pur poses. Some smart cards can even process in for ma tion or store rea son able amounts of data in a mem ory chip. A smart card may be known by sev eral phrases or terms:
An iden tity to ken con tain ing in te grated cir cuits (ICs)
A pro ces sor IC card
An IC card with an ISO 7816 in ter face
Smart cards are of ten viewed as a com plete se cu rity so lu tion, but they should not be con sid ered com plete by them selves. As with any sin gle se cu rity mech a nism, smart cards are sub ject to weak nesses and vul ner a bil i ties. Smart cards can fall prey to phys i cal at tacks, log i cal at tacks, Tro jan horse at tacks, or so cial- en gi neer ing at tacks. In most cases, a smart card is used in a mul ti fac tor con fig u ra tion. Thus, theft or loss of a smart card does not re sult in easy im per son ation. The most com mon form of mul ti fac tor used in re la tion to a smart card is the re quire ment of a PIN. You’ll find ad di tional in for ma tion about smart cards in Chap ter 13, “Man ag ing Iden tity and Au then ti ca tion.”
Mem ory cards are ma chine-read able ID cards with a mag netic strip. Like a credit card, debit card, or ATM card, mem ory cards can re tain a small amount of data but are un able to process data like a smart card. Mem ory cards of ten func tion as a type of two-fac tor con trol: the card is “some thing you have” and its per sonal iden ti fi ca tion num ber (PIN) is “some thing you know.” How ever, mem ory cards are easy to copy or du pli cate and are in suf fi cient for au then ti ca tion pur poses in a se cure en vi ron ment.
Prox im ity Read ers
In ad di tion to smart/dumb cards, prox im ity read ers can be used to con trol phys i cal ac cess. A prox im ity reader can be a pas sive de vice, a field-pow ered de vice, or a transpon der. The prox im ity de vice is worn or held by the au tho rized bearer. When it passes a prox im ity reader, the reader is able to de ter mine who the bearer is and whether they have au tho rized ac cess. A pas sive de vice re flects