Physical security

Personnel

background check
training + onboarding
strict access control
NDA
termination process
protection from internal attacker
1. separation of duties
  - split knowledge
  - dual control
2. rotation of duties: another person in the role would notice smth suspicious
3. mandatory vacation: cannot interfere with audit while away
4. least privilege
5. need to know

CPTED

crime prevention through environmental design
fences and plants must not provide access to windows, roof
equipment is located in the middle of the building
- building can absorb damange
- if located on upper floors – long access
- if located on lower floors – may be flooded
benches and tables encourage people to take a sit ⇒ surveillance
no places where one could hide (e.g. bushes, unlit trees)
surveillance not concealed ⇒ deterrent + provides feeling of safety
entrances can be easily observed
better observability
- glass walls
- grid-like stairs
- low barriers between sections
approaches
1. natural access control
2. natural surveillance
3. natural territorial reinforcement

Natural access control

limited number (1 or 2) of approved entrances
front desk + registration on entering the premises
minimal number of entrances outside of business hours and on weekends
landscaping to designate main entrance (e.g. lane with poles on the sides)
technical entrance is not in obvious place
lighting
lawn to direct people and cars
parking in front of main entrance ⇒ people take main exit

Natural surveillance

unobscured visibility, flat terrain
entrance raised above the ground
benches, walkways, bike lane
large windows increase visibility
extra lighting of critical zones

Territorial reinforcement

flags
encourage solidarity (easier to protect good assets that belong to the group)

Location

close to police, fire station, ambulance: + lease price, – insurance price

Walls

resistant to fires
reinforce protected zones
glass walls increase visibility

Doors

resistant to fires
resistant to breaking through and out
alarm
- opened without authorization
- open for a long time
hinges: at least 3
direction of opening
type of glass
fail-open or fail-safe
panic bars + alarm
mantrap
- room with 2 doors where the person is checked
- weight control – protection from piggybacking
revolving doors
door closers

Ceiling

resistant to fires
lifting capacity
suspended ceiling: can contain low current circuits

Floor

resistant to fires
lifting capacity
raised: can contain power cables
insulated, does not conduct current

Windows

transparent
wired to alarm
enduring
location, whether easily available to break in

Locks

hostage alarm: code opens the lock and starts the alarm

Fence

PIDAS: perimeter intrusion detection and assessment system
- vibrosensors on the cable that is stretched along the fence
- high sensitivity

Lighting

directed outwards – does not blind security
wall lighting to see intruder
standby lighting: imitates people presence

CCTV

closed-circuit TV
the less focusing distance is, the larger viewing angle is
depth of field
- distance between closest and the most remote objects that are distinguishable (sharpness); zone that is observable in focus
- increases with:
  - decreasing lens opening (aperture), focusing distance (focal length)
  - increasing distance
- deep ≡ sharp background, blurred close object
- shallow ≡ blurred background, focus on object

HVAC

heating, ventilation, air conditioning
positive air pressure: dust does not enter from outside
low humidity: static electricity
high humidity
- corrosion
- plug connector metal melts with socket metal
separate power source
protected ventilation (e.g. bars inside)
emergency valves
temperature
- if lower than operational, then efficiency is lower

Electricity

redundant sources
interference → monitoring + surge protector
in-rush current: initial current on plugging in is larger than operational
induction → shielding
do not run near fluorescent lamps – high noise
grounding
no extenders: each plug = noise

Water

emergency valves
vivid markings
on leakage industrial dehydrators are needed, otherwise mold damages the building
sensors
- under raised floor
- over suspended ceiling
- connected to alarm – only necessary personnel notified
- documented location
on leakage – disable current

Gas

emergency valves
vivid marking

Firefighting

cables inside ventilation must not produce dangerous fumes when burnt
HVAC must be disabled
- not to provide oxygen to fire
- not to spread fumes
sensor location
- under raised floor
- over suspended ceiling
- on the floor
- on the ceiling
- within ventilation
suppression location
sensor types
- by fumes
  - optical (ray disturbed by smoke)
  - electrical (smoke changes resistance)
- by temperatures
  - absolute (fixed)
  - relative (measures delta)
fire types
- A
  - wood, paper
  - water, foam decrease temperature
- B
  - liquids
  - CO₂, powder, freon drive oxygen away
- C
  - electrical
  - CO₂, powder, freon
- D
  - flammable chemicals
  - powder starts chemical reaction and neutralizes chemical agent
- K
  - oil on kitchen (e.g. in cafe)
  - CH₃COOK
sprayer types
- wet pipe
  - water in pipe is released by sensor signal
  - water may freeze
  - pipe might burst
- dry pipe
  - air under pressure does not let water in pipe
  - allows to disable current automatically
- preaction
  - ≈ dry pipe
  - water is released when plug melts
- deluge
  - large head ≡ a lot of water

Earthquake

earthquake-resistant racks with dampers

Cables

copper emits radiowaves → possible to read the data
optics does not radiate
channels with cable are under pressure – detects access to cables

EMP

Faraday cage
impose white noise

IDS

types
- electromechanic: breaking electric circuit
- photoelectric: change of light stream
- infrared: temperature change
- acoustic, vibrational
- electromagnetic: disturbing wave reflection
- capacitive: change of electromagnetic field

Design a site like this with WordPress.com