SY0-501 Section 2.7 Compare and contrast physical security and environmental controls

Environmental controls

The location of your computer facility is critical to its security. Computer facilities must be placed in a location that is physically possible to secure. Additionally, the location must have the proper capabilities to manage temperature, humidity, and other environmental factors necessary to the health of your computer systems.

HVAC

If the computer systems for which you’re responsible require special environmental considerations, you’ll need to establish cooling and humidity control. Ideally, systems are located in the middle of the building, and they’re ducted separately from the rest of the HVAC (Heating, Ventilation, and Air Conditioning) system. It’s a common practice for modern buildings to use a zone-based air conditioning environment, which allows the environmental plant to be turned off when the building isn’t occupied. A computer room will typically require full-time environmental control.

Fire suppression

Fire suppression is a key consideration in computer-center design. Fire suppression is the act of extinguishing a fire versus preventing one. Two primary types of fire-suppression systems are in use: fire extinguishers and fixed systems

EMI shielding

Shielding refers to the process of preventing electronic emissions from your computer systems from being used to gather intelligence and preventing outside electronic emissions from disrupting your information-processing abilities. In a fixed facility, such as a computer center, surrounding the computer room with a Faraday cage can provide electronic shielding. A Faraday cage usually consists of an electrically conductive wire mesh or other conductor woven into a “cage” that surrounds a room. The conductor is then grounded. Because of this cage, few electromagnetic signals can either enter or leave the room, thereby reducing the ability to eavesdrop on a computer conversation. To verify the functionality of the cage, radio frequency (RF) emissions from the room are tested with special measuring devices. Electromagnetic interference (EMI) and radio frequency interference (RFI) are two additional environmental considerations. Motors, lights, and other types of electromechanical objects cause EMI, which can cause circuit overload, spikes, or electrical component failure. Making sure that all signal lines are properly shielded and grounded can minimize EMI. Devices that generate EMI should be as physically distant from cabling as is feasible because this type of energy tends to dissipate quickly with distance. Figure 2.1 shows a motor generating EMI. In this example, the data cable next to the motor is picking up the EMI. This causes the signal to deteriorate, and it might eventually cause the line to be unusable. The gray area in the illustration is representative of the interference generated by the motor.

FIGURE 2.2 Electromagnetic interference (EMI) pickup in a data cable

RFI is the byproduct of electrical processes, similar to EMI. The major difference is that RFI is usually projected across a radio spectrum. Motors with defective brushes can generate RFI, as can a number of other devices. If RF levels become too high, it can cause the receivers in wireless units to become deaf. This process is called desensitizing, and it occurs because of the volume of RF energy present. This can occur even if the signals are on different frequencies.

Figure 2.2 demonstrates the desensitizing process occurring with a wireless access portal (WAP). The only solution to this problem is to move the devices farther apart or to turn off the RFI generator.

Hot and cold aisles

There are often multiple rows of servers located in racks in server rooms. The rows of servers are known as aisles, and they can be cooled as hot aisles and cold aisles. With a hot aisle, hot air outlets are used to cool the equipment, whereas with cold aisles, cold air intake is used to cool the equipment. Combining the two, you have cold air intake from below the aisle and hot air outtake above it, providing constant circulation. It is important that the hot air exhausting from one aisle of racks not be the intake air pulled in by the next row of racks or overheating will occur. Air handlers must move the hot air out, whereas cold air, usually coming from beneath a raised floor, is supplied as the intake air. Figure 2.3 shows an example of a hot and cold aisle design.

Environmental monitoring

Environmental concerns include considerations about water and flood damage as well as fire suppression. Computer rooms should have fire and moisture detectors. Most office buildings have water pipes and other moisture-carrying systems in the ceiling. If a water pipe bursts (which is common in minor earthquakes), the computer room could become flooded. Water and electricity don’t mix. Moisture monitors would automatically kill power in a computer room if moisture were detected, so the security professional should know where the water cutoffs are located.

Fire, no matter how small, can cause damage to computer systems. Apart from the high heat, which can melt or warp plastics and metals, the smoke from the fire can permeate the computers. Smoke particles are large enough to lodge under the read/write head of a hard disk, thereby causing data loss. In addition, the fire-suppression systems in most buildings consist of water under pressure, and the water damage from putting out even a small fire could wipe out an entire datacenter.

Temperature and humidity controls

Many computer systems require temperature and humidity control for reliable service. Large servers, communications equipment, and drive arrays generate considerable amounts of heat; this is especially true of mainframe and older minicomputers. An environmental system for this type of equipment is a significant expense beyond the actual computer system costs. Fortunately, newer systems operate in a wider temperature range. Most new systems are designed to operate in an office environment.

Environmental systems should be monitored to prevent the computer center’s humidity level from dropping below 50 percent. Electrostatic damage is likely to occur when humidity levels get too low. Humidity control prevents the buildup of static electricity in the environment. If the humidity drops much below 50 percent, electronic components are extremely vulnerable to damage from electrostatic shock. Most environmental systems also regulate humidity; however, a malfunctioning system can cause the humidity to be almost entirely extracted from a room. Make sure that environmental systems are regularly serviced.

Physical security

Access control is a critical part of physical security, and it can help cut down the possibility of a social engineering or other type of attack from succeeding. Systems must operate in controlled environments in order to be secure. These environments must be, as much as possible, safe from intrusion. Computer system consoles can be a vital point of vulnerability because many administrative functions can be accomplished from the system console. These consoles, as well as the systems themselves, must be protected from physical access.

A key aspect of access control involves physical barriers. The objective of a physical barrier is to prevent access to computers and network systems. The most effective physicalbarrier implementations require that more than one physical barrier be crossed to gain access. This type of approach is called a multiple barrier system or defense in depth. Ideally, your systems should have a minimum of three physical barriers:  The external entrance to the building, referred to as a perimeter, which is protected by burglar alarms, external walls, fencing, surveillance, and so on. This should be used with an access list, which identifies who can enter a facility and who can be verified by a guard or someone in authority.  A locked door protecting the computer center; you should also rely on such items as ID badges, proximity readers, fobs, or keys to gain access.  The entrance to the computer room itself. This should be another locked door that is carefully monitored. Although you try to keep as many intruders out with the other two barriers, many who enter the building could be posing as someone they are not— heating technicians, representatives of the landlord, and so on. Although these pretenses can get them past the first two barriers, the locked computer room door should still stop them.

Hardware locks

Hardware security involves applying physical security modifications to secure the system(s) and preventing them from leaving the facility. Don’t spend all of your time worrying about intruders coming through the network wire while overlooking the obvious need for physical security.

Adding a cable lock between a laptop and a desk prevents someone from picking it up and walking away with a copy of your customer database. All laptop cases include a built- in security slot in which a cable lock can be inserted to prevent it from easily being removed from the premises (see Figure 2.4).

FIGURE 2.4 A cable in the security slot keeps the laptop from easily being removed.

When it comes to desktop models, adding a lock to the back cover can prevent an intruder with physical access from grabbing the hard drive or damaging the internal components. The lock that connects through that slot can also go to a cable that then connects to a desk or other solid fixture to keep the entire PC from being carried away. An example of this type of configuration is shown in Figure 2.5. In addition to running a cable to the desk, you can choose to run an end of it up to the monitor if theft of peripherals is a problem in your company. An example of this type of physical security is shown in Figure 2.6. You should also consider using a safe and locking cabinets to protect backup media, documentation, and any other physical artifacts that could do harm if they fell into the wrong hands. Server racks should lock the rack-mounted servers into the cabinets to prevent someone from simply pulling one and walking out the front door with it.

FIGURE 2.5 A cable can be used to keep a desktop machine from easily being taken.

FIGURE 2.6 If theft of equipment is a possibility, run one end of the cable from the monitor to the desktop machine through the hole in the work desk.

Mantraps High-security installations use a type of intermediate access control mechanism called a mantrap (also occasionally written as man-trap). Mantraps require visual identification, as well as authentication, to gain access. A mantrap makes it difficult for a facility to be accessed by large numbers of individuals at once because it allows only one or two people into a facility at a time. It’s usually designed to contain an unauthorized, potentially hostile person physically until authorities arrive. Figure 2.7 illustrates a mantrap. Notice in this case that the visual verification is accomplished using a security guard. A properly developed mantrap includes bulletproof glass, high-strength doors, and locks. After a personis inside the facility, additional security and authentication may be required for further entrance

Video Surveillance

In high-security and military environments, an armed guard as well as video surveillance would be placed at the mantrap. Beyond mantraps, you can combine guards with cameras (or even the threat of cameras) to create a potent deterrent. The cameras can send signals to a room where they are monitored by a guard capable of responding to a situation when the need arises.

Fencing

Perimeter security, whether physical or technological, is the first line of defense in your security model. In the case of a physical security issue, the intent is to prevent unauthorized access to resources inside a building or facility.

Physical perimeter security is intended to accomplish for a network what perimeter security does for a building. How do you keep intruders from gaining access to systems andinformation in the network through the network? In the physical environment, perimeter security is accomplished through fencing, locks, doors, surveillance systems, and alarm systems. This isn’t functionally any different from a network, which uses border routers, intrusion detection systems, and firewalls to prevent unauthorized access. Few security systems can be implemented that don’t have weaknesses or vulnerabilities. A determined intruder can, with patience, overcome most security systems. The task may not be easy, and it may require careful planning and study; however, a determined adversary can usually figure out a way. This is why deterrence is so important. If you want to deter intruders from breaking into your building, you can install improved door locks, coded alarm systems, and magnetic contacts on doors and windows.

Access list

As the name implies, the purpose of an access list is to identify specifically who can enter a facility. Once created, a guard or someone in authority can verify the list. Similar toan access list for physical access, access control lists (ACLs) enable devices in your network to ignore requests from specified users or systems or to grant them certain network privileges. You may find that a certain IP address is constantly scanning your network, and you can block this IP address. If you block it at the router, the IP address will automatically be rejected any time it attempts to use your network.

Proper Lighting Lighting can play an important role in the security of any facility. Poor lighting can lead to a variety of unwanted situations: someone sneaking in a door that is not well lit, one individual passing a checkpoint and being mistaken for another person, a biometric reading failure. The latter is particularly true with facial recognition, and proper lighting needs to be in place for both the face and the background.

Signs

One of the least expensive physical security tools that can be implemented is a sign. Signs can be placed around secure areas telling those who venture by that only authorized access is allowed, that trespassers will be prosecuted, and so on. There is a story told of a couple of magicians who drove across country while on tour, and to prevent anyone from breaking into their car, they put a sign on it identifying the car as a transport vehicle for the Centers for Disease Control. Supposedly, it worked and no one ever broke into the vehicle. Within Microsoft Windows, you have the ability to put signs (in the form of onscreen pop-up banners) that appear before the login telling similar information—authorized access only, violators will be prosecuted, and so forth. Such banners convey warnings or regulatory information to the user that they must “accept” in order to use the machine or network. In Windows, the banner is turned on in the Registry through an entry beneath HKEY_ LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System. You can configure legalnoticecaption as the caption of the “sign” that you want to appear and legalnoticetext as the text that will show up and need to be dismissed before the usercan move on. Both are string values accepting any alphanumeric combination.

Guards

As opposed to signs, one of the most expensive physical security tools that can be implemented is a guard. A guard can respond to a situation and be intimidating, but a guard is also fallible and comes at a considerable cost.

Barricades

To stop someone from entering a facility, barricades or gauntlets can be used. These are often used in conjunction with guards, fencing, and other physical security measures, but they can be used as standalones as well.

Biometrics

Biometric systems use some kind of unique biological trait to identify a person, such as fingerprints, patterns on the retina, and handprints. Some methods that are used include hand scanners, retinal scanners, facial recognition applications, and keystroke recognition programs, which can be used as part of the access control mechanisms. These devices should be coupled into security-oriented computer systems that record all access attempts. They should also be under surveillance in order to prevent individuals from bypassing them. These technologies are becoming more reliable, and they will become widely usedover the next few years. Many laptops sold now have a fingerprint reader built in. The costs associated with these technologies have fallen dramatically in recent years. One of the best independent sources of information on development in the field of biometrics is BiometricNews.net, where you can find links to publications and their blog.

Protected distribution (cabling)

A protected distribution system (PDS) is one in which the network is secure enough to allow for the transmission of classified information in unencrypted format—in other words, where physical network security has been substituted for encryption security. In a small office, for example, you could ban the use of wireless devices and require that all such devices be connected to a bus topology network that is clearly visible as it runs through the space. Moving forward from this overly simplistic scenario, it is possible to create a much larger network that uses fiber, various topologies, and so on, as long as you still have the ability to monitor and control the span of it. Such networks were once called “approved circuits,” and the U.S. government largely uses them.

Alarms

An alarm is used to draw attention to a breach, or suspected breach, when it occurs. This alarm can be sounded in many ways—through the use of a siren, a series of lights (flashing or solid), or an email or voice message—but is always intended to draw attention to the event. A security zone is an area in a building where access is individually monitored and controlled. A large network, such as the ones foundin a big physical plant, may have many areas that require restricted access. These smaller zones are referred to as security zones. In the physical environment, each floor is broken down into separate zones. An alarm system that identifies a zone of intrusion can inform security personnel about an intruder’s location in the building; zone notification tells security where to begin looking when they enter the premises. The concept of security zones is as old as security itself. Most burglar alarms allow the creation of individual zones within a building or residence; the security staff then treats these zones separately. In a residence, it would be normal for the bedroom to be assigned a zone of its own so that movement here can occur while other parts of the house may be set on a motion detector.

Motion Detection

A motion detection system can monitor a location and signal an alarm if it picks up movement. Systems are commonly used to monitor homes, and the same technology can be used to protect server rooms, office buildings, or any other location. The motion detection can be accomplished with sensors that are infrared, microwave, or sonic, or that utilize a variety of hybrid sensors.

Control Types

One of the most generic terms in security is control. The word is used so many different ways that its meaning can become blurred. The best thing to do is to equate the word with whatever entity is charged with the task at the moment. That task can be preventing something from happening, logging when something does, responding to it, or any variety of other possibilities. For the exam, CompTIA has categorized controls into six types as follows:

Deterrent

A deterrent control is anything intended to warn a would-be attacker that they should not attack. This could be a posted warning notice that they will be prosecuted to the fullest extent of the law, locks on doors, barricades, lighting, or anything can delay or discourage an attack.

Preventive

As the name implies, the purpose of preventive controls is to stop something from happening. These can include locked doors that keep intruders out, user training on potential harm (to keep them vigilant and alert), or even biometric devices and guards that deny access until authentication has occurred.

Detective

The purpose of a detective control is to uncover a violation. The only time that they would be relevant is when a preventive control has failed and they need to sound an alarm. A detective control can range from a checksum on a downloaded file, an alarm that sounds when a door has been pried open, or an antivirus scanner that actively looks for problems. It could also be a sonic detector, motion sensor, or anything that would detect that an intrusion is under way.

Compensating

Compensating controls are backup controls that come into play only when other controls have failed. An office building may have a complex electronic lock on the door (preventive control) and a sign that you will be arrested if you enter (deterrent control), but it is a safe bet they will also have an alarm that sounds (a compensating control) when the door is jimmied as well as a backup generator (another compensating control) to keep that electronic lock active when the power goes out.

Technical

Technical controls are those controls implemented through technology. They may be deterrent, preventive, detective, or compensating (but not administrative), and include such things as firewalls, IDS, IPS, and such.

Administrative

An administrative control is one that comes down through policies, procedures, and guidelines. An example of an administrative control is the escalation procedure to be used in the event of a break-in: who is notified first, who is called second, and so on. Another example of an administrative control is the list of steps to be followed when a key employee is terminated: disable their account, change the server password, andso forth.

img