physical security
What is physical security and how does it work?
Physical security is the protection of personnel, hardware, software, networks and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution. This includes protection from fire, flood, natural disasters, burglary, theft, vandalism and terrorism. While most of these are covered by insurance, physical security's prioritization of damage prevention avoids the time, money and resources lost because of these events.
The physical security framework is made up of three main components: access control, surveillance and testing. The success of an organization's physical security program can often be attributed to how well each of these components is implemented, improved and maintained.
Access control
The key to maximizing one's physical security measures is to limit and control what people have access to sites, facilities and materials. Access control encompasses the measures taken to limit exposure of certain assets to authorized personnel only. Examples of these corporate barriers often include ID badges, keypads and security guards. However, these obstacles can vary greatly in terms of method, approach and cost.
The building is often the first line of defense for most physical security systems. Items such as fences, gates, walls and doors all act as physical deterrents to criminal entry. Additional locks, barbed wire, visible security measures and signs all reduce the number of casual attempts carried out by cybercriminals.
More sophisticated access controls involve a technology-supported approach. ID card scanners and near-field communication (NFC) ID cards are methods of physical authentication that security teams can use to verify the identities of individuals entering and exiting various facilities. Some Swedish companies have recently experimented with embedding NFC microchips below the skin of their employees -- making it extremely difficult to forge or replicate their credentials. Invasive devices like this, however, are much less popular among labor unions, given the degree of physical pain and bodily concern.
Using tactically placed obstacles, organizations can make it more difficult for attackers to access valuable assets and information. Similarly, these barriers increase the time it takes for threat actors to successfully carry out acts of thievery, vandalism or terrorism. The more obstacles that are in place, the more time organizations have to respond to physical security threats and contain them.
But criminals are not the only threat that access controls can minimize. Barriers such as walls and fences can also be used to harden buildings against environmental disasters, such as earthquakes, mudslides and floods. These risks are extremely location-dependent. Organizations that divert resources toward such hardening measures should balance the cost and benefit of their implementation prior to investment.
Surveillance
This is one of the most important physical security components for both prevention and post-incident recovery. Surveillance, in this case, refers to the technology, personnel and resources that organizations use to monitor the activity of different real-world locations and facilities. These examples can include patrol guards, heat sensors and notification systems.
The most common type of surveillance is closed circuit television (CCTV) cameras that record the activity of a combination of areas. The benefit of these surveillance cameras is that they are as valuable in capturing criminal behavior as they are in preventing it. Threat actors who see a CCTV camera are less inclined to break in or vandalize a building out of fear of having their identity recorded. Similarly, if a particular asset or piece of equipment is stolen, surveillance can provide the visual evidence one needs to identify the culprit and their tactics.
Testing
Physical security is a preventative measure and incident response tool. Disaster recovery (DR) plans, for example, center on the quality of one's physical security protocols -- how well a company identifies, responds to and contains a threat. The only way to ensure that such DR policies and procedures will be effective when the time comes is to implement active testing.
Testing is increasingly important, especially when it comes to the unity of an organization. Fire drills are a necessary activity for schools and buildings because they help to coordinate large groups, as well as their method of response. These policy tests should be conducted on a regular basis to practice role assignments and responsibilities and minimize the likelihood of mistakes.
Importance of physical security
As businesses become more dependent on the internet of things (IoT), so does the need for digital and physical security. IoT demands a significant amount of physical security to safeguard data, servers and networks. The rising interconnectedness of IoT has expanded the sphere of physical security. Virtual machines (VMs) and applications that run in the cloud, for example, are only as protected as their physical servers.
Whether organizations invest in first-party or third-party cloud computing services, these data centers need to be sufficiently protected using physical security measures to avoid severe data losses.
Physical security examples
Physical security can take many shapes and forms. The strategies, barriers and techniques that organizations use to support general physical information technology (IT) security, for example, are significantly different from those used to facilitate consistent physical network security. Here are a few physical security examples used to contain and control real-world threats.
Log and trail maintenance
Keeping a record of what is accessed -- and what people attempt to access -- is a reliable way to not only discourage unauthorized users, but create a forensic-friendly data environment.
Multiple failed login attempts and attempted access using a lost card are both physical security tools that organizations can use to reliably track their asset activity. In the case of a security breach, these records can prove incredibly valuable for identifying security weaknesses.
Risk-based approach
One of the most effective ways to optimize a physical security investment is to use a risk-based approach. This is a data analysis technique used to evaluate scenarios based on one's risk profile.
If a business is particularly risk-averse -- such as a credit union or a restaurant -- it will opt to invest in a more expensive physical security system that is more equipped to mitigate risk. Therefore, the amount of resources a company dedicates to its physical security using a risk-based approach should be equivalent to the value it places on risk mitigation.
Accountable access control
By tying access control to individuals, an organization can improve its visibility over personnel activity. Imagine a particular room can only be accessed by a single key, and that key is given to two people. If an asset in that room goes missing, then only those two people are accountable for its disappearance.