Chapter 6: Physical and Environmental Security
Chapter Overview:
This chapter introduces physical and environmental security. As discussed in Chapter 4, an Enterprise Architecture provides policies that encompass physical and environmental security. Chapter 6 builds on what we learned from previous chapters by providing a brief explanation of physical and environmental security as an introduction to the physical and environmental security controls used to protect a Terminal Server environment. The discussion evolvesto physical and environmental security in terms of Terminal Server and regulatory compliance by introducing an example tier 2 IT Server Room Policy. Chapter 6 illustrates the importance of physical and environmental security, provides additional references, and explains why systems must be protected in a secure location against unauthorized access, environmental threats and manmade disasters.
The overwhelming consensuses inall walks of security professionals is that if an attacker gains physical access to an environment, all existing security controls are pointless. Once an organization’s physical security has been compromised, even the most hardened server is at risk to a variety of threats.
Physical and environmental security is not the most popular topic of discussion among IT professionals because the controls rarely involve the hardware, software and firmware technologists support. The NIST Special Publication 800-33 describes physical security as a “non-computing security method.”
Physical and environmental security addresses the threats, vulnerabilities and countermeasures used to secure an organization’s assets. Physical and environmental security encompasses people, facilities, data, equipment, media and supplies. Physical and environmental security includes administrative controls, physical access controls and environmental protection controls. An example of administrative controls is visitor registration. Physical access controls can be as simple as a locked door or as elaborate as biometric access controls behind multiple guard posts. Environmental protection can be as simple as surge protection and a fire extinguisher or as elaborate as full scale climate control, conditioned power or emergency power sources with an automated fire protection system. In terms of Terminal Server, physical and environmental security provides the security controls that ensure against unauthorized access, environmental threats and manmade disasters.
Table 6.1 introduces physical access controls and environmental protection considerations.
Table 6.1
|
Physical Access Controls
|
Environmental Protection
|
|
Guards
|
Power Protection and Conditioning
|
|
Fences
|
HVAC
|
|
Barriers
|
Water Protection
|
|
Lighting
|
Fire Detection
|
|
Keys and Locks
|
Fire Suppression
|
|
Badges
|
Evacuation
|
|
Escorts
|
Environmental Monitoring
|
|
Monitoring and Detection Systems
|
Environmental Detection
|
Organizations that must comply with regulatory mandates, such as Sarbanes-Oxley, Health Insurance Portability, and so forth, must undergo regular audits to ensure compliance. There are a number of widely adopted control frameworks and guidelines that can be used to help implement and audit physical and environmental security.
Table 6.2 lists additional resources.
Table 6.2
|
Name
|
Explanation
|
Section
|
|
FIPS PUB 31
|
U.S. Department of Commerce / National Bureau of Standards, Federal Information Processing Standards (FIPS) Guidelines for automatic data processing physical security and Risk Management.
This document is outdated, although it is still considered a good informational resource.
|
Entire document is dedicated to physical and environmental security.
|
|
ISO IEC 17799 2005
|
The purpose of ISO/IEC 17799 is to provide recommendations for information security management to those responsible for initiating, implementing or maintaining security in their organization.
|
Section 9.
|
|
NIST Special Publication 800-12
|
An Introduction to Computer Security: The NIST Handbook
|
Chapter 15.
|
|
CobIT 4.0
|
CobIT is a framework for information IT management risks, or more formally, a "framework and supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks" (ref: ISACA).
CobIT is typically associated with Sarbanes-Oxley compliance.
|
· PO4.8 Responsibility for Risk, Security and Compliance.
· DS12 Manage the Physical Environment.
· DS12.2 Physical Security Measures.
|
After physical and environmental security has been compromised, even the most hardened server is at risk to a wide range of threats, such as theft, tampering, accidental interference, lose of power, surges or spikes, flood, fire, earthquake, overheating, and so forth. From a server perspective, as soon as physical security is compromised, theft or tampering is a serious concern. Many popular tools are available on the Internet that can be used to reset the local or domain administrator’s password by booting a server from a floppy or CDROM. Once an intruder has the administrator’s password, it is possible to install root kits or roam the network with immunity. An example of environmental risks includes power irregularities or failure, heat, floods, fire, earthquake, and so forth.
The followingexample is an IT server Room Security Policy which highlights the security controls employed to protect a server room against unauthorized access, environmental threats and manmade disasters. This policy is intended for informational purposes only.
Purpose and Scope
The purpose of this policy is to ensure that a minimum level of physical and environmental security is maintained in IT Server Rooms. The following policy is applicable to all of <Company Name> IT Server Rooms, employees and visitors who access any IT Server Rooms.
Roles and Responsibilities
Director of IT
In order to ensure compliance with this policy, the Director of IT is responsible for distributing this policy to all employees who access IT server rooms.
All Employees
All employees shall read this policy before accessing IT server rooms. It is the responsibility of <Company Name> employees to ensure that they carry out their duties in a professional manner while working in IT Server Rooms.
Visitors
All visitors shall be accompanied by a member of the IT staff at all times while in an IT server room. It is the responsibility of the <Company Name> IT staff accompanying the visitor to ensure they carry out their duties in a professional manner while working in IT Server Rooms.
Policy
- The primary security control used to access the IT server rooms is a digital door lock.
- Only authorized personnel shall be allowed access to the server room area, including those persons needed to operate, supervise or provide maintenance to the area and its equipment.
- Personnel shall wear their identification badge at all times while in an IT server room.
- All visitors must wear visitors’ passes while in an IT server room.
- All visitors must be accompanied by <Company Name> IT staff at all times while in an IT server room.
- Tailgating other staff members in order to enter an IT server room is not permitted.
- Food and drink shall not be taken into the IT server rooms.
- The server room must have clean, conditioned power.
- A primary and back-up uninterrupted power system (UPS) is required to prevent data loss if the main power should fail.
- The server room must have a primary and backup climate control system.
- Database and file backups will be kept as current as is reasonable. All backup tapes must be stored in a secured off-site location.
Policy Review
This policy will be reviewed annually.
Compliance
Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.
Reference
FIPS PUB 31
ISO IEC 17799 2005
NIST Special Publication 800-12
NIST Handbook Chapter 15
The proceeding policy shows which security controls organizations employ to protect their information systems including Terminal Server from unauthorized access, environmental threats and manmade disasters.
This chapter discussed physical and environmental security and provided an example tier 2 IT Server Room Policy.
- If an attacker gains physical access to an environment, all existing security controls are pointless.
- Physical and environmental security addresses the threats, vulnerabilities and countermeasures used to secure an organization’s assets.
- Physical and environmental security encompasses people, facilities, data, equipment, media and supplies.
- Physical access controls can be as simple as a locked door or as elaborate as biometric access controls behind multiple guard posts.
- Organizations that must comply with regulatory mandates, like Sarbanes-Oxley, Health Insurance Portability, and others, must undergo regular audits to ensure compliance.
The next chapter will review password security and a sample tier 2 Password Policy that defines a standard for creation of strong passwords, the protection of those passwords and the frequency of change.
Resources
FIPS PUB 31
ISO IEC 17799 2005
NIST Special Publication 800-12
NIST Handbook Chapter 15
Cobit PO4.8 Responsibility for Risk, Security and Compliance
Cobit DS12 Manage the Physical Environment
Cobit DS12.2 Physical Security Measures
