Physical Security: Prevention, Detection & Recovery

Physical security is the process through which the personnel and the system components are protected from unauthorized access by parties that could cause damage. Physical security comprises of three factors that include prevention, detection and recovery. Prevention ensures that the area is secure and difficult to access and detection identifies the premises that were broken into, what was stolen and the amount of the damage while recovery is the steps towards repairing and improving the security of the setting. To enable maximum security, I will work closely with my team to ensure that numerous layers are set up in the network.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

Proposed Solution

To ensure that the physical security serves its purpose, we will set the first layer that will set the groundwork for the remaining layers of defence (Tim & Leece, 2016). The defense mechanism ensures that if an attacker manages to penetrate the first layer, he or she is met with multiple layers making it difficult to penetrate the network. The first layer of the defense is made up of perimeter barriers that are designed for a whole site perimeter and not just to guard the main entrances. The security at the main entrance will be enhanced through bollards, security guards and barriers. Security cameras will be installed around the perimeter to support human resources from the security guards in monitoring the premise.

Immediately after the safety guards, we will have Pan Tilt Zoom cameras that can be moved dynamically and zoomed-in specific areas of interest. All the visitors entering the premise will first bypass the security guards and the sniffer dog they will enter the second layer of security, which are the security doors. I can propose the turnstile doors whose security barrier allows entry only in one direction. The turnstile doors will ensure that all the visitors produce their visitor's badge when entering and when exiting the premise that will help in keeping track all that enters and leaves the premise.

To be able to access different areas in the premise all those entering will have to clock in a biometric system for designated visitors. The premise will have both electric and solar-powered lighting in the parking lots and all entrances (Kaven, 2005). All the employees will be trained frequently on the importance of maintaining security and adhering to the set rules and regulations. All the devices with sensitive information will be stored in a Faraday cage. All the desktop computer systems will be controlled from the hub, and their USB ports will be deactivated to prevent employees and visitors from inserting their flash disks. The laptops, on the other hand, will lock using network cable locks that will deter unauthorized parties from compromising the system.

The teams that will be allowed access into the computer lab where servers are stored are the network security crew, Fleet System Engineering squad and the data system technicians. There will be a dome camera at the main entrance of the server to keep track of the traffic in and outside the room. We chose the dome cameras because they are vandal resistant and are protected by plastic elements that make it difficult to break.

Justification

The use of bollards at the entry point of the parking lot is basically to stop the trespassers from entering the premise without permission. The sniffer dogs will complement the security guards in their work in searching for drugs and explosives. An eight feet perimeter wall around the premise with lighting that has been known to scare intruders (Woosik & Namgi, 2017). The barbed wires will be extended underneath to prevent burrowing pests and intruders who may purpose to create an entrance underneath the perimeter wall.

The proposed PTZ cameras are the best fit because they have an excellent built-in night vision, tamer resistant and built-in motion tracking as well as powerful zooming capabilities. There will be security drills every month, and all the attendees will be booked against their biometric credentials to prevent intruders from accessing the security details. And this is because there can never be two parties sharing biometric details.

The network security crew will determine who handles mobile devices on the premises so he or she can account for all the activities at the premise. The team will also regulate the amount of information on the devise and an asset inventory and tracking system to track the movement of the devices. All the mobile devices will be encrypted, and users will be required to access them using a unique PIN. The mobile devices will have the Bluetooth disabled, and the geofencing enabled. No device will have a camera and all the programs and applications not in use will be uninstalled.

Network Defense

Information technology network supports the communication network and storage of data. The components of the network are the switches, hubs, and the routers as well as the network interface card. It should be noted that all the mobile devices functions on diverse layers of the open system interconnection model (Tim & Leece, 2016). The OSI model is divided into seven layers that show the operation of every layer and the transfer of data from one layer to the next. Hubs and repeaters are stationed at the first layer that is normally referred to as the physical layer. The second layer in the OSI model houses the switches, the WAPs and the Bridges that is also referred to as the data link layer.

A router forms part of the network of the third layer whose primary purpose s to connect two or several networks and transfers information packets amongst the networks. As such, the school is a large companies that will require a robust router device for the network. The staffs and all the parties that will interact with the system daily will be trained on the varying functions of the system network devices to prevent common errors such as the denial of service. The administration will register the entire computer devices before being connected to the network, and a firewall would be set up to prevent one system from the other.

Network Maintenance

The security system network at the premise is large and will require a web of network administrators that will be tasked with ensuring daily security of the organization (Ibor & Obidinnu, 2015). The group working under the system administrator will be trained and exposed to frequent sessions with the leaders in the security industry to ensure that they are up to date of the changing technological environment.

To maintain the quality of the network security, baselines, regulations and procedures, as well as guidelines, will require serious concentration. The security personnel need to set up the main security system that will convince the management that all functions such as networking security and user security are secure and important to the progress of the organization.

System Validation

The groundwork for a better security system network is the creation of a security procedure. The main asset of network security is confidentiality, integrity and availability. Another aspect that enhances security is the control system and the firewall. The ports will be reduced to control the number of people that use portable computer devices at the premise.

Several system security consultants will be on call to advice the security team at the premise, and advice the security team on the important step to follow that will ensure that the system meets its return on investment.

Menace Management

Menace management is concerned with highlighting the differences between network vulnerabilities and threats. When the best practices are set in plus, the menace management can prevent optimal damage cost. The system needs to be automated to ensure that system procedures and operations are maintained as intended.

It is worth noting that system security credentials will almost be the same for all employees except for system administrators that will have super access capabilities (Tim & Leece, 2016). However, there are functions meant for expatriates. Continued learning by the staff and other members on the premise about the importance of the system is essential for the success of the system. And this is because system security is a splintered fare that requires all stakeholders to be involved to ensure that the system is not compromised at any given to allow for intruders to gain access of the system without permission.

References

Tim, M. & Leece, 2016. Physical Security and IT Convergence: Managing Cyber-Related Risks. Journal of Business Continuity & Emergency Planning 10 (1): 18-30. http://ezproxy.umuc.edu/login?url=http://search.ebscohost.com.ezproxy.umuc.edu/login.aspx?direct=true&db=heh&AN=118205625&site=eds-live&scope=site. [Accessed September 18, 2018].

Woosik, L. & K. Namgi Kim. (2017). Security Policy Scheme for an Efficient Security Architecture in Software-Defined Networking. Information, (2), 65. Retrieved from: https://doi-org.ezproxy.umuc.edu/10.3390/info8020065Kaven, O. (2005). Is your network safe? PC Magazine, (12), 62. Retrieved from http://search.ebscohost.com.ezproxy.umuc.edu/login.aspx?direct=true&db=edsgit&AN=edsgit.A133831019&site=eds-live&scope=siteIbor, A. & Obidinnu, J. (2015). System Hardening Architecture for Safer Access to Critical Business Data. Nigerian Journal of Technology 34 (4): 788-92. doi:10.4314/njt. v34i4.17. [Accessed September 22, 2018].