Internal Security Controls
If a facility employs restricted areas to control physical security, a mechanism to handle
visitors is required. Often an escort is assigned to visitors, and their access and activities
are monitored closely. Failing to track the actions of outsiders when they are allowed into
a protected area can result in malicious activity against the most protected assets. Visitor
control can also benefit from the use of keys, combination locks, badges, motion detectors,
intrusion alarms, and more.
426
Chapter 10
■
Physical Security Requirements
Keys and Combination Locks
Locks keep closed doors closed. They are designed and deployed to prevent access to every-
one without proper authorization. A
lock
is a crude form of an identification and autho-
rization mechanism. If you possess the correct key or combination, you are considered
authorized and permitted entry. Key-based locks are the most common and inexpensive
forms of physical access control devices. These are often known as
preset locks
. These
types of locks are subject to picking, which is often categorized under a class of lock
mechanism attacks called
shimming
.
using locks
Keys or combination locks—which do you choose and for what purposes?
Ultimately, there will always be forgetful users. Elise constantly forgets her combination,
and Francis can never remember to bring his security key card to work. Gino maintains a
pessimistic outlook in his administrative style, so he’s keen on putting combinations and
key card accesses in all the right places.
Under what circumstances or conditions might you employ a combination lock, and
where might you instead opt for a key or key card? What options put you at greater risk of
loss if someone discovers the combination or finds the key? Can you be certain that these
single points of failure do not significantly pose a risk to the protected assets?
Many organizations typically utilize separate forms of key or combination accesses
throughout several areas of the facility. Key and key card access is granted at select
shared entry points (exterior access into the building, access into interior rooms), and
combination locks control access to individual entry points (storage lockers, file cabinets,
and so on).
Programmable or combination locks offer a broader range of control than preset locks.
Some programmable locks can be configured with multiple valid access combinations
or may include digital or electronic controls employing keypads, smartcards, or cipher
devices. For instance, an
electronic access control (EAC) lock
incorporates three ele-
ments: an electromagnet to keep the door closed, a credential reader to authenticate sub-
jects and to disable the electromagnet, and a sensor to reengage the electromagnet when
the door is closed.
Locks serve as an alternative to security guards as a perimeter entrance access control
device. A gate or door can be opened and closed to allow access by a security guard who
verifies your identity before granting access, or the lock itself can serve as the verification
device that also grants or restricts entry.
Implement and Manage Physical Security
Do'stlaringiz bilan baham: |