Paper#
koti
Detectioninphysicalsecurity.pptxDetection in physical security
Name:
Professor:
Institution:
Course:
Date:
Introduction
Physical security. Refers to protection of software and hardware as well as personnel, networks, data, and information from physical actions and threats that could damage or lead to loss of information of an agency or institution.
Aspects of protection. Information is protected from flood, fire, natural disasters, theft, burglary, and even acts of terrorism or vandalism.
Increased threats. Due to advances in technology, increased threats to agencies and institutions have been realized and this has necessitated the need for detection in physical security.
Significance. The above presentation examines the aspect of detection in physical security in relation to various aspects.
In the field of Computer and Information Sciences or Systems, physical security means the protection of software and hardware as well as personnel, networks, data, and information. They are to be protected from the physical actions and threats that could damage or lead to losses in an agency, enterprise, or even in an institution. The aspects are protected from a flood, fire, natural disasters, theft, burglary, and even acts of terrorism or vandalism. As every individual is aware, the current world is faced with instances of increased intrusion to the data and information and other essential aspects of the organizations by unauthorized individuals or other instances like disasters and this might lead to the loss or damage of essential data and information. Due to this case, security has become a crucial and integral part of any facility or office. However, deciding the various ways an organization might protect its assets and business might appear almost impossible in the first place. However, in line with the goals of physical security, a firm has to develop its detection of physical security effectively. In this case, it becomes important to examine this topic in relation to the goals of physical security and other aspects such as associated threats, policies, and procedures among the others.
2
Goals of physical security
Protecting unauthorized access. Among the notable goals of physical security in computer and information sciences or systems is denying unauthorized access to equipment, facilities, and even resources by unauthorized individuals.
Protection from harm or damage. According to Manship, (2016), organizations need to be protected from harm or damage such as theft, terrorist attacks, espionage and sabotage.
Ensuring the property of a firm remains its property. Firms engage in physical security to ensure that its property remains its assets.
Preventing leakage of information. Firms tend to prevent their information from flowing to outsiders through the aspect of physical security.
Among the notable goals of physical security in computer and information sciences or systems is denying unauthorized access to equipment, facilities, and even resources by unauthorized individuals. The other major goal is protecting the personnel and also properties of an organization from harm or even potential damage from instances such as theft, terrorist attacks, and espionage, or other associated activities, (Manship, 2016). The other essential and significant motive of ensuring there is detection in the physical security entails the aspect of ensuring that the information and the property of the company remain its assets and such might not be used by other individuals. Specifically, the majority of the individuals view the property of an organization as if they are the property for all the people and this is unlike the ideal information where the property of a firm is and will remain to be the property of the given organization. There is also a motive like preventing the leakage of information of the firm from reaching people like the hackers that might intend to use it for malicious practices such as damaging the reputation of the company as well as exposing the information of the stakeholders of the company even to unintended individuals.
3
Associated threats
Fire and natural disasters. The potential threats could lead to loss and damage of information and data.
Unauthorized access. According to Bidgoli, (2016), unauthorized access is the other potential threat especially by unauthorized individuals that would intend to use the information for malicious practices.
Thieves and terrorists’ attacks. Thieves would lead to loss of information while terrorist destroy the assets of a company.
Espionage and sabotage. Are also categories of threats that could damage or lead to the loss of information and data of a company.
As mentioned in the introductory part, increased unauthorized access to information and other assets of the company is being realized. The reason is due to increased advances in technology and also the aspect of instances where thieves have gained improved ways of intruding into a company and obtaining whatever they want to obtain. Additionally, after gaining unauthorized access into a company, such individuals have developed essential ways of hiding the evidence or any other information that would lead to the whereabouts and recovery of the lost items and assets. The situation has led to the associated threats to physical security as well as the detection in the field of computer and information systems or sciences. In this case, the associated threats include fire that would damage the assets of the firm and even lead to the loss of essential data of the company. The other potential threat that the firm needs to be protected against is unauthorized access by unauthorized individuals that include thieves and hackers as well as the competitors of the firm that might get access to the information of the company and use it for malicious practices, (Bidgoli, 2016). The thieves tend to steal the assets and information of the firm while hackers intend to hack the systems of the firm. There is also a threat such as natural threats that are also likely to affect the firm to a great extent. However, at times, natural disasters are inevitable but some might be mitigated by the firm through the detection systems and these might be prevented from causing damages. The other threat is the aspect of attacks by the terrorists where terrorists might want to get access to the firm and destroy essential components, assets, and even the personnel of the company. There is also a threat such as espionage and sabotage and all of these are activities that might adversely affect a firm and its components. The other potential threats are harm and damages to property by unauthorized individuals. All of the above are potential threats realized in a company and these necessitate the aspect of detection in physical security in line with the goals of detection in physical security.
4
Policies
Training the employees. According to Garcia, (2017), one of the essential policies an organization might embrace is training its employees on the essential aspects of physical security within a firm.
Training after employment. Immediately after employment, employees need to be trained about physical security and ways of detecting security threats within the concerned organization.
Priority. Training needs to be given a priority within the firm and this can be done by investing resources and other essential assets of the company in ensuring that the employees of the firm are well-equipped regarding the security measures of the company.
Organizations are also at a point of putting in place essential policies that would aid in detection in physical security to a great extent. Among the essential policies that an organization might put in place is training all the employees of an organization regarding the security aspects and ways of dealing with threats to property and other assets of the firm, (Garcia, 2017). In this case, all the employees of an organization need to be trained immediately they are employed regarding the physical security and the need for having such a security measure in place. Therefore, the aspect of training individuals is among the major policies that an organization might put in place to ensure that physical security has been enhanced. Concerning this point, the security personnel of the firm should be given priority in this training as they are the individuals that are highly involved in the provision of security within an organization. Whenever security personnel receive the high-level training that is required for them, then they will be at a point of dealing with the security threats that a firm might be experiencing and will also be in the frontline for battling any attempts to violate the security of a firm and its property.
5
Cont.
Acquiring the right employees for the correct job. Whenever a firm acquires the right employees for a firm, then it will be at a point of dealing with the issue of incompetency in security matters.
Right security personnel. For example, the right security personnel need to be acquired as these are the people that will be having the required skills and competencies for dealing with the requirements of the physical security.
Matching the people to their jobs. Employees need to be matched to their jobs especially the security personnel so that they might carry it effectively and with no doubts or guessing what they might be doing.
The other essential policy to put in place is the aspect of acquiring the right personnel for the right job opportunities. Specifically, the right individuals for the security purposes of an organization need to be acquired since they will have the required knowledge and competencies that are essential for dealing with security threats. After acquiring the right individuals and also exposing them to vigorous training missions, the individuals will become highly competent in detecting security threats and dealing with them even before they occur. Therefore, the instance of matching the right individuals to the correct job opportunities is an important aspect of dealing with security threats. The other policy that would be important as far as detection in physical security is concerned is that the firm needs to be involved in increased research and development regarding the security issues and instances and how they were dealt with. The research might also aid in identifying the various policy measures that other firms have put in place and the same might be applied in the involved organization and by doing so, the firm will be at a point of addressing the security concerns to a great extent.
6
Procedures
Recovery plans. The firm needs to have a recovery plan for recovering the assets and other essential aspects of the firm in case an attack arises.
Detecting and preventing attacks. The recovery plan also needs to ensure that it detects such threats and deals with them even they occur.
Testing the recovery plans. The recovery plans need to be tested from time to time to identify their effectiveness and how best they could protect the involved firm.
Including the lockdown feature. It is an essential feature meant for keeping the by-passers at a bay so that they might not gain access to the organization or its assets.
The appropriate procedure that an organization might have in place is having a recovery plan that aimed at recovering the systems and assets of an organization in case an attack occurs. At other times, the plan should try as much as possible to ensure that physical security has not been interfered with or tampered at any time since the plan has the capacity of dealing with the situation. As an example, whenever a disaster occurs, there is a high need for acting fast and also doing so according to the disaster recovery plan. Due to this case, an organization has to try as much as possible to test his disaster mitigation and recovery regularly not only on the technological levels but also on the human levels. As an example, a firm needs to carry out drills in testing its ability for reacting to natural disasters and also emergencies that might be caused by the internal as well as the external threats that might threaten individual safety and also the safety of the data of an organization. The other important aspect of the procedures for an organization is that there is a high need for checking and amending the weak points that concern the critical resources of the business, for example, the server rooms, lines of production, data centers as well as the power equipment. It might also include anything else which might impact the daily operations of an organization. In case of securing a highly sensitive organization, then there is a high need for considering the aspect of having a system that might be having a lockdown feature. The lockdown feature is an essential aspect that is mainly involved with keeping away the by-passers from gaining access to the security perimeter and this is an essential feature that might serve the motives of physical security to a great extent.
7
Plans
Going global. When a company is intending to go global, then it might make its security measures in the mother country lose and tighten it in the host country.
Remaining in the same area. According to Ritchey, (2018), whenever a firm is intending to remain operating within the same geographical region, then it is at a point of increasing its security measures.
Winding up. In case an organization is planning to wide up, then it is likely not to be involved in increased investing in detection in the physical security.
Significance. The plan of an organization significantly influences the security measures it will put in place.
The plans of a given company are the other essential aspect that needs to be considered in case an organization has to engage in the physical security aspects of the involved company. As an example, whenever a company is intending to go global, then it might be at a point of planning to withdraw some of its physical security measures as it will be planning on the aspect of investing in the security measures in the new area where the business is planning to relocate to. However, if at all the business is planning to remain within the same area or premises of operating, then the firm will have to invest in increased security measures of the organization, (Ritchey, 2018). Additionally, if at all the business is planning to wide up, then the physical security measures will not be having any meaning. As a result, the company will reduce its security measures.
8
Guidelines and standards
Guidelines. An organization dictates that it needs to be secure from any form of threat and in this case, then it will ensure that it comes up with essential security measures.
Money to be used for security. Among the essential guidelines is the financial capability of an organization and this aids in determining the amount of money a firm will invest in physical security.
Standards. Every company has been registered under certain standards and these standards indicate that security should not be a choice but a necessity.
Significance. Any firm will put in place its security measures in line with the standards which it was founded.
It is also important to realize that investing in physical security mainly lies in the guidelines stipulated by a firm as well as the prevailing standards of the organization. As an example, the firm stipulates the essential guidelines that it might set in ensuring that security has been attained in all levels of the firm. Specifically, essential guidelines have to be followed when planning to secure a security measure and such guidelines include the amount of money to be invested in the security aspect. The other important thing to realize is that various companies have certain standards which have facilitated the registration of the given firm. Therefore, such standards require that the physical security of such a firm and other security measures are given a priority and none of the security measures need to be violated. In this case, the security measures are given a priority and none of the security measures need to be violated. In such a way, then the firm will be at a point of ensuring that it invests heavily in the physical security measures of the firm.
9
Appropriate controls/detection in physical security
Physical security. It is a component of the broader security strategy making a large security plan.
The essential components of physical security. According to Barnard, (2018), three essential components of physical security exists.
The three components. They include access control, surveillance and security testing.
Access control. Entails controlling outer edge of the security perimeter.
Physical security is mainly a component of the broader security strategy but an undertaking that makes a sizeable piece of the large plan. As far as the security experts are concerned, three essential and crucial components make up effective physical security and might aid in the attainment of the goals of detection in physical security as described above, (Barnard, 2018). They include access control, surveillance as well as security testing that work in conjunction to ensure that the space of an organization becomes highly secure. Access control entails the activities of controlling the outer edge of the security perimeter that had been established earlier at the start of the company. In this case, fencing and video surveillance might be carried out as a way of monitoring access to the facility and also securing the outdoor area, especially in case there is an on-site parking or even other resources located out of the premise. Access control also entails using advanced locks, cards, mobile phones, or even biometric authorization and authentication. Due to this case, only the cardholders might access such areas since they will have to swipe the unique identification badges as well as mobile phones so that they might gain access.
10
The component of surveillance
Surveillance. Entails the aspect of taking advantage of the numerous types of sensors that include those meant for detecting motion, smoke, and heat as well as protecting against accidents and intrusion in the organization.
Sensors. According to Goldstein, (2016), sensors are at a point of hooking an individual early and directly to the alarm system and this allows them to trigger alerts and alarms as well as the other system administrators without any intervention of the human beings.
Security testing. company will have to engage in rigorous testing of its security personnel to identify their strengths and weaknesses and how well they could deal with any threat that might arise.
Surveillance entails the aspect of taking advantage of the numerous types of sensors that include those meant for detecting motion, smoke, and heat as well as protecting against accidents and intrusion in the organization. The sensors are at a point of hooking an individual early and directly to the alarm system and this allows them to trigger alerts and alarms as well as the other system administrators without any intervention of the human beings, (Goldstein, 2016). Surveillance cameras as well as notification systems are the other essential aspect of surveillance that might capture an incidence of crime on tape and allow the firm to find the perpetrators of the criminal activity easily. Regarding the instance of security testing, the company will have to engage in rigorous testing of its security personnel to identify their strengths and weaknesses and how well they could deal with any threat that might arise.
11
The component of security testing
Reinforcement. Out of the testing, the firm will also decide whether or not to reinforce its security personnel or carry other essential remedies that are important for ensuring that the security of the organization remains firm and solid.
Applying multiple layers of interdependent systems. include the CCTV surveillance, protective barriers, and locks as well as security guards, (Steinberg, 2020), and are essential for enhancing security measures.
The three parts of physical security. They include physical protective measures, terrorism counteraction measures as well as security procedural measures and these have been categorized under the various security measures for protecting an organization and its assets.
Out of the testing, the firm will also decide whether or not to reinforce its security personnel or carry other essential remedies that are important for ensuring that the security of the organization remains firm and solid. In general, detection in physical security for the attainment of the motives and goals in physical security entails the application of multiple layers of the interdependent systems which might include the CCTV surveillance, protective barriers, and locks as well as security guards, (Steinberg, 2020). The other aspects include controlling access, deterrent systems, perimeter intrusion detection and also protecting fire as well as other systems that have been designed for the protection of the property and persons of an organization. The other essential aspect of the undertaking is the three parts of physical security that include physical protective measures, terrorism counteraction measures as well as security procedural measures and these have been categorized under the various security measures for protecting an organization and its assets.
12
Issues and concerns for various industries
Intended thing to achieve. Every firm has a thing it intends to achieve and this influences investing in security measures.
Physical security or expansion. According to Swinhoe, (2018), a firm that intends to achieve increased security will invest heavily in this activity while the one that wants to be involved in expansion will not invest heavily in security measures.
Financial crisis. Other firms might be fighting or experiencing financial crisis and as a result, they will have little or no resources to invest in security measures.
Every industry has whatever it intends to achieve at a given moment and these requirements differ from time to time. As a result, an industry might be intending to achieve physical security measures while other industries might be intending to achieve the aspect of the expansion. In this case, an industry that is intending to invest in physical security measures will put the majority of its assets and investments in ensuring the firm attains security measures, (Swinhoe,2018). On the contrary, a firm that is intending to achieve the aspect of expansion will invest a small number of resources and finances on the security measures of the organization. In this case, it might be deemed that different firms and industries have different motives and aspects to achieve at different times of their operations and this significantly determines the amount of money and other resources that an organization will invest in when it comes to the security measures of the firm.
13
Business continuity and mitigation risk
Expansion and continuity. According to Kramer, (2017), whenever a business is anticipating an aspect of expansion or continuity, then it has to invest heavily in physical security so that it might ensure the protection of its commodities and other instances that are associated with the protection of the properties of an organization.
Downsizing. In case a firm is intending to downsize, then it will also have to downsize its security measures and risk mitigation.
Significance. The investment in physical security depends on whether the firm is intending to continue and in such a case, it will engage in increased risk mitigation strategies.
The other essential aspect to consider as far as the detection in the physical security is concerned is the issue of the continuity of business and the various aspects involved in the mitigation of risks within a given firm. In this case, whenever a business is anticipating an aspect of expansion or continuity, then it has to invest heavily in physical security so that it might ensure the protection of its commodities and other instances that are associated with the protection of the properties of an organization, (Kramer, 2017). However, whenever a firm is not anticipating an instance of expansion or business continuity, then the firm will invest in small security measures or other undertakings that might be associated with the requirement of investing in heavy security measures. The above aspect is also highly related to the instance of risk mitigation. Whenever a business is anticipating an increase in the level of the business or it is anticipating an expansion, then the same firm will have to be involved in increased mitigation of risks of the assets and properties of the business. On the other hand, in case the business is not expecting to realize an expansion or an increase in its business premises, then the same firm will not be interested in investing in heavy physical security or might also not be at a point of investing heavily on the aspect of the mitigation of risks that are involved in the business. Therefore, the aspect of business continuity as well as the mitigation of risk is an important aspect that a firm needs to consider before deciding the kind of the physical security measures that it might intend to invest in. In the absence of such an aspect, then the firm might opt not to invest in any security measure.
14
Budgetary concerns
Nature of the business. According to Hutter, (2016), the strategy of the physical security depends on the premises of the business as well as the nature of the business.
Size of the firm. When an organization is large, it will invest heavily in physical security concerns and the vice versa is applicable.
Level of operation. A firm that is operating globally has enough resources for catering to security needs and in this case, it will have high security measures.
Matching the security requirements to the budget level. The firm needs to invest in security measures that match to its budget that might fund that security concerns.
The specific practices that physical security play always depend on the specifics or the size of the business. The above undertaking brings about the issue of budgetary concerns. In this case, the strategy of the physical security depends on the premises of the business as well as the nature of the business, (Hutter, 2016) In this case, the major implication is that whenever a business or an organization is large, then the firm is at a point of incorporating both the technological aspect and the other instances of protecting the firm such as engaging in the acquisition of competent and capable individuals that might shield the organization from all the potential threats. However, whenever the firm is small and does not have all the requirements of using both the technological and the manual ways of protecting the organization, then the company will only be left with the instance of using the physical ways of protecting the firm such as using security guards at the gate and will not have the technical aspects of ensuring that the security of the firm has been maintained. Therefore, the great concerns involved in the budgetary concerns entail the financial capability of an organization and the level at which the firm is operating. The other important thing to realize is that whenever a firm is operating at an international level, then it will be at a point of having large sums of money to invest in the physical security of the organization. However, whenever the firm is operating at a lower level especially at the village level, then it might not have the required amounts of money to invest in the physical security of the organization. Therefore, appropriate budgets have to be allocated and the one that will match the security requirements of the organization and also the level at which the firm is operating and that the amount of money invested for the security operations must match the size of the firm. In case an organization ventures into security systems that it might not cater to, then it will be at a point of making losses or might even not be at a point of maintaining the security requirements of such a system. Therefore, the budgetary concerns of an organization are among the essential things to be considered before designing the physical security system of an organization.
15
Conclusion
A necessity. Detection in the physical security of an organization is not an exception but a necessity and the aspect mainly lies in the belief that increased threats to the physical security of the organizations are being realized and among the notable perpetrators of the situation is the increased advances in technology.
Increased threats to security of firms. Due to increases in technology, individuals have developed new ways of threatening the security of networks and other physical assets of the firm.
Significance. Due to increase in security threats, then firms have to invest heavily in the detection in physical security of the organization.
Detection in the physical security of an organization is not an exception but a necessity. The above aspect mainly lies in the belief that increased threats to the physical security of the organizations are being realized and among the notable perpetrators of the situation is the increased advances in technology. Due to increases in technology, individuals have developed new ways of threatening the security of networks and other physical assets of the firm. Due to this case, organizations have been forced to invest heavily in physical security especially by combining the technical aspects as well as the manual undertakings in ensuring that security measures of the firm have been proposed and implemented. By engaging in this case, then the goals of the detection in physical security will be attained especially by ensuring that unauthorized access to the data and information of the company has not been given a chance within the organization.
16
References
Dan Swinhoe. (4th December 2018). What is physical security? How to keep your facilities and devices from on-site attackers.
David Hutter. (2016). Physical security and why it is important. A journal of the information system, 126(2).
Diane Ritchey. (1st May 2018). Why physical security still reigns. Insider threats: Cybersecurity and insider threat investigation.
Hossein Bidgoli. (2016). Handbook of information security, threats, and vulnerabilities.
Joel J. Kramer. (2017). The role of behavioral science in physical security.
Reference slide for the sources used in making the presentation.
17
Cont.
Joseph Steinberg. (17th April 2020). 5 ways cybersecurity impacts physical security.
Mary Lynn Garcia. (2017). Design and evaluation of the physical protection systems.
Phil Goldstein. (2016). Why physical security should be as important as cybersecurity.
Robert Barnard. (2018). Intrusion detection systems.
Ryan Manship. (2016). Everything you need to know about physical security.
Reference slide for sources used in making the presentation.
18
