Physical security

1.

The Manhattan Bank Robbery

The Manhattan Bank robbery of 2019 took place in New York, June 2019. The suspected criminal walked into TD Bank and handed over a bag to a bank teller (Miller, 2019). He also handed in a note detailing his demands for money to be stashed in the bag. The Robber made away with the wad full of cash but was later tracked via a tracker that the teller had placed in the wad of cash. Although this is an old-fashioned type of security threat, the robber was able to get away with a significant amount of cash. In order to deter against such external threats to a business the following measures can be instituted (Miller, 2019).

First, limiting ease of access through a set of locks and employee identification mechanisms. Restricting access to the tellers through a set of identification processes would deter robbers as their identities will remain imprinted on to the system. The threat of also not being able to leave fast enough deters such kind of external threats to a business. Limiting access, in a nut-shell would constitute identifying any persons that have access to the tellers.

Secondly, I would institute physical intrusion detection systems that notify of any security breeches in any department of the bank. The employees form part of the IDS as they can remotely activate the security alarm systems to notify the security teams of any breaches. Once a target is able to get to access the area, the systems ensure that law enforcement and the security teams in the building are notified (Miller, 2019).

Finally, mitigation processes would need to be instituted to slow down the robber or criminal in cases of physical access. An example of a mitigation process is slowing of computer processes and locks in order to buy more time for first responders and security personnel to respond. In our case, a mitigation measure would include limiting the amount of money that any teller has access to any point in time. A would-be robber would therefore need to make do with a limited amount of cash or take a longer amount of time trying to access the other tellers (Miller, 2019).

The Manchester Internal Physical Threat

The Manchester physical theft took place at the local police HQ when a junior officer stole a part of the computer system with an intention of selling the item to fund his drug addiction (Martin, 2019). The suspect was later apprehended after an investigation at the police department. The first measure I would institute to minimize the risk of internal physical threats would be drafting in clearance sections that monitor employees as they access and leave the premises. The Manchester robber confessed to undertaking the crime because the area was poorly manned.

Secondly, every equipment of value or significance to the organization would need to be tagged and accounted for periodically depending on the number of shifts that are there. Such items would include flash disks, USB devices and phones that are portable and can be easily disguised as other objects. Physically accounting for each device ensures that the incidence of theft is greatly reduced (Martin, 2019).

Additionally, every device needs to be attached to a particular group of employees or under the care of an individual employee. In doing so, the police headquarters will always have particular employees manning the devices responsibly. It also creates and builds a culture of accountability among the workforce. The measure is also a cost-cutting alternative to employing high numbers of security personnel (Martin, 2019).

2.

Introduction

The organization uses physical security to protect their data from unwanted threats like natural and humanmade disasters. A few of the natural disasters are like an earthquake, flood, and few of the humanmade accident are like hacking, theft, and terrorism. The organization needs to protect their data and keep their physical security updated. There are few organizations where their physical security failed, and they had a significant data loss issue. In this paper, we will discuss the physical security failed organizations.

"British Airways was forced to ground thousands of flights over May bank holiday weekend as a Power Surge caused damage to the Datacenter."

British Airways had a significant incident on physical security in the month of May during the year 2017. The total system was collapsed because of a power surge caused in one of the UK locations. All ticketing, baggage, and operations were taken offline, so services were completely messed up (Price, 2013). All the customers were made to wait for a very long time to board the airlines. The airlines in the New York location announced the delay on all flights, and proper timings were not informed to the customers. This kind of incident was caused because of improper planning of physical security.

Organizations should have a backup plan on all the incidents which cause a significant drawback on their operations. Physical security should be planned in a way where even if there is a natural or humanmade disaster, they should be able to recover as soon as possible. British Airways did not have any backup plans on this issue. This made a significant impact on their carrier. Everywhere in the airport, all display was showing the same theme of an error message (Selk, 2017).

The organization had to apologize to their customers through emails, websites, twitter, and media. That was the first time the British airlines got into this kind of big crisis. The complete online operations were down for a minimum of 7 hours, which made a massive impact on all the bookings. This also created an adverse effect on the organization's operations. This incident happened during a considerable holiday month of May (Selk, 2017). After this incident, the organization started to maintain a proper backup plan to handle the situations under control. So, it is indispensable for the organization to make sure they keep adequate physical security for their organization.

"Lightning strikes Amazon and Microsoft data centers."

 Microsoft and Amazon are the major players in cloud computing. A major cloud-based data center was opened in Duplin in the year 2009, which has been used by both Microsoft and online-based Amazon market (Pope, 2011). The cloud was designed to operate the data center remotely and operate the complete operation in a different place. This was a major mistake done by both the organization. They didn't have a backup plan if the data center is messed up.

 Both organizations are leaders in their markets. The significant lightning strikes the data center in the year 2011. The weather condition in Duplin's use was not that good. Both organizations never thought about the data center's physical security to avoid if there is an attacked by the weather condition (Erbschloe, 2005). After the lighting attack on the cloud-based data center, both the organizations were shut down for several hours. Companies had to inform that they were shut down due to the fire or explosion. Even though they had backup generators due to the blast was too massive, they were not able to bring the operation back on asap. Amazon and Microsoft had to face their customers and respond to their customers with an apology.

Physical security must be planned in the organizations before launching a significant plan in a location. They must make sure if the place has important weather issues if so, they must design the building at a safe level where the data center will not be affected even if there is a flood or earthquake or lightning attacks (Hopf, 1979). Also, physical security needs to be updated in proper intervals depending on the issues faced. If the organization doesn't give importance to their physical safety, this is how things might get messed up, and they had to meet all the consequences. 

References

Erbschloe, M. (2005). Physical Security for IT. Elsevier.

Hopf, P. S. (1979). Handbook of building security planning and design. McGraw-Hill.

Pope, C. (2011). Lightning strikes Microsoft and Amazon data centres. The Irish Times.

Price, J. (2013). Practical Aviation Security: Predicting and Preventing Future Threats. Butterworth-Heinemann.

Selk, A. (2017). A ‘catastrophic’ computer outage is crippling international air travel. Washington Post