PlEASE ASSIGN THE SAME WRITER WHO DID 63564 AND 62922 as they do this task weekly with efficiently, also please answer the questions and will send the 2 student responses you need to comment on during the week when one of my peers upload their response , feel free to send the first part earlier anytime beforethis week you will need to go to these three links and watch themhttps://www.abc.net.au/catalyst/cyber-attack/11014378
https://www.wired.com/2016/03/inside-cunning-unprecedented-hack-ukraines-power-grid/
https://www.abc.net.au/radio/programs/worldtoday/hackers-target-nsw-government-department-in/7136534
questions are on the screenshot also sent lectures
Instructions Physical Security Ed Moore Physical Security Facility Location First thing to consider is where to locate a facility Each location has pros and cons and will present their own set of risks Occurrence/history of natural disasters Climate change? Accessibility What transport methods are available? Customer access? Is this required or not Will the facility have joint tenants? What type of companies will they be? Proximity to emergency services Hospitals, Fire, Police nearby? Signage/visibility Should it stand out and attract attention or blend in? 2 Physical Security Data Centre/Network Operations Centre (NOC) Internal location of the data centre/NOC is important Many places store their NOC in the basement level as it is loud and this keeps it out of the way Other companies store it at the top as basement is often used for carpark Basements are susceptible to flooding Top floors are vulnerable to storms Ideal location is in the center of the building, away from flooding and internal as much as possible to avoid winds/storms Important to evaluate: Location of doors/windows (if any) Unauthorised access to the facility (via roof spaces and heating ducts etc) Security of loading bays Backup power availability Ability to supress fires 3 Physical Security Data Centre/Network Operations Centre (NOC) How do you put out a fire in a server room? Traditionally Halon 1301 was used Halon 1301 is a gas that replaces oxygen in the room to remove the oxygen for the fire What are the issues with this? Novec 1230 is a alternative for Halon 1301 It is a liquid in storage that turns to a gas when discharged The liquid evaporates 50 times faster than water It removes the heat from the fire 4 Physical Security Case Study: Google Video available at: https://www.youtube.com/watch?v=TQoKFovvigI 5 Physical Security Data Centre/Network Operations Centre (NOC) Controlling access to restricted or sensitive areas: Who needs to have access to the area and how often? What level of protection do sensitive assets require? Proper types of access control for the environment Necessary alerts and logging of activity The Data Centre or NOC should have many physical security controls: Biometric access and exit sensors On-premises security officers Security breach alarm Electronic motion sensors Continuous video surveillance 6 Physical Security Personal Access Control Identification mechanisms: Production of photographic identification to security guard This prevents piggybacking/tailgating Biometric devices Card badge reader devices Magnetic script which contains access information or smart cards which require a pin Logs badge ID and access times Turnstiles/revolving doors Mantraps Types of proximity devices: User activated The user has to swipe the card of enter a PIN System sensing/transponder devices No user interaction required, device recognises the presence of an approaching object within a specific area 7 Physical Security Boundary/perimeter protection Physical Controls: Locks Mechanical Combination Cipher locks (use of keypad or swipe card) Fencing Bollards Lighting Intrusion detection systems Detect changes in beams of light, sounds & vibrations, motion, electrical circuit and different types of field (microwave, electrostatic, ultrasonic) Surveillance devices CCTV Guards and guard dogs 8 Physical Security Fencing Different heights provide different levels of protection 3 to 4 ft – deters casual trespassers 6 to 7 ft – not easy to climb 9 ft (including three strands of barbed wire) – deters even a determined intruder Critical areas should have a minimum of 8ft fences Electrified fences Sound an alarm when touched and emit a shock to the trespasser Perimeter Intrusion Detection and Assessment System (PIDAS) fencing Detects when someone tries to cut or climb a fence Mesh-wire fence with a passive cable vibration sensor which sets off an alarm if detected 9 Physical Security Lighting Deters trespassers Required in critical areas, entrances and parking areas Elimination of dead spots/unlit areas between lights Lamp posts must be positioned the correct distance from each other Lighting should be pointed towards gateways and exterior access points and pointed away from guard stations (to avoid glare) 10 Physical Security Security Guards Best form of deterrent, but most expensive Necessary when human interpretation of a situation is required or judgement calls are needed They ensure that company property is not taken out of the building or facility Enforce regulations Monitor intrusion detection and fire alarm systems Verify that windows and doors are locked Watch out for suspicious activity or behaviour Ensure that piggybacking does not take place Can move through the building or facility rather than being restricted to one location 11 Physical Security Electro-mechanical/volumetric Electro-mechanical systems: Detect a change or break in a circuit The most widely used Magnetic switches Metallic foil in windows Pressure mats Volumetric More sensitive than electromechanical systems Detects changes in vibration, microwaves, ultrasonic frequencies, infra-red values and photoelectric charges Rather than watching for unusual or suspicious behaviors, as is the case with surveillance techniques, intrusion detection systems detect changes that take place in the environment, when a change is detected an alarm is sounded either in the local area or at a remote location. There are two main types of physical intrusion detection systems, electromechanical (electro-mech-anical) and volumetric. Electromechanical work by detecting a change in an electronic circuit. This can be triggered by things like a window opening or being broken, doors being opened or weight being put on a pressure pads. Volumetric systems work by detecting change in light and vibrations. The most prominent example of intrusion detection depicted in movies in photoelectric or photometric systems, which detect changes light beams however this means that they cannot be used in rooms with windows as the changes in lighting outdoors will trigger them. Passive infrared systems identify changes in heat waves in an area, these usually detect body heat. An acoustical detection system uses microphones installed on floors, walls or ceilings to detect any sound that may be made during forced entry. These cannot be used close to openings as they would be triggered by storms and traffic. Intrusion detection systems are expensive and require human intervention to respond to the alarms. They also require a redundant power supply and emergency backup power. 12 Business Continuity (BC) and Disaster Recovery Planning (DRP) 13 BC & DRP Processes to help organisations to prepare for disruptive events (big and small) Disaster recovery planning is the process by which organisations resume their business after a disruptive event. It shows how to survive a disaster and what to do right after a disaster Emergency response responsibilities and procedures Recovery procedures after a disaster or disruption Business continuity planning involves a more comprehensive approach to making sure that business can continue to make money even after a disaster or incident has taken place Continuity of critical business functions Reduce overall impact of business interruption The two processes are intertwined and determine how the organisation will keep functioning after a disruptive event until its facilities and/or activities are restored to its normal state Disaster recovery and business continuity planning are processes that help organizations prepare for disruptive events—whether that event be an earthquake or hurricane or simply a power outage caused by a downed power line. Because there is a tendency for humans to believe that ‘it won’t happen to me’, many businesses are prone to ignoring ‘disaster recovery’ because they believe it is unlikely to happen. The goal of disaster recovery is to minimise the effects of a disaster or disruption. It means taking the necessary steps to ensure that the resources, personnel and business processes are able to resume operation in a timely manner. Continuity planning provides methods and procedures for dealing with longer-term outages and disasters. The goal of a disaster recovery plan is to handle the disaster and its ramifications right after the disaster hits; the disaster recovery plan is usually very IT focused and is still in emergency mode, and everyone is frantically trying to get all critical systems back online. A business continuity plan (BCP) takes a broader approach to the problem. It can include getting critical systems to another environment while repair of the original facilities is under way, getting the right people to the right places during this time, and performing business in a different mode until regular conditions are back in place. 14 BC & DRP BC planning lifecycle This slide shows the business continuity planning life cycle. The first phase of the lifecycle is to conduct a risk analysis – this involves identifying current and future risks and threats that can affect the business. The second phase is the business impact analysis – this involves assessing what might happen when these threats become reality. The third phase involves strategy selection – in aim of this phase is to calculate ways to either prevent or solve the threats, and decide which solution would be most effective. The fourth phase involves the execution of the business continuity plan – ie; administering the selected solution The fifth and final phase is the measurement and maintenance phase – this involves assessing the success of the solution, and re-evaluating the continuity method to determine whether there is room for improvement. There is a wide variety of models that could be used, this is just one of them. 15 BC & DRP What’s included The business continuity plan covers four main areas: Project Scope and Planning Business Impact Assessment Continuity Planning Approval and Implementation As previously mentioned, Business Continuity Planning (BCP) involves the creation of policies, plans, and procedures to minimize the impact those risks might have on the organisation if they were to occur. There are four critical steps to business continuity planning: Project Scope and Planning Business Impact Assessment Continuity Planning Approval and Implementation. The next few slides cover what is included in detail however I’m just going to flick through them. 16 BC & DRP Project Initiation Gain management support Understand the organisation (see Zachman Business Enterprise Framework for more information) Look at: Data Function Network People Time Motivation 17 BC & DRP Assign Responsibilities Role of management is to : Set up a budget and staff for the program before the BCP process begins Assign duties and responsibilities to the BCP co-ordinator and representatives from functional units of the organisation Provide due diligence and due care Drive all phases of the plan Provide consistent support and final approval of plans Ensure that testing takes place It is the responsibility of executives to ensure that they practice due diligence, due care and fulfil all of their legal and regulatory obligations when it comes to disaster recovery and business continuity planning. For example, banking and investment organisations must ensure that even if a disaster occurs, their customers’ confidential information will not be disclosed to unauthorised individuals or be altered or vulnerable in any way. Management must also drive all phases of the plan, provide consistent support and approval of plans, ensure that thorough testing of the plans take place and provide a sufficient budget to address the issues discovered in the business continuity/disaster recovery plans. 18 BC & DRP Business Impact Analysis Identifies resources that are critical to an organisation’s ongoing viability and the threats posed to those resources. Assesses the likelihood that each threat will actually occur and the impact they may have on the organisation Purpose is to: Identify the company’s critical business functions Identify business priorities, activities that are essential for the day to day operations Identify dependent resources and calculate how long functions can survive without these resources without causing irreparable harm to the organisation Identify vulnerabilities and threats to business functions Calculate risks to each business function Develop backup