Physical security for your network/data center.

Before considering applying access control lists, firewalls and other such controls to protect your network, we must consider physical security. Because, if an adversity can easily access and tamper our devices physically, what is the point of other controls? In this post we will dive in to physical security for your network.

Physical Security Categorization

Physical security can be divided into 2 main areas.
1. Outside perimeter security.
2. Inside perimeter security.

Outside perimeter security, referes to security measures you apply outside the facility. Examples for this category include gates, CCTV cameras, watchdogs, alarms etc. On the other hand, Inside perimeter security means the security measures you apply inside the facility. This blog focusses mainly on the Inside perimter Section of physical security.

Inside perimeter security concerns.

Before we look at the security measures we identify all security concerns. Otherwise we will miss some security measures.

    • Managing the temperature inside the facility.
    • Assuring that fire supression equipment are in order.
    • Assuring that systems continuously get the required power they need to function.
    • Preventing unauthorized access to devices.
    • Assuring that devices can withstand natural disasters.

Now let’s look into each of the above concern in depth.

The temperatures inside facilities can increase rapidly. Because these systems produce heat. Therefore we must maintain the temperature in a way it is favourable for people.

When it comes to fire, there are various types. For example we can take fire caused by electricity. Depending on the type of fire, we need to use different equipment to supress. With regard to our example, electric fires, we cannot suppress such fires using water. As electricity flows through water.

In order to meet the Service Level Agreement or the uptime of the systems, we need to make sure our facility is capable of providing adequate amounts of power.

Next, we need to think about protecting our devices from unauthorized access. If an intruder can physically connect to our systems, he would have infinte control over our systems. Undoubtedly, this could be one of the most catastrophic things that can happen. Therefore unauthorized access to systems is a huge concern always.

Apart from those, natural disasters are a concern. It is always important to think of the location of the facility; If it is close to the sea, then there is a risk of tsunami and corrotion. Likewise there can be risks of many other natural disasters like earthquakes, landslides etc depending on the location of the facility.

Countermeasures.

Now that we have got the concerns out of the way, let us dive into the countermeasures to protect our facility.

  • Using HVAC(Heating Ventilation and Air Conditioning) to maintain temperature.
  • Using suitable fire supression equipment, evacuation plans, fire alarms and sprinklers to mitigate the risk of fire.
  • Having 2 phase electricity and UPS installed to ensure critical systems are up and running without any interruptions.
  • Employing Security Traps, Biometric access, security breach alarms, electronic motion detectors, CCTV camearas and security personnels.
  • Planning the layout and location of the facility, using seismically balanced server racks and having contact details of disaster warning centers.

Bottom Line

Thiugh there are so many physical security countermeasures, a skilled attacker can still use techniques such as tailgaiting/piggybacking and baiting to perform attacks 🙂