Measures to reduce security threats
Data and File protection - physical controls
Natural hazards
Environment protection (eg. Humidity)
Away from windows
Away from natural hazards (eg Fault lines)
Waterproof walls, ceilings, floors
Water mains away from computer rooms
Locate away from hazardous areas
People
Data Base Management Controls (Data Base Administrator - should be carefully
monitored ie. clear job description, no transaction initialisation, have a backup
assistant)
Passwords
Secure Room Central to users
Fences
Burglar alarms (i.e. alarms that signal illegal entry such as, infra-red)
Limited number of doors
Locks
Guards
Receptionists
Identification badges
Card activated locks (eg DKS system)
Closed circuit TV
Log in/out personnel
Photograph visitors
Visitors accompanied (including cleaning staff!!)
Dog patrols
Double door entry
Terminal controls( physical security, observation of terminal station)
Equipment
Bolt computers/terminals to floor/furniture.
Building sprinkler systems
Drainage facilities
Fireproof construction
CO2 systems
Portable fire extinguishes
Fire alarms
Accessible power switches
Grounds/building lighting
Power and communication underground
Uninterruptible power supply
Transmission line controls (encryption, error detection, alternate routing)
Well maintained hardware
Current (as opposed to aging) hardware
Procedures
Regular fire hazard inspections (eg. printouts)
Emergency instructions
Minimal advertising indicating a computer installation (eg. databank)
Backup facilities in a separate location
Annual review of protection devices and procedures
