What is Physical Security in information security?

Physical security is represented as the security of personnel, hardware, programs, networks, and data from physical situations and events that can support severe losses or harm to an enterprise, agency, or organization. This contains security from fire, natural disasters, robbery, theft, destruction, and terrorism.

There are several elements of physical security which are as follows −

  • It can be alternative physical security strategies should be performed. When appropriate, consider the need of window bars, anti-theft cabling (with alarm when cable is disconnected from system), magnetic key cards, and motion detectors.

  • It can be prepared for fire emergencies with suitable automatic non-water fire fighting equipment, and supports appropriate staff training in its use.

  • It can be used to keep reasonable climate control in secured rooms, with temperature ranges between 50 and 80 degrees Fahrenheit, with a humidity range of 20 - 80%.

  • It can be minimize nonessential materials that can jeopardize a secure room. Nonessential items such as coffee, food, cigarettes, curtains, reams of paper, and multiple flammables.

  • It can be dispose of confidential waste carefully and sufficiently to keep confidentiality.

  • Label confidential data appropriately and provide suitable security processes from common carriers when shipping or receiving confidential data.

  • It can be used to maintain critical systems separate from general systems.

  • It can be used to save computer equipment in places that cannot be view or reached from windows and doors, and away from radiators, heating vents, air conditioners, or multiple work. Workstations that do not routinely display sensitive data should save in open, visible spaces to avoid covert use.

  • It can be used to secure cabling, plugs, and multiple wires from foot traffic.

  • It can be used to maintain a secure stock of equipment and peripheral equipment, with up-to-date logs of manufacturers, models, and serial numbers.

  • Hardware (servers, workstations, network devices) should be restored or upgraded within reasonable timeframes to maintain the network functional.However, once a workstation have to be four to five years old, its processing power decreases in relation to the requirements of current software.

  • Consider the use of maintenance contracts. It can maintain equipment information, contact and tech support numbers readily accessible at the computers.

  • When computers including sensitive information are being maintained or repaired, be sure that sensitive information is properly passworded, encrypted, or eliminated from the computer before maintenance or repair.

  • Proper annual maintenance and repairing of computer equipment is needed.

  • Proper processes to be used to backup system data and applications.

  • It can be used to create a procedure and schedule of system backup.