Management: Physical security: How should physical security be integrated with information protection?

Options:

Decision:

Basis:

Location is considered in the placement of information assets and resources.
Location is central to physical security issues. Different locations have different situational characteristics, such as proximity to natural hazards like earthquakes, tsunamis, volcanos, hurricanes, floods, lightning strikes, dust, cold, heat, and so forth. Human hazards are also associated with location, like crime levels in different neighborhoods, cities, states, nations, and continents. Even the location inside office spaces leads to higher or lower profile and susceptibility to attack.

Paths associated with physical attack are analyzed in physical design.
Paths from the initial situation of the attacker to their target and back to safety have various limitations, like topological limits, time to penetrate barriers, equipment and skill requirements, and the number of different ways in and out of areas with and without detection and response. Paths are altered by diversions and other active attacks and defenses.

Time for paths is analyzed in physical protection analysis.
Time has long been a central issue in physical protection and is increasingly becoming a central issue in information protection. Actions take time, whether in attack or defense, and physical security has long recognized this in the design and operation of alarm systems and response regimes. Typically time is measured against attack graphs.

Properties of materials, barriers, and entry and exit processes are analyzed in physical design.
Properties associated with materials, barriers, and entry and exit processes have substantial effects on available physical attack processes, time to penetrate, noise levels, detectability, and so forth.

Attack graphs are used to analyze physical design.
Attack graphs express the set of sequences of steps in physical attacks. They are used by attackers and defenders to determine options for entry and egress (exit) on a step by step basis through the successive barriers between attacker and target and target and escape (if planned). Attack graphs are also analyzed for time and equipment requirements in order to properly stage and time processes.

Normal, emergency, forced, and surreptitious entry and exit paths are analyzed in physical design.
Entry points include normal, emergency, forced, and surreptitious types and are typically identified with different protective measures. The entry concern is typically about who goes in, what they bring with them, if they are allowed, and whether they should be where they are. Egress (exit) points are similar to entry points except that the actor is going the other direction and different controls are required. On exit the concern is generally about who is leaving, if they should have been there in the first place, what is being removed, and what was left inside.

Emergency situations are analyzed for physical security design.
Emergency situations lead to different entry and exit processes, tend to happen at higher rates with higher volume, and are prime targets for exploitation. This means that the protective process for emergency situations has to be properly adapted for those processes or protection will be ineffective during those times. It is often easy to create an emergency and exploit the altered behaviors.

Surveillance systems and sensors are used to detect attacks in time to respond in time to prevent potentially serious negative consequences.
Surveillance systems include coverage of a range of physical phenomena including but not limited to audio, visual, temperature, humidity, proximity, dew point, pressure, air flow, door and window state, heat, motion, smoke, and chemical presence, absence, and level. These are connected to alarm systems, centralized or distributed data collection, analysis, and response capabilities, may be networked, and operate together with badging and computer-related identification and authorization systems.

Hardening, locking, distance, obstacles, mantraps, and other delay mechanisms are used to slow attacks after detection.
Hardening of physical structures is widely used to improve protection. Locking systems of many sorts are used in physical protection. Typically they include keyed, digital, or analog controls of electrical, mechanical, fluid, or gaseous mechanisms that are controlled based on time, location, sequence, and situation. They may have different failsafe features and default settings, may be tamper evident, and may be redundant in different ways. Mantraps are sets of access points designed to trap individuals within them so that if they fail to properly authenticate through the entire process, they will be unable to leave until forces are able to respond. They are commonly used in physical security systems to deter repetitive entry attempts by unauthorized personnel and to catch those who break part way into or out of a facility.

Responses are times so as to prevent potentially serious consequences after detection and before the attacker bypasses delays.
Response time is a key issue in physical protection. Typically response times are tuned to mitigation of consequences so that high consequence events that demand rapid response are located close to response forces that are present whenever response may be needed. Response time is degraded by resource consumption and there are almost no systems designed to have adequate immediate responses to handle intentional subversion by multiple diversions.

Physical analysis includes all modes of movement within the capabilities of the identified threats.
Analysis should include everything the attackers are capable of doing. For analytical purposes, this means air, land, sea, underground, and other approaches as well as times and distances associated with remotely driven devices, such as rockets, guns, energy mechanisms, sound mechanisms, and so forth. It also includes long-term attack methods such as physical alteration of acquisition and planting of devices in buildings, undersea cables, and so forth.

Response forces are at levels appropriate to the threat and timing requirements of response.
Force on force issues are inherent in any physical security system. Any defensive force can be overwhelmed by adequate offensive force and firepower.

Physical and informational attack graphs, times, responses, and other elements are used in an integrated fashion.
Integration of physical and informational attack and defense mechanisms is necessary in order to understand how attackers and defender might combine methods. If treated as independent, protection may either be ineffective o excessive.