Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Securing fiche

From: Amin Tora <amintora () gmail com>
Date: Wed, 30 Sep 2009 14:09:08 -0400
Since this is a physical item, mostly physical security related techniques would be utilized to secure your asset: 

I think the approach into looking at this would be two fold in general:

(a) Perimeter Security
(b) Local Containment/Internal Security
Depending on the value of your assets and the current and projected threat(s), you would want to apply various amounts and levels of security at each category above. You would apply a different type, quality, amount, and degree of security depending on what information your asset is, and you would apply a sub-category of each of the above categories as appropriate. The key being, you don't spend more than the actual value of your asset.
In (a) Perimeter Security, you would apply security from outside moving in. So if you are holding highly classified state secrets, you would apply security at the country borders, and move inward with various types and levels of security as you move in towards your physical location. You could utilize cameras, fences, razor wiring, lights, cameras, motion sensors, heat sensors, etc... You could even have a zone outside of the borders as a de-militarized zone (DMZ) as an additional buffer of physical separation. If you are just holding some simple information, then maybe you only need to start out from the perimeter of the office complex, or the building itself, or just the room where you are storing your assets. You would/could still utilize the same types of security - it will just depend how outreaching it has to be. I think this paints a good general picture.
In (b) Local Containment/Internal Security, you would apply layers of security within the building, with locked doors (physical keys, or electromagnetic with or without biometrics, etc), different grades of wall-ceiling-floor material, motion sensors, cameras, electromagnetic radiation/interference shielding, etc. Again, all of this depends on the type, quality, and level of confidentiality of the information you have. Then you could apply various types of security down to the physical item itself, with items like motion sensors, heat sensors, vibration sensors, weight sensors, safes, etc....
All of this would be encapsulated with monitoring and response capabilities in the event of any kinds of incidents.
That's the general approach in terms of physical security. This covers numerous types and layers of security, so there are numerous vendors out there that provide solutions for all these different categories.... some on this list might have suggestions here and there. 

I hope this helps out a bit...

-Amin Tora




On Sep 29, 2009, at 8:51 AM, s0h0us () yahoo com wrote:


Hi List,
We have a number of confidential documents on micro fiche. What are you doing to secure this type of media? 
Thanks!

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. 

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------




------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: