The IT Law Wiki
The IT Law Wiki

Definitions[]

General[]

Physical security is

the application of physical barriers and control procedures as preventive measures or countermeasures against threats to resources and information.[1]
[t]he security discipline concerned with physical measures designed to: protect personnel; prevent unauthorized access to facilities, equipment, material, and documents; and defend against espionage, terrorism, sabotage, damage, and theft.[2]
the sum of all measures designed to control access to a facility to safeguard personnel, property, and information against espionage, sabotage, damage, and theft. It includes measures such as guards, fences, safes, and alarm and camera systems.[3]

Military[]

Physical security is:

[t]hat part of security concerned with physical measures designed to safeguard personnel; to prevent unauthorized access to equipment, installations, material, and documents; and to safeguard them against espionage, sabotage, damage, and theft. The physical security process includes determining vulnerabilities to known threats, applying appropriate deterrent, control and denial safeguarding techniques and measures, and responding to changing conditions.

In communications security, the component that results from all physical measures necessary to safeguard classified equipment, material, and documents from access thereto or observation thereof by unauthorized persons.[4]

[a]ctions taken for the purpose of restricting and limiting unauthorized access, specifically, reducing the probability that a threat will succeed in exploiting critical infrastructure vulnerabilities including protection against direct physical attacks, e.g., through use of conventional or unconventional weapons.[5]

Overview[]

Physical security is important for protecting computer facilities and resources from espionage, sabotage, damage, and theft. Physical security is used to deter, delay, detect, and deny physical access by unauthorized individuals. Physical security restricts physical access to computer resources, usually by limiting access to the buildings and rooms in which the resources are housed and by periodically reviewing the access granted, in order to ensure that access continues to be appropriate. Examples of physical security include perimeter fencing, surveillance cameras, security guards, and locks.

Physical security involves the buildings that house computer centers, as well as the remote computer terminals. Within the established security perimeters, access to work areas must be restricted w1th physical barriers, appropriate placement of equipment and supplies, and universal wearing of identification badges. Emergencies must be prepared for, alternative power sources provided in many cases to assure uninterrupted process1ng, and incoming and outgoing materials inspected. Access to loading areas requires special precautions.[6]

References[]

  1. SEPS Security Program Operating Manual 89 (May 2005).
  2. Intelligence Community Standard 700-01, at 18.
  3. Classified Information: Costs of Protection Are Integrated With Other Security Costs, at 15.
  4. U.S. Department of Defense, Joint Pub. 1–02: DOD Dictionary of Military and Associated Terms (Nov. 8, 2010, as amended through May 15, 2011) (full-text).
  5. Critical Foundations: Protecting America's Infrastructures, Glossary.
  6. Computer Crime: Computer Security Techniques, at ix.