Running head: PHYSICAL SECURITY 1
PHYSICAL SECURITY 8
Biometrics in Physical security
Student’s Name:
Institution Affiliation:
Date:
Introduction
In today’s world, data is very important to organizations and businesses; thus, it is collected and stored in one place, referred to as a data center. A data center is a facility used to store IT infrastructure, composed of storage used to process and store data. Organizations heavily rely on data centers to store their data and other useful information, thus requiring both digital and physical security. Physical security are measures enforced in protecting the physical environment and the information system resources infrastructure , including software, hardware, and other devices against physical threats such as fire, theft, water, and floods. Organizations’ data centers provide computing services such as data management, storage, backup and recovery, and computer networking. The IT experts predict there will be a rapid growth in facial recognition and iris recognition. Other biometric technologies are based on physical traits, including vein patterns, heartbeat recognition, and palm prints. Biometrics are used in data protection by preventing hacking and data breaches, but they are utilized in access control, authentication, and verification in physical security. Biometrics are valuable tools for physical security as they cannot be lost, unlike keys, proximity cards, ID’s, and passwords. A combination of physical security with digital security results in an end-to-end technology that can work effectively throughout the organization granting people more secure access to physical and digital assets. Biometric security is enforced by biometric security devices, which play a vital role in verifying an individual’s identity by enforcing access control methods through their individual unique biological traits (Galterio, Shavit & Hayajneh, 2018).
Literature Review
Physical security is as crucial as other technical security measures because the system resources are housed in a physical facility. Physical loss may be caused by several major causes: gases, temperature, liquids, organisms, projectiles, movements, and energy anomalies. The environment around and within the facility should be well guarded against natural and unnatural events. People tend to think that moving their infrastructure to the cloud data storage would not require physical security. However, this is partially true as the cloud service providers would be required to enhance physical security since the main server and infrastructure are located somewhere in a physical facility. Spilling fluids such as water or coffee on the computer can destroy its electronic component and make it dysfunctional. An unauthorized person gaining entry into the control room and switching off the server room power could lead to a complete data center shutdown. Besides, someone can sneak in and take photographs or videos and hand them over to the organization’s competitor. All these activities are threats related to physical security that need to be addressed. Natural calamities such as floods and fire can destroy data stored, including backup tapes in the organization. Water leakages and frequent power surges are still part of the physical threats, and suitable measures should be taken to help protect the assets in the physical facility ( Kokumai, 2016).
Details
Physical access controls limit the personnel access to organization’s buildings, labs, data centers, or server rooms where critical IT assets are stored. It should deny access to locations where the organization’s wiring pass through to connect the computer systems, electric supply rooms , data backup storage place, and any areas with IT-related operations. Other than the technical controls, enhanced corrective actions can mitigate the physical security-related threats and risks. Increased screening, reorganizing traffic patterns at crucial places, and R&D facilities can lower the physical risks . Closed-circuit television cameras (CCTV), motion detectors, and other electronic devices can monitor people’s activities and detect any intrusion. Several physical security controls can be well implemented in an organization’s physical access controls, in and out of the facility. Biometrics is one of the controls that can be used by organizations. Biometrics technology can be utilized in scientific labs to deny unauthorized people access into the lab as they hold sensitive information and procedures that require top most confidentiality. Biometrics has been widely used in voting processes of developed nations in identifying a genuine voter before they cast their vote. A voter is identified by placing one of the fingers on the electronic voting gadget which in turn provides the details of the voter and approved to vote.
Organizations effectively utilize biometrics technology for authentication purposes. The technology is used in preventing fraud, enhancing security, and reducing identity theft. Biometrics is highly preferred for physical security because of several benefits to the computing systems. The first importance is that biometrics increase convenience. The biometrics give a better experience for the people using the organization’s building, unlike the access badges. These days, biometrics are utilized in identification and verification; sometimes, both functions are executed at the same time. The second is toughening security to a stronger security level through multifactor verification and biometric verification as an additional step measure in the security process. It is much safer than the use of a pin code, which is passed on to other people. Depending on the security level needed, one can use identification and verification applications alongside each other or on top of each other. Through the use of biometrics, there are several areas of concern and even potential risks. The users must be physically present. For example, when a receptionist registers users in the system using their iris profile or fingerprint (Kokumai, 2016).
Biometrics has several applications in the government and commercial fields. Governments use biometrics in preventing passport fraud hence locking out intruders who would have gained entry into the country using fake and undocumented VISAs and passports. Biometrics in an organization can be used to restrict access to data and useful information by installing biometrics technology in the organization’s data systems. Biometric access controls are being installed and connected to many organizations’ door locks to prevent unauthorized persons’ entry. A physical security operation takes measures to deter attacks and threats, quickly detect attacks, limit their impact, and ultimately restore normal function and stability to the physical environment and infrastructure. Biometrics allows an organization’s personnel to access the facilities based on data acquisition, extracting features, capturing, matching data, and encryption of template to avoid tampering. Biometrics data are not shared and are hard to duplicate in some systems in the organization. Biometrics data are highly secured thus cannot be accessed by any unauthorized person in or out of the organization (Bellizia et al., 2020)
The biometrics performance has to be excellent for the successful commercial implementation. An excellent biometric technology if it has the following five characteristics. The first is the uniqueness that should be possessed by each person captured in the system; thus, no one’s details should match that of the other. The second is the repeatability of the technology by capturing the same characteristics and features over the same period. The third is accessibility, as the characteristics should be easy to capture through a scanner. The fourth is universality making it easy to use in all the target personnel. Lastly, acceptability as the biometrics method should be acceptable to all people without objections such as privacy-related objections. The physical and environmental security measures should adequately protect the organizations from the threats by automatic controls or controlled by a set of manual processes. General management policies of securing the facility include security guards, vetting visitors properly before entry, escorting visitors, and installing surveillance cameras at every sensitive area, in and out of the facility. Introducing IT security policies to help in guarding against unauthorized access to an organization’s restricted areas such as control administrators, server rooms, remote access policies, and password policies.
The physical security of a data center is focused on the building’s design and layout. A data center building should be built away from major roads to enable the establishment of buffer zones made up of crash-proof barriers and landscaping. There should be limited access to the data center facility. Biometrics can be installed to help in identifying people before they gain entry into the organization’s premise. In the building, the security guards use installed surveillance cameras along the outside perimeter to monitor for any suspicious activity. The visitors may use two-factor authentication to be allowed entry into the building, including keying in a personal passcode and scanning personal identity verification (PIV) cards. Employees’ badge readers and biometric systems such as facial recognition and fingerprint readers. Though physical security focuses on all aspects of the physical environment and other threats, IT physical security should protect computer systems and other IT components from a number of threats. These threats are physical damage of hardware, unauthorized access to the data center, and physical theft of equipment and accessories. A proper combination of physical security with digital security results in a comprehensive technology that can work effectively throughout the organization granting people more secure access to digital and physical and assets.
Conclusion
As noted above, organizations should consider the biometrics technology aspects and implement them to protect and safeguard their physical environment and infrastructure against any attacks. Biometrics technology has significantly enhanced the physical environment in organizations. An excellent biometrics technology should efficiently protect an organization’s physical environment and the information system infrastructure. Organizations should develop procedures and processes to test and monitor their physical environment and information system infrastructure to keep off the physical risks and threats. Data systems back-ups are very important as they hold data and information even after data loss through data breaches or other ways. Biometrics are valuable tools for physical security as they cannot be lost, unlike keys, proximity cards, ID’s, and passwords. Safeguarding an organization’s physical environment is important as it ensures the smooth running of the organization’s operations. There should be increased awareness of physical security’s importance in safeguarding an organization’s physical environment. Organizations need to enforce solid physical security strategies to safeguard their physical environment against the physical security threats available without restricting their employees or affecting their productivity. Organizations should expand their physical security strategies to cater to the growing physical related risks. IT experts should carry out more research on biometrics technology to find more advanced biometrics technology that would greatly improve organizations’ physical security.
References
Bellizia, D., Bronchain, O., Cassiers, G., Grosso, V., Guo, C., Momin, C., … & Standaert, F. X. (2020, August). Mode-Level vs. Implementation-Level Physical Security in Symmetric Cryptography. In Annual International Cryptology Conference (pp. 369-400). Springer, Cham.
Galterio, M. G., Shavit, S. A., & Hayajneh, T. (2018). A review of facial biometrics security for smart devices. Computers, 7(3), 37.
Kokumai, H. (2016). Biometrics: great for physical security, possibly a big mistake for cyber security?. Biometric Technology Today, 2016(5), 7-9.