These controls are designed to protect information system resources from unauthorized physical access and exposures.
These controls should be designed in such a way that it allows access only to authorized persons.
1. Locks on Doors
Cipher locks (Combination Door Locks)- The cipher lock consists of a pushbutton panel that is mounted near the door outside of a secured area. There are ten numbered buttons on the panel. To enter, a person presses a number sequence, and the door will unlock for a predetermined period of time, usually ten to thirty seconds.
Bolting Door Locks -A special metal key is used to gain entry when the lock is a bolting door lock. To avoid illegal entry the keys should be not be duplicated.
Electronic Door Locks â€“ A smart card key or token may be used to gain access. The sensor device upon reading the card activates the door locking mechanism.
2. Physical identification medium
Personal Identification numbers (PIN):A secret number will be assigned to the individual. The visitor will be asked to log on by inserting a card in some device and then enter their PIN via a PIN keypad for authentication. His entryÂ will be matchedÂ with the PIN number available in the security database.
3. Logging on Utilities
Manual Logging: All visitors should be prompted to sign a visitorâ€™s register indicating their name, company represented, their purpose of visit, and person to see.
Electronic Logging: This feature is a combination of electronic and biometric security systems. The users logging in can be monitored and the unsuccessful attempts being highlighted.
4. Other means
Video Cameras: Cameras should be placed at specific locations and monitored by security guards.
Security Guards: Extra security can be provided by appointing guards aided with video cameras and locked doors.
Controlled Visitor Access: A responsible employee should escort all visitors.
Dead man Doors: These systems have a pair of doors. The first entry door must close and lock, for the second door to operate, with the onlyÂ oneÂ personÂ permitted in the holding area. Only a single person is permitted at a given point of time and this will surely reduce the risk of piggybacking, when an unauthorized person follows an authorized person through a secured entry.
Perimeter Fencing: Fencing at boundary of the facility may also enhance the security mechanism.
Bonded Personnel: All service contract personnel, such as cleaning people and off-site storage services, should be asked to sign a bond. This may not be aÂ measure to improve physical security but to a certain extent can limit the financial exposure of the organization.
Computer Terminal Locks: These locks ensure that the device to the desk is not turned on or disengaged by unauthorized persons.
Controlled Single Entry Point: A controlled entry point is monitored by a receptionist. Multiple entry points increase the chances of unauthorized entry.
Alarm System :Illegal entry can be avoided by linking alarm system toÂ inactiveÂ entry point motion detectors and the reverse flows of enter or exit only doors, soÂ as to avoid illegal entry.
Control of out of hours of employee-employees: Employees who are out of office for a longer duration during the office hours should be monitored carefully. Their movements must be noted and reported to the concerned officials frequently.
Nonâ€“exposure of Sensitive Facilities: There should be noÂ explicitÂ indication such as presence of windows of directional signs hinting the presence of facilities suchÂ Â as computer rooms. Only the general location of theÂ informationÂ processingÂ facility should be identifiable.
Secured Report/Document Distribution Cart: Secured carts, such as mail carts, must be covered and locked and should always be attended.