Update cookies preferences

E-book: Physical Security for IT

5.00/5 (2 ratings by Goodreads)
(Author, educator and security advisor, Washington, DC)
  • Format: PDF+DRM
  • Pub. Date: 04-Dec-2004
  • Publisher: Digital Press
  • Language: eng
  • ISBN-13: 9780080495903
Other books in subject:
  • Format - PDF+DRM
  • Price: 54,33 €*
  • * the price is final i.e. no additional discount will apply
  • Add to basket
  • Add to Wishlist
  • This ebook is for personal use only. E-Books are non-refundable.
Physical Security for ITLarger Image
  • Format: PDF+DRM
  • Pub. Date: 04-Dec-2004
  • Publisher: Digital Press
  • Language: eng
  • ISBN-13: 9780080495903
Other books in subject:

DRM restrictions

  • Copying (copy/paste):

    not allowed

  • Printing:

    not allowed

  • Usage:

    Digital Rights Management (DRM)
    The publisher has supplied this book in encrypted form, which means that you need to install free software in order to unlock and read it.  To read this e-book you have to create Adobe ID More info here. Ebook can be read and downloaded up to 6 devices (single user with the same Adobe ID).

    Required software
    To read this ebook on a mobile device (phone or tablet) you'll need to install this free app: PocketBook Reader (iOS / Android)

    To download and read this eBook on a PC or Mac you need Adobe Digital Editions (This is a free app specially developed for eBooks. It's not the same as Adobe Reader, which you probably already have on your computer.)

    You can't read this ebook with Amazon Kindle

The physical security of IT, network, and telecommunications assets is equally as important as cyber security. We justifiably fear the hacker, the virus writer and the cyber terrorist. But the disgruntled employee, the thief, the vandal, the corporate foe, and yes, the terrorist can easily cripple an organization by doing physical damage to IT assets. In many cases such damage can be far more difficult to recover from than a hack attack or malicious code incident. It does little good to have great computer security if wiring closets are easily accessible or individuals can readily walk into an office and sit down at a computer and gain access to systems and applications.

Even though the skill level required to hack systems and write viruses is becoming widespread, the skill required to wield an ax, hammer, or fire hose and do thousands of dollars in damage is even more common. Although many books cover computer security from one perspective or another, they do not thoroughly address physical security. This book shows organizations how to design and implement physical security plans. It provides practical, easy-to-understand and readily usable advice to help organizations to improve physical security for IT, network, and telecommunications assets.

* Expert advice on identifying physical security needs
* Guidance on how to design and implement security plans to prevent the physical destruction of, or tampering with computers, network equipment, and telecommunications systems
* Explanation of the processes for establishing a physical IT security function
* Step-by-step instructions on how to accomplish physical security objectives
* Illustrations of the major elements of a physical IT security plan
* Specific guidance on how to develop and document physical security methods and procedures

Reviews

"Michael has unquestionable knowledge about how organizations today are linking their systems across enterprise-wide networks and virtual private networks (VPNs), as well as increasing their exposure to customers, competitors, browsers, hackers, and physical threats to the facility equipment and network(s). This book will show you how each connection magnifies the vulnerability to attack. This book also provides the fundamental knowledge you need to analyze electronic and physical risks to your networks and systems." John Vacca, Author of numerous computer security books

More info

Practical, easy-to-understand, readily-usable advice that will improve an organization's physical security for IT, network, and telecom assets.
Preface xiii
Acknowledgements xv
Introduction xvii
Physical Security Overview
1(18)
Why Physical Security Is Important
2(1)
The Relationship Between Physical and Cyber Security
3(1)
Guard Against Disgruntled Employees and Angry Former Employees
4(1)
How Activists and Corporate Foes Can Hurt You
5(1)
Vandals Who Damage for Fun
6(1)
Saboteurs Who Work for Profit
7(2)
Thieves and Spies Are Everywhere
9(1)
Domestic Terrorists Are Still a Threat
10(2)
International Terrorist Are a Growing Threat
12(2)
Physical Security for Natural Disasters
14(1)
Physical Security for Random Incidents
15(1)
Action Steps to Improve Physical IT Security
16(3)
Establishing a Physical IT Security Function
19(16)
Organizational Placement of the IT Physical Security Function
20(2)
Interdepartmental Relationships for Physical Security
22(1)
Evaluating Financial Resources
23(1)
The Role of Corporate Security
24(1)
The Role of IT Security
25(1)
The Role of Network Security
26(1)
Relationships with Law Enforcement
27(2)
Relationships with Private Security Providers
29(1)
Establishing and Utilizing an Alert System
30(2)
Action Steps to Improve Physical IT Security
32(3)
Developing an IT Physical Security Plan
35(16)
Overview of the Planning Process
36(2)
Developing the IT Physical Security Plan
38(1)
Utilizing Existing Risk Exposure Analysis
39(1)
Integrating Physical IT Security and Cyber Security Planning
40(1)
Integrating Physical IT Security and Disaster Recovery Planning
41(1)
Integrating Physical IT Security and Business Continuity Planning
42(1)
Working with Your Insurance Company
43(1)
Evaluating Regulatory Requirements
44(4)
Action Steps to Improve Physical IT Security
48(3)
Major Elements of a Physical IT Security Plan
51(16)
Overview and Mission Statement
54(1)
Organizational Responsibilities
54(1)
Duty Officers
55(1)
Contact Lists
56(1)
Security Procedures for Data Centers
56(2)
Security Procedures for Wiring and Cabling
58(1)
Security Procedures for Remote Computers
59(1)
Security Procedures for Desktops
60(1)
Security Procedures for Department-Based Servers
61(1)
Security Procedures for Telecom and Datacom Equipment
62(1)
Security Procedures for Manufacturing Control Equipment
63(1)
Security Procedures for Surveillance and Alarm Systems
64(1)
Action Steps to Improve Physical IT Security
65(2)
Developing and Documenting Methods and Procedures
67(12)
The Process of Developing Methods and Procedures
68(1)
Devising a Format for Documenting Procedures
69(1)
Physical Security Procedures for Data Centers
70(1)
Physical Security Procedures for Wiring and Cabling
71(1)
Physical Security Procedures for Remote Computers
72(1)
Physical Security Procedures for Desktops
72(1)
Physical Security Procedures for Department-Based Servers
73(1)
Physical Security Procedures for Telecom and Datacom Equipment
74(1)
Physical Security Procedures for Manufacturing Control Equipment
75(1)
Physical Security Procedures for Surveillance and Alarm Systems
76(1)
Action Steps to Improve Physical IT Security
77(2)
Auditing and Testing Procedures
79(16)
How to Audit and Test Procedures
79(3)
Auditing and Testing for Data Centers
82(3)
Auditing and Testing Wiring and Cabling Security
85(1)
Auditing and Testing Remote Computer Procedures
86(1)
Auditing and Testing Desktop Procedures
87(1)
Auditing and Testing Procedures for Department-Based Servers
88(1)
Auditing and Testing Telecom and Datacom Equipment Security
89(1)
Auditing and Testing Manufacturing Control Equipment Security
90(1)
Auditing and Testing in Surveillance and Alarm System Security
91(1)
Action Steps to Improve Physical IT Security
92(3)
The Role of the Incident Response Team
95(22)
The First Report
97(2)
The Confirmation Process
99(1)
Mobilizing the Response Team
99(1)
Notifying Management
100(1)
Using the Alert System
101(1)
The Preservation of Evidence
102(1)
When to Call Law Enforcement
103(1)
Returning to Normal Operations
104(1)
Analyzing Lessons Learned
105(2)
The Role of the Incident Response Team During Disasters
107(6)
Action Steps to Improve Physical IT Security
113(4)
Model Training Program for Organization Staff
117(26)
Training for IT and Security Professionals
118(1)
The Basics of Training
119(1)
Building Awareness About Physical Security for IT Assets
120(4)
Testing and Evaluating the Module
123(1)
How to Identify Potential Threats and Vulnerabilities
124(11)
Slides for Disgruntled and Angry Former Employees
125(1)
Slides for Social and Political Activists
126(1)
Slides for Random Vandals
126(1)
Slides for Professional Saboteurs
127(1)
Slides for Thieves and Spies
128(1)
Slides for Domestic and International Terrorists
129(1)
Slides for Natural Disasters
130(1)
Slides for Data Center Security
131(1)
Slides for Wiring and Cabling
131(1)
Slides for Remote and Mobile Computing
132(1)
Slides for Desktop Computers
132(1)
Slides for Department-Based Servers
133(1)
Slides for Telecom and Datacom Equipment
133(1)
Testing and Evaluating the Module
134(1)
Reporting Suspicious Behavior or Security Violations
135(1)
Testing and Evaluating the Module
136(1)
What to Expect from Different Departments
136(2)
Testing and Evaluating the Module
137(1)
How the Internal Alert System Works
138(1)
Testing and Evaluating the Module
139(1)
Performing the Administrative Aspects of a Training Program
139(1)
Action Steps to Improve Physical IT Security
140(3)
The Future of Physical Security for IT Assets
143(26)
The Impact of National Security Plans
144(10)
The Role of ISACS
154(14)
The Chemical Sector ISAC
157(1)
The Electricity Sector ISAC
158(1)
The Energy ISAC
159(1)
The Financial Sector ISAC
160(1)
The Healthcare ISAC
161(1)
The Highway ISAC
161(1)
The Information Technology ISAC
162(1)
The Telecommunications ISAC
163(3)
The Public Transit ISAC
166(1)
The Water ISAC
167(1)
Action Steps to Improve Physical IT Security
168(1)
Appendix A: Physical Computer Security Resources 169(8)
Appendix B: Physical Security Glossary and Acronyms 177(14)
Appendix C: Action Step Checklists 191(8)
Appendix D: Physical Security Planning Checklists 199(18)
Index 217


Michael Erbschloe an information technology consultant, educator, and author. Michael has also taught and developed technology related curriculum for several universities including the University of Denver, and speaks at conferences and industry events around the world. He has authored hundreds of articles on technology and several books including Information Warfare: How to Survive Cyber Attacks.
More information about ebooks More information about ebooks
Permanent link: https://www.kriso.ee/db/97800804959032e.html
Keywords: