Something You Know This is commonly a username and password or personal identification number (PIN). You can make passwords more complex by requiring uppercase, lowercase, numeric, and symbol combinations.

Something You Have This is based on something you physically have. This chapter covers several different types of devices, including key fobs, keys, and smart cards.

Something You Are This is based on something that makes you physically unique. Examples could be Biometrics such as finger prints, your voice, and retina scans.

Something You Do Another relatively new factor of authentication for network systems is based on something you do.

Multifactor Authentication

When more than one item (factor) is used to authenticate a user, this is known as MFA (multifactor authentication). Doesn’t matter if it takes 2,3, or 4 factors to authenticate. As long as it’s more than 1, it’s MFA.

Ex: Entering into the FGB Center. You must have 2 forms of authentication: a PIN code + Scan your ID. You MUST HAVE BOTH factors to enter in the building. Having one doesn’t grant you access.

Layered Approach to Physical Security

Physical barriers are a very important aspect of physical security. The objective of a physical barrier is to prevent access to computers and network systems.

The most effective physical barrier always requires that more than one physical barrier has to be crossed to gain access. This is called a multiple-barrier system.

Barrier One: The external entrance to the building, or the outside building premises, is referred to as the perimeter. This is protected by burglar alarms, external walls, fencing, surveillance, dogs, and so on.

Barrier Two: The building entrance, which could rely on items such as ID Badges to gain access. It should also include video surveillance to identify who has entered and exited the building.

Barrier Three: The Computer Room Entrance, which can and could require key fobs, or just keys and locks.

Access Control Vestibule (Man Trap)

Commonly referred to as a Man Trap; a form of physical security

Created to directly combat tailgating.

Its a small room that has two controlled doors. When a person enters into the first door they are trapped in the room until they have been authorized to enter the second controlled door.

⁠

Badge Reader

Badges must include a current picture to satisfy security demands, The card should also have the company logo and be tamperproof.

Badges can be in any form of identification intended to differentiate the holder from anyone else.

ID badges are used to authenticate and gain access to the system by containing employee information on the badge itself.

Something You Have

⁠

RFID Badge

RFID Badges have an integrated chip that can be stored on the badge itself. This chip radiates a frequency that is only noticeable by the badge reader.

Something You Have

⁠

Smart Card

A credit card size card that has an integrated circuit embedded into the card.

It has to be physically inserted into a slot on the computer or the door. The chip is exposed on the side of the smart card that makes contact.

Similar to a debit card

These are often used to physically authenticate to electronic systems and access control systems, and also require a pin or password.

Considered a MFA method because it is something you have (The smart card itself) and something you know (PIN Code)

⁠

Security Guard

Physical security for your site should always begin with security personnel— specifically, security-focused personnel.

Security Guards are responsible for limiting access to the outer perimeter of your site.

They typically use photo IDs to allow access to the site.

Exceptions to the photo ID verification rule is that sometimes the security guards may have a access control list or entry control roster. In this case only people on the list may enter.

Door Lock

The most common form of physical security. This may include tumblr-style locks or elaborate electronic combination locks.

Tumblr-Style Locks need an actual physical key to gain access, while electronic combination locks (also known as cipher locks) force you to enter in the correct numeric combination.

Tumblr-Style Locks are an example of Something You Have

⁠

Electronic Combination Locks are an example of Something You Know.

⁠

Biometric Locks

These locks use unique physical characteristics to authenticate the user.

Included fingerprints, palm, hand scanners, retinal scanners and DNA scanner.

To gain access to a resource you must pass a physical screening process.

Something your are.

⁠

Hardware Tokens

Anything physical that generates a one-time password (OTP) so the user can gain access to software and network resources.

They generate a one-time password (OTP) to authenticate their identity.

DUO is a great example. You must have the hardware token so it can generate an access code so you can enter that code into the computer, and gain network access.

Hardware tokens operate by rotating a code every 60seconds. The code is combined with the user’s Pin code or password. It’s considered MFA because of this.

⁠

Software Tokens are essentially the exact same as hardware tokens, the only exception is that the hardware token is replaced by a mobile phone app instead.

⁠

Something You Have

Cable Locks

used to physically secure laptops and any device with a Universal Security Slot (USS) by binding your laptop to something physical

A cable lock is a cable with a lock at the end. Its not designed for long-term protection because the cables are so thin.

⁠

Server Locks

Essentially the same as cable locks

USB Locks

Can be put in place to physically block a USB port on a workstation or server from being used.

It’s a secondary security option after disabling the USB interface in the BIOS setup

A tool is needed to take it off

⁠

Privacy Screen

film or glass add-ons that are placed over a monitor or laptop screen to prevent the data on the screen from being readable when viewed from the sides

⁠

Key Fobs

embedded with radio frequency identification (RFID) circuits that fit on a set of keys and are used with physical access control systems.

You must be in very close proximity to gain authentication and allow the electronic lock to recognize the RFID chip that’s in the key fob.

Something you have.

⁠

Entry Control Roster

List of authorized personnel that has access to a physical site

Used by security guards to authenticate who’s allowed on site and who’s not.

Tailgating

refers to being so close to someone when they enter a building that you’re able to come in right behind them without needing to use a key, a card, or any other security device.

Want to print your doc?
This is not the way.

Try clicking the ⋯ next to your doc name or using a keyboard shortcut (

CtrlP

) instead.