|
Tip
The facility's automated access control system should have the capability to differentiate between varying levels of access.
Why is this Important?
An automated access control system allows active control of entry privileges at access points throughout a facility. By defining levels of access, an organization can restrict the number of persons who can enter progressively sensitive areas.
How do I check this?
Review the organization's list of issued access control cards. Review the levels of access granted. Observe entry points to determine if employees are required to use access control media to gain entry. Test control points to determine if they prevent access without access control media.
All of these checks and more come to your attention automatically during an assessment with CounterMeasures® with the Physical Security dataset. |
Get Tip of the Day updates
|
Previous Tips
|
|
Tip
Consider upgrading locking hardware used throughout the facility.
Why is this Important?
Appropriate types of locking hardware are necessary to prevent intrusion and keep the facility secure. .
How do I check this?
At minimum, electric utility closets, mechanical rooms, and telephone closets should be secured. The mailroom should also be secured, allowing only authorized personnel into the area where mail is screened and sorted. Separate the public access area from the screening area for the postulated mailroom threats. All security locking arrangements on doors set for egress must comply with NFPA 101.
Not sure exactly what to check for? CounterMeasures® editions with the Physical Security dataset take the guess work out of your physical security assessments. |
|
|
Tip
Consider upgrading locking hardware used throughout the facility.
Why is this Important?
Appropriate types of locking hardware are necessary to prevent intrusion and keep the facility secure. .
How do I check this?
At minimum, electric utility closets, mechanical rooms, and telephone closets should be secured. The mailroom should also be secured, allowing only authorized personnel into the area where mail is screened and sorted. Separate the public access area from the screening area for the postulated mailroom threats. All security locking arrangements on doors set for egress must comply with NFPA 101.
Not sure exactly what to check for? CounterMeasures® editions with the Physical Security dataset take the guess work out of your physical security assessments. |
| |
|
Tip
Operating System passwords are changed at least every 45 days.
Why is this Important?
Any individual who has access to IT audit logs and the Operating System passwords can access the system and makes changes or take information and make sure that the audits do not reflect any mishandling or suspicious use of the system. By having these functions handled by two or more different individuals, the organization will have a "checks and balances" system which can frustrate or deter a malicious insider's attempt to exploit the IT system.
How do I check this?
Check with the IT department to determine if there is a schedule for system password changes.
Any CounterMeasures® edition with the IT security dataset will keep aware of important issues like this one. |
| |
|
Tip
Consider improving definitions of public, private and restricted areas.
Why is this Important?
Inadvertent breaches of security can be prevented by appropriate signage and warnings of restricted access to certain areas. Individuals who ignore these restrictions can be more clearly identified as malicious or adversarial.
How do I check this?
Access to public, private and restricted area spaces should be clearly defined through the design of the space, signage, uses of electronic security devices, etc. Signage should be designed for visual simplicity.
To simplify the assessments necessary to identify and correct this issue, give CounterMeasures® a try. |
| |
|
Tip
Consider implementing a communications and emergency notification system to provide immediate security and safety instructions to occupants.
Why is this Important?
Depending on facility size, a mass notification system will provide warning and alert information, along with actions to take before and after an incident if there is redundancy & power.
How do I check this?
Review the system to determine if one or more of these mass notification systems is operational under hazardous conditions (UPS, emergency power). Verify the connection to an Uninterruptible Power Supply (UPS).
If you don't want to use CounterMeasures® to do your assessments, let the CounterMeasures® team do your assessment dirty work for you. |
| |
|
Tip
Require unknown vehicles to remain outside the facility perimeter or in a secured area while they and their occupants are being inspected.
Why is this Important?
Inspecting all vehicles and persons entering the facility will both deter malicious persons and help detect when individuals attempt to bring dangerous or prohibited items into the facility.
How do I check this?
Review the facility security plan to see if there is a requirement to inspect vehicles and persons entering the facility or grounds. Determine if there is a standard operating procedure for this. Observe entry points to verify that vehicles are being inspected.
You can make sure to follow all the correct steps with any CounterMeasures® edition loaded with the physical security dataset. |
| |
|
Tip
There should be a five-foot minimum clear zone on either side of the fence that allows persons to be detected at the boundary.
Why is this Important?
Malicious outsiders can surveil the facility from a fence line easily if there are items abutting the fence such as dumpsters, boxes, trees, or other foliage. Additionally, these offer means to climb over the fence without having to cut through it. Clear zones ensure that patrols can reasonably see the fence line, and potential intruders have more difficulty hiding when they reach the fence.
How do I check this?
Determine if the facility security plan includes a requirement for clear zones at the perimeter. Walk the fence line to verify that there are no clear zone violations. Where vehicles can access either side of the boundary, ensure the clear zone is wide enough to allow detection of the presence of vehicles.
The physical security dataset which may be included with any CounterMeasures® edition will instruct your staff to identify fenceline vulnerabilities. Or you could just ask the CounterMeasures® team to conduct your assessments for you. |
| |
|
Tip
Your facility should employ tamper-evident seals and other appurtenances that can indicate if a shipment has been tampered with.
Why is this Important?
Tamper evident technology does not necessarily prevent access to or tampering with items being shipped. It does, however, provide evidence of compromise and a means to investigate when and where the compromise happened. The use of tamper evident seals should be combined with a robust supply chain security program to provide layers of protection for shipments.
How do I check this?
Review the Facility Security Plan for any requirements related to applying tamper evident seals to shipments. Verify that there are logs for tamper evident seals with serial numbers, and that the numbers are recorded on the shipping manifest and confirmed at each stop against the seal applied to the shipment.
All of the procedures required to execute such an assessment are included in any CounterMeasures® edition with the physical security dataset. You are instantly the risk analysis expert with CounterMeasures® at your side. |
| |
|
Tip
Trash receptacles and mailboxes should be located away from the facility. The size of closer trash receptacles and mailbox openings should be restricted to prohibit insertion of packages. Street furniture, such as newspaper vending machines, should be kept sufficient distance (10 meters or 33 feet) from the facility, or brought inside to a secure area.
Why is this Important?
You can prevent the hiding of explosive devices in proximity to the building by relocating or modifying drop boxes of any sort.
How do I check this?
Observe the locations and types of trash receptacles to verify that a package cannot be inserted. A security best practice is to move all trash receptacles away from the building. Be sure policy and procedures are in place to verify the identity of newspaper delivery personnel for vending machines located inside the building.
Using CounterMeasures® with the physical security dataset, you can identify potential hiding places for explosives and determine appropriate actions to keep your personnel and assets safe. |
| |
|
Tip
Be sure exterior site lighting is adequate from a security perspective and covers parking areas, walkways, and entry/exit points.
Why is this Important?
Security protection can be successfully addressed in part through adequate lighting. The type and design of lighting, including illumination levels, is critical. Illuminating Engineering Society of North America (IESNA) guidelines can be used. The site lighting should be coordinated with the CCTV system to ensure all areas of camera coverage are well lit.
How do I check this?
Observe the lighting around parking areas, walking paths, entry ways, and roadways. Visit the CCTV control room and see if all areas are visible from CCTV camera vantage points and if there are any areas with inadequate lighting.
Of course each CounterMeasures® edition with the physical security dataset gives you the ability to comprehensively assess your lighting situation using industry standards, in order to get your site up to code. |
| |
|
Tip
If a security access control system is in place at the facility, make sure it is functional.
Why is this Important?
Frequently, organizations assume the presence of a security access control system means that every part of it is functional. Doors, wiring, power sources, and the server hosting the system must be checked to confirm they are in operating order.
How do I check this?
Test doors by attempting to enter them without the proper access media. Check for alarms by holding doors open. Check the access control system room to determine if every access point is accounted for and showing as functional in the system. |
| |
|
Tip
Be sure a thorough background investigation is completed on custodial and maintenance personnel and that control is exercised over their entering and leaving.
Why is this Important?
Insiders present a great threat to any organization; and sometimes the insider isn't just a hired employee. All personnel who are granted unescorted access to any areas of the building should have a background check commensurate with their level of access. For contractors including custodial staff, the threat of exploiting the organization as insiders is reduced by vetting and badging them to the same standard as other regular personnel. If not appropriately screened, the individual should be escorted during the period of access.
How do I check this?
Verify that background checks have been conducted on employees, cleaning crew, and contractor personnel. Determine if the custodial contractor swaps personnel out frequently and if every person is cleared by background investigation. Check for a written policy requiring background checks for all company policy who have regular unescorted access to critical or restricted areas. Compare the current list of cleared personnel to the list of personnel assigned or allowed in critical or restricted areas. Conduct spot checks to see if custodial personnel, building maintenance, and delivery personnel have background screening and are allowed to be present in those specific areas. |
| |
