While designing a robust physical security environment, a security professional needs to take into account the following three important parameters:
National Institute of Standards and Technology (NIST) Special Publication 800-12: An Introduction to Computer Security - The NIST Handbook explains these three parameters next.
The physical facility is usually the building, other structure, or vehicle housing the system and network components.
Systems can be characterized, based upon their operating location, as static, mobile, or portable:
Natural threats such as earthquakes and floods; man-made threats such as burglary and civil disorders; communication-related threats such as the interception of transmissions or emanations and electromagnetic interference; and chemical threats such as toxic chemical spills, explosions, fire, and so on; have to be taken into consideration while determining the facility's general geographic operating location.
Supporting facilities include electric power, heating, and air conditioning, and telecommunications. Disturbances in such facilities or performance degradation would adversely affect the operation of the system or may cause data corruption.
The design should consider the following three primary requirements in terms of security:
Also, one of the most important threats that needs to be considered for physical security is theft that could affect all the three.