Physical Security
Physical security is almost everything that happens before you (or an attacker) start typing commands on the keyboard. It’s the alarm system that calls the police department when a late -night thief tries to break into your building. It’s the key lock on the computer’s power supply that makes it harder for unauthorized people to turn the machine off. And it’s the surge protector that keeps a computer from being damaged by power surges.
Assuring the physical security of a web site is similar to assuring the physical security of any other computer at your location. As with other security measures, you must defend your computer against accidents and intentional attacks. You must defend your computer against both insiders and outsiders.
It is beyond the scope of this chapter to show you how to develop a comprehensive physical security plan. Nevertheless, you may find the following recommendations helpful:
Create a physical security plan, detailing what you are protecting and what you are protecting it against. Make a complete inventory.
Make sure that there is adequate protection against fire, smoke, explosions, humidity, and dust.
Protect against earthquake, storms, and other natural disasters.
Protect against electrical noise and lightning.
Protect against vibration.
Provide adequate ventilation.
Keep food and drink away from mission-critical computers.
Restrict physical access to your computers.
Physically secure your computers so that they cannot be stolen or vandalized. ...
Get Web Security and Commerce now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
