Security basically means the state of being secure and to be free from danger. Physical security brings the meaning about protecting the physical resources and assets of an organization. People, computing devices, software and networking devices are among the physical assets of an organization. Losses of such resources can cause serious damages to an organization. Therefore, the resources must be protected. This includes protection from fire, theft, terrorist attacks, natural disasters, etc. The physical security for an organization therefore requires the design, implementation and maintenance of countermeasures that protects the organization's physical resources.
Physical security often refers to the measures taken to protect building, systems and the related supporting infrastructure against threats that are associated with physical environment. And, identification of physical threats are important in identifying the methods of physical control to implement.
The main objectives of physical security are:
- To provide a safe environment for all assets and interests of the organization, including information system security
- To protect valuable information assets of the organization
- To provide protection techniques for the entire facility from outside parameter to the inside office space
- To provide protection for building, other building structures or vehicle housing system and/or network component
It is important to have a physical security plan for the organization. The plan provides a pathway to logically decide on the type of protections to be provided. The plan also acts as a road-map to accomplish an effective security solution. While planning, it is important to assess the present security situation of the organization. Security surveys can be conducted to review existing systems, establish the budget requirements, assess the threat levels and design new systems. The planning and assessment should preferably involve engineers, fire professionals, architects, accountants, security professionals and other experts whom have influence over protecting the organization's assets.
A security plan is usually accomplished at different levels and layers. More strict security should be provided at the very inner layer. A formal security plan is put in place to account for responses to most types of security breaches at all these layers.
Levels of security can be categorized as minimum level, low level, medium level, high level and maximum level. A minimum level of security is designed to impede by providing fences, CCTV, burglary and fire alarm system, etc. A low level security is designed to impede and detect. For example, CCTV and motion detectors make the combination for such level of security. Medium level of security is designed to impede, detect and assess. Assessing may be done by the use of video recorders or digital hard drives. High level of security is designed to impede, detect and assess both internal and external activities. Highly experienced personnel make the organization's security division. There is high degree of coordination with law enforcement in this level of security. Maximum level of security is designed to impede, detect, assess and neutralize unauthorized activity. There are layers of security with each of them having their own sets of alarms, and access control methods. The security personnel are highly trained, investigated and often armed.
