Running head: PHYSICAL SECURITY
Physical security is often ignored domain in information technology despite the high
potential for the theft and damage of hardware. Although the implementation of administrative
and technical security measures can prevent these incidents, physical restrictions enhance their
effectiveness. According to Oriyano (2014), there is a greater chance for loss of information
assets if these controls are not aligned with the physical one simultaneously during their
implementation. Therefore, the imperatives for organizations to stop overlooking the physical
components of their security system are very high.
The problem with the consideration for physical security is the emphasis on aesthetics
rather than protection of assets. In other circumstances, the functional use of the environment
overrules other considerations during the design and construction of buildings (Harris (2013).
Therefore, the cost of redesign often discourages the owners of the environment or structures that
house the information network infrastructure. However, empirical evidence have shown that this
cost is negligible when compared to the one required for replacing damaged or stolen hardware
One of the factors responsible for the reduced focus on physical security is the increased
use of remote measures to gain unauthorized access to the network. It is this aspect of the
security breaches that security expert focus on the process for accessing the network through
non-physical methods such as the software vulnerabilities and wireless ports. However, these
professionals do not ignore the significance of common physical security measure such as the
doors and locks to prevent entrance to the location (Oriyano, 2014). Similarly, this understanding
is used for the fortification of buildings and structures against natural and human-made disasters.
Some of the examples of the physical threats against a network include hacking, theft of
hardware components, fire, and tailgating. Intrusion detection system is a device that can prevent
some of these threats such as attempted breakage of doors and locks. Harris (2013) claimed that
cable locks and RFID systems are useful physical measures for protecting portable devices such
as laptops and removal USB drives. The purpose of using these measures is to prevent
unauthorized access or mitigate the adverse impacts of security breaches.
An additional aspect of the problem of poor implementation of physical security is the
expectation of companies that trained guards can prevent unauthorized access. Unfortunately,
this notion is wrong and irrelevant to most organizations because of the complexities of the
network infrastructure. For example, security professionals have specialties that would limit their
knowledge and understanding of the requirement of certain areas. Also, the nature of some
threats requires specialized skills to prevent them or mitigate their impacts.
Issues with physical security of the information network of an organization can be
removed through different strategies. However, the design and implementation of a
comprehensive security program is the fundamental measure to achieve this objective. It is an
initiative that should include professionals with the knowledge and skills to balance security and
safety. According to Oriyano (2014), the deployment of physical security should be based on the
concept of ‘defense in depth’ that combines a series of controls.
Physical security controls are divided into three major categories. These are technical,
administrative, and physical controls such as guards and construction materials. Conversely,
examples of technical controls are audit logs and trails, IDS, and access controls. Also examples
of the administrative security measures are employee identification systems and emergency
Security experts contend that deterrence is the most effective physical security strategy
for protecting information networks and system. Environmental design is one the technique that
uses to increase the efforts for committing crime and reducing the incentive. It is a concept that is
based on the inclusion of features in the construction of the facility that can change human
behavior. While the crimes continue to evolve, researcher in the use of administrative controls
continue to design irrelevant methods for crime prevention.
The security of data centers and servers is another common administrative control that is
used to protect information networks f...