Course info
Jun 27, 2017
1h 44m

Pluralsight is not an official partner or accredited training center of EC-Council. Digital data assets are processed and stored on physical equipment housed in buildings. In this course, Implementing Physical Security, you'll become equipped with the necessary skills needed to ensure the security and availability of IT systems. First, you'll delve into how workplace policies have an impact on security. Next, you'll explore effective methods of securing a physical facility. Finally, you'll learn how important proper HVAC planning is for server rooms and data centers. When you're finished with this course, you'll have the skills and knowledge needed to apply effective physical and workplace security controls to an organization. Software required: EXO5, Windows Server 2016.

About the author
About the author

Daniel Lachance, CompTIA Security+™, CompTIA A+®, CompTIA Network+®, CompTIA Server+, CompTIA Cloud Essentials, MCITP, MCTS, MCSA, is the owner of Lachance IT Consulting Inc. He is the author of the CompTIA Server+ Certification All-in-One Exam Guide, CompTIA Cloud Essentials Certification Study Guide, and co-author of CompTIA Security+ Certification Practice Exams.

More from the author
Computer Fundamentals: Hardware
2h 42m
Jan 14, 2019
More courses by Daniel Lachance
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi there everyone! My name is Dan Lachance and welcome to my course, Implementing Physical Security. Over the years I've seen some pretty lax security controls including server room doors that are always left open simply due to improper HVAC that can't seem to keep the room cool enough. This is a security no-no since server rooms definitely house sensitive equipment and data that might be stored on disk arrays and if those disk arrays aren't encrypted, it's pretty easy for someone to steal the disks and access the data. Digital data assets need to be processed and of course stored on physical equipment, housed in buildings, physical buildings. So not only must technological security controls be put in place to secure assets, but also physical controls need to be in place to restrict facility access, especially to server rooms and data centers. So some of the major things that we will cover in this course include identifying workplace security issues, implementing physical security controls, and implementing environmental security controls. By the end of this course you'll understand how to implement physical security controls to protect digital assets from locked server room doors to ensuring equipment doesn't run too hot. I hope that you'll join me to learn about the importance of physical security controls and how they can be implemented within the Implementing Physical Security course here at Pluralsight.

Identifying Workplace Security Issues
Welcome to Pluralsight. I'm Dan Lachance. One often overlooked aspect of IT security is the physical security factor and a lapse in this area can lead to breaches elsewhere. So you can think then of physical security of being one spoke in a security wheel. This specific module will identify security concerns in the workplace, ranging from best practices for hiring new employees up to properly security server rooms and to tracking mobile devices. In this module we'll begin by talking about personnel security where we will focus on things like thorough background checks and proper user on-boarding practices. We'll then talk about the reception area within a physical facility and how to ensure that it's secure and reduces the attack surface. We'll talk about server room security from its construction to its ongoing use because there could be very sensitive equipment stored within the server room including disk arrays. Then we'll talk about securing devices in the field. So with the proliferation of things like tablets and smartphones and even storage media like USB thumb drives, we now have a great risk for data loss, whether intentional or nonintentional. So it's very important that we track and secure these easily lost or stolen mobile devices thoroughly.

Implementing Physical Security Controls
Welcome back to Pluralsight. I'm Dan Lachance, and in this module we'll focus on the implementation of physical security policies and we're going to do that by focusing on the importance of planning security from the very beginning including the design of physical locations like server rooms and data centers. We'll begin the process by talking about perimeter security so that we can control access to the physical location where equipment might be housed in the first place. We'll then talk about facility design, what needs to be planned to make sure we have proper cooling and ventilation and backup power and so on. Then we'll focus specifically on facility security, which is going to deal with things like different types of locks that we might use. We'll also talk about things like video surveillance and motion detection sensor systems, things along that line. Even though we're talking about computing and IT services, whether it's on-premises or in the cloud, we always have to remember that in the end there is physical equipment that makes that run.

Implementing Environmental Security Controls
Welcome back. I'm Dan Lachance and in this module we're going to focus on the implementation of environmental security controls. We'll start off the discussion with an overview of HVAC--heating, ventilation, and air conditioning. It's always important to make sure that equipment in server rooms or in data centers is at the correct temperature so it runs efficiently and doesn't crash a system or reduce its life expectancy. We'll also talk about EMI, electromagnetic interference. There's interference from a number of different sources that we'll identify whether we're talking about interference with wireless transmissions or even through wired transmissions. We'll also talk about how to secure HVAC systems because they are crucial. It's kind of where the technical world meets the physical, where we don't want a remote attacker for instance to be able to turn up the heat in server rooms, which could cause equipment to fail.