Transcript Physical/Environmental Security

Environmental/Physical
Security
Objectives
Physical Security - physical protection of the resources of
an organization which include people, data, facilities,
equipment, systems, etc. Physical security is the first line
of defense
***Safety of people is
most important for this
domain, and trumps all
other considerations.
Threats
• Natural environmental - Floods, earthquakes,
storms, fires, tornadoes, extreme temperature
conditions, etc..
• Supply system - Power distribution,
communications interruptions, and interruption
of other natural energy resources such as water,
steam, gas, etc..
• Manmade - Unauthorized access
(internal/external), explosions, damage by
employee (deliberate or accidental), vandalism,
fraud, theft, etc..
• Political - Strikes, riots, civil disobedience,
terrorist attacks, bombings, etc..
****These are all man-made too – know the difference!!!
Layered Security
The purpose is to put enough
obstacles in front of an intruder to
keep them busy until the authorities
can take control of the situation.
**Damage to assets can be minimized.
Site Selection
• Visibility
– Surrounding terrain
– Building markings and signs
– Types of neighbors
– Population of the area
• Surrounding area and external entities
– Crime rate, riots, terrorism attacks
– Proximity to police, medical, and fire stations
– Possible hazards from surrounding area
• Accessibility
– Road access
– Traffic
– Proximity to airports, train stations, and highways
• Natural disaster
– Likelihood of floods, tornadoes, earthquakes, or hurricanes
– Hazardous terrain (mudslides, falling rock from mountains, or
excessive snow or rain)
Facility Construction
Walls
Combustibility
Fire Rating – walls protecting IT equipment should be 75 according to the NFPA (National
Fire Protection Agency)
Reinforcement for secured areas
Ceilings
Combustibility
Fire Rating
Weight-Bearing Rating
Drop Ceilings???
Floors
Weight-Bearing Rating
(Commonly 150 lbs./sq. ft.)
Combustibility
Slab??? Raised??? Anti-Static???
Surface material
Rebar – steel rods encased in concrete
***Heavy timber construction material - this is a building material – if asked, it is probably the correct answer !!!
Building Layout
Data Center should be in the “middle” to protect from
natural disaster.
EX: If you have a 5-story building, put it on the 3rd floor.
**Exam Warning**
All environmental controls and safety procedures must
ensure the safety of all personnel, including those with
handicaps. Elevators cannot be used during a fire, for
example, so employees in wheelchairs must have a
compensating control.
CPTED - Crime Prevention Through
Environmental Design
“reduce crime by directly
affecting behavior”
***uses “zones”
Natural Access Control – enter/leave building
Natural Surveillance – open space/visibility
Territorial Reinforcement –dedicated community
(sense of ownership)
Target Hardening
(alternative to CPTED)
• Denying access through physical and artificial
barriers (alarms, locks, fences, and so on).
• Traditional target hardening can lead to
restrictions on the use, enjoyment, and
aesthetics of an environment.
Underwriter Laboratories - UL
A non-profit organization that provides the
necessary classifications and guidelines for
physical security.
The organization inspects, tests and classifies
various devices and equipment used in
physical security.
Perimeter Defenses
•
•
•
•
•
•
•
•
•
•
Fences
Gates
Bollards
Lights
CCTV
Locks
Smart Cards
Motion Detectors
Other Alarms
Guards/Dogs
Fences
**PIDAS (Perimeter Intrusion Detection and Assessment
System) – sensors on a wire mesh – has a high rate of
false alarms
General Fence Height:
• 3-4 ft. – deters casual trespassers
• 6-7 ft. – too high to easily climb
• 8ft + 3 strands of barbed wire – deters most
***Nothing will stop a
determined intruder
Chain-Link Fence
Gauge – thickness of metal
• 11 gague =.0907 in diameter
• 9 gague = .1144 in diameter (residential grade)
• 6 gague = .162 in diameter (thickest)
**The lower the gauge, the thicker the wire
Meshing – spacing between wires
(comes in 2”, 1” and 3/8”)
**Fences with smaller mesh are harder to climb
Chain-Link Fence – cont’d
Extremely Secure: 11 in gauge, 3/8 in mesh
Very High: 9 in gauge, 1 in mesh
High: 11 in gauge, 1 in mesh
Minimally High: 6 in gauge, 2 in mesh
Normal Use: 9 in gauge, 2 in mesh
Gates
Type Description
• Class I - Residential (home use)
• Class II - Commercial/General Access (parking
garage)
• Class III - Industrial/Limited Access (loading dock
for 18-wheeler trucks)
• Class IV - Restricted Access (airport or prison)
Bollards
a strong post designed to stop a car; often
installed in front of convenience stores, to
prevent drivers (who mix up the accelerator
and brake) from driving into the store. Many
secure facilities use large
concrete planters for the
same effect. These devices
are usually placed in front
of physically weak areas.
Lighting
**Direct to areas where an intrusion is likely to occur
Continuous – fixed lighting to flood an area **most common
Standby – supplies illumination in the event that the normal light
system fails
Moveable – manually operated
Responsive Area Illumination – lights come on automatically if activity
is detected
Emergency – backup lighting used in an emergency
Fresnel –lighthouses/theatres; aims light in a specific direction
Floodlights – produces a beam of intense light
Fluorescent – produces RFI (radio frequency interference) ***Not
good for outdoor use
Mercury Vapor – the preferred security light – white with a bluish cast
(stadium lighting) **takes a while to warm up
Sodium Vapor – similar to mercury, but has a yellow tint ***good in
fog
Quartz lamp – bright white light; used in areas needing to resemble
daylight
Lighting – cont’d
Lumen – the amount of light 1 candle can create
Footcandle – 1 lumen per square foot
Lux – 1 lumen per square meter
American Institute of Architects
Elevators/lobbies/stairwells – 5-10 fc
Building entrances – 5 fc
Walkways – 1.5 fc
Parking Garages – 5 fc
Site Landscape - .5 fc
Surrounding building – 1 fc
Roadways - .5 fc
NIST
Critical areas require illumination of 2’ wide x 8’ high
Closed Circuit TV (CCTV)
Functions: surveillance, deterrence, evidentiary archives
***Detective device used to aid in the detecting the presence of intruders in restricted areas.
***Violates privacy - may require employee consent
•
•
•
•
CRT (tube cameras) – analog camera - backs up to tape; VHS
Exam Warning
****Tube cameras are sometimes called CRT (cathode ray tube) cameras. Do not confuse
CRT cameras with CRT displays: while a CRT camera may be viewed on a CRT display,
they are different devices.
CCD (Charged Couple Discharge) – digital camera - backs up to DVR/NVR (NVR has the
advantage of allowing centralized storage of all video data.)
CCTVs using the normal light spectrum require sufficient visibility to illuminate the field of
view which is visible to the camera. - Requires 1-2 footcandles of light
CCTV displays may display a fixed camera view, autoscan (show a given camera for a few
seconds before moving to the next), or multiplexing (where multiple camera feeds are fed
into one display).
Other exam trivia:
•
•
Infrared devices can “see in the dark” by displaying heat.
Monochrome cameras can see infrared light.
CRT – cont’d (camera terms)
•
•
•
•
•
•
•
•
•
Auto-iris – adjusts automatically; use in area with changing light (outdoor use)
Manual –iris – fixed; use in areas with fixed lighting
Depth of Field – the area of the environment in focus on the monitor; affected by:
size of lens opening - increases as the size of the opening decreases
***Wide-Angle lens has small lens opening – good for general scenery/landscape
distance to object – increases as distance increases
focal length of the lens - increases as focal length decreases
light – more light allows for a larger depth of field
Aperture - the opening through which light travels (see image). Smaller aperture
places more of the image in focus, wide aperture lowers depth of field – used in lower
light conditions.
Shadow Depth of Focus – allows for focus on smaller details
shallow depth – portrait/telephoto
large depth – landscape/wide-angle
Field of View – entire area viewed by the camera; fixed focal
length must be changed to get a different field of view
Neutral Density Filter – dark focus filter – reduces light
Zoom Lenses – allow for a change of angle or distance
Pan/Tilt – horizontal movement/ vertical movement
Windows
Polycarbonate Acrylic – more resistant to breakage than
standard plate windows. Combustible, may produce toxic
fumes, may be prohibited by fire code.
Glass-Clad Polycarbonate – the strongest window available.
Resists breakage, chemicals, fires and abrasions; comes in
varying depths (the thicker the stronger) $$$$$$
Embedded Wire – 2 windows with wire between….adds
strength but lacks aesthetics
Tempered Glass – 5-7 times stronger than regular glass
(shatters into small shards – used in cars)
Bullet Resistant (BR) – used in banks. Protects up to a 9mm
round
Laminated Glass – adds plastic , is tough to break and shatter
like a web . Comes in various depths. The greater the
stronger. (used for windshields)
Solar Film – blocks light but no strength
Security Film – transparent film… increases strength
Doors
Hollow-core door - most commonly used, easily broken
Solid-core door - recommended for sensitive area such as data
center… should be mounted in a strong doorframe as it is usually
the weakest point in a door assembly
• Fail Safe – defaults to unlocked (concerned w/people; they
can get out)
• Fail Secure – defaults to locked (concerned with data; it’s
locked up)
• Fail Soft – default to either locked or unlocked – depending
on the situation; may continue, but in a degraded state
****People are safe/Data is secure****
When
referringalways
to computer
systems,
also consider these terms:
**Hinges
should
face
inward
Failover – switches over to hot backup
Fault-tolerent – continues to operate following a failure
LOCKS
This is just a delay – eventually, it will get busted!
Locks are pick-resistant; not pick-proof
Key Lock – can be picked or bumped.
• Warded – uses a skeleton key
(easier to circumvent than Tumbler)
• Pin Tumbler – locking cylinders, has more
parts than warded
Spring Bolt/Dead Bolt – enters into a strike
plate in the door jamb
Combination – always change default
combination
LOCKS – cont’d
Button/Key Pad – button wear is a vulnerability.
Also subject to brute force and shoulder
surfing.
Preset – basic mechanical lock requiring a key
Programmable – mechanical or electric; subject
to shoulder surfing
Electronic – uses electronic key or smart card
Cards
Smart Cards - “smart” because they contains a circuit (ICC – Integrated
Circuit Card) - digitally encoded ex: CAC cards
Magnetic Stripe – the stripe stores information but there is no circuit –
THESE ARE NOT SMART CARDS!!
Magnetic Strip – rows of copper “strips”
Electric Circuit – has more information than the standard smart card.
Contact Cards – goes through a reader
Swipe Cards – swiped through a reader
Contactless Cards – use radio frequency identification (RFID) – contain
transponders and are read by transceivers – “wireless proximity
reader”
Optical-Coded – laser-burned lattice of digital dots (popping up on
driver’s licenses)
Proximity Card –either user activated or system sensing – passive,
field-powered, transponder
PhotID Cards are “dumb cards”
Cards – cont’d
***Use of cards adds accountability
Vulnerabilities:
Side Channel Attacks
Card Tampering (there’s a word for this, but I can’t remember)
Intrusion Detection/Motion Sensors
***Intrusion Detection Systems (IDS) do not stop an
intruder – they only detects the intrusion.
• Electromechanical system - detects change or break in a circuit; can be
strips of foil embedded or connected to windows which, when broken,
sounds an alarm. Vibration detectors can detect movement on walls,
screens, ceilings, and floors when the fine wires embedded within the
structure are broken.
Magnetic contact switches - installed on windows and doors. If the
contacts are separated, an alarm will sound.
Balanced Magnetic Switch (BMS) – magnet on a door and frame;
sounds alarm when connection is broken
Pressure Pad - placed under a rug and activated after hours. If
someone steps on the pad, an alarm initiates.
• Volumetric systems – (more sensitive than electromagnetic) - detects
changes in vibration, microwave, ultrasonic frequencies, infrared..etc…
(change in “subtle environmental characteristics”). Types of volumetric
IDSs are photoelectric, acoustical-seismic, ultrasonic, and microwave
Intrusion Detection/
Motion Sensors – cont’d
• Photoelectric system (or photometric system) - detects change in a light
beam; can only be used in an environment without windows; emit a
beam that hits the receiver… if beam is interrupted, an alarm sounds.
Beam can be invisible or visible. (Catherine Zetta Jones– Entrapment)
• Acoustical /Audio detection system - uses microphones to passively listen
for abnormalities; susceptible to false alarms.
• Vibration sensors - similar to acoustical; senses vibration in walls and
floors – susceptible to false alarms.
• Motion Activated Camera – sounds alarm when intruder enters field of
view
• Wave-pattern motion detectors - differ in the frequency of the waves
they monitor which are: microwave, ultrasonic, and low frequency. All of
these devices generate a wave pattern that is sent over a sensitive area
and reflected back to a receiver. If the pattern returns altered, an alarm
sounds.
• Proximity/Capacitance detector - emits magnetic field around that which
is being monitored. An alarm sounds if the field is disrupted; usually used
to protect specific objects (artwork, cabinets, or a safe)
Intrusion Detection/
Motion Sensors – cont’d
Infrared Sensors:
Active Sensor
•ultrasonic/microwave – bounces off of an object
•photoelectric – sends a beam of light
Passive Infrared Sensor (PIR) - detects infrared energy created by body heat;
identifies the changes of heat waves of an area.
Coaxial Strain-Sensitive Cable – coax is woven through fence w/ electric field (susceptible
to EMI and RFI)
Time Domain Reflectometry (TDR) – sends radio frequency signals on a cable
Dual Technology Sensors – combination of microwave and infrared sensors; alarm sounds
when BOTH detect the intrusion (reduces false alarms)
Microwave and Ultrasonic – radiates controlled pattern of microwave energy and
measures the “echo” time; establishes a baselevel and compares echo response time
(it comes back faster if it hit something)
Monostatic- uses single sensing unit that incorporates sending and receiving
Bistatic– sends invisible volumetric detection field
•
•
Behavioral-based – profile based
Pattern matching – signature based
Alarms
Perimeter alarms - magnetic door and window alarms as well as
sensors on the wall. A break in the circuit will set off an alarm to a
central alarm station.
Types of alarm systems:
• Local System – rings bell on premise
• Central Station System – signal is sent to the local station
• Proprietary System – an in-house system; has all the bells and
whistles of a 3rd party monitoring system
• Auxiliary Station System – rings to local fire and police
• Remote Station System - An electronic fire alarm system capable of
notifying the fire department when the system is activated by a fire.
Other Monitoring:
• Line Supervision – monitors line tampering
• Power Supplies – monitors power
Dogs
• Expensive to
maintain
• Legal issues
(liability)
• They have a lack
of judgement
Guards
PROS
Discernment - Able to use human judgment
Multi –functional
Visibility
CONS
Unpredictable
Subject to human error
Cost
Availability
Reliability
Training
Tailgating/Piggybacking
• Following an authorized person through a locking
device. Policy should forbid employees from
allowing tailgating and security awareness efforts
should describe this risk.
• Attackers attempting to tailgate often combine
social engineering techniques, such as carrying
large boxes, increasing the chances an authorized
user will “help out” by holding the door open.
Turnstile
• designed to prevent tailgating by enforcing a “one
person per authentication” rule, just as they do in
subway systems. Secure data centers often use
floor-to-ceiling turnstiles with interlocking blades
to prevent an attacker from going over or under
the turnstile.
• must be designed to allow safe egress in case of
emergency. No system should require
authentication for egress during emergencies.
*****Turnstiles can also be called a bafflegate
Mantraps
• a preventive physical control with two doors. The
first door must close and lock before the second
door may be opened. Each door typically requires
a separate form of authentication to open; a
common combination is PIN (Personal
Identification Number) and biometrics. The
intruder is trapped between the doors after
entering the mantrap.
• must be designed to allow safe egress in case of
emergency. No system should require
authentication for egress during emergencies.
Electricity
•
•
•
•
•
•
•
•
•
•
•
Blackout: prolonged loss of power
Brownout: prolonged low voltage
Fault: short loss of power
Surge: prolonged high voltage
Spike: temporary high voltage
Sag: temporary low voltage
In-rush: initial surge of power
Transient: short duration of noise
Clean: no fluctuation; pure power
Noise: steady interference
Ground: the pathway to the earth to enable excessive voltage to
dissipate; one wire in circuit must be grounded
• Power Line Monitor: detects frequency and voltage amplitude
changes
• Regulator: keeps voltage steady, power clean
Electricity – cont’d
• Surge Protector - protect equipment from damage due to electrical
surges. They contain a circuit or fuse which is tripped during a power spike
or surge, shorting the power or regulating it down to acceptable levels.
• Uninterruptible Power Supplies (UPS) - temporary backup power in the
event of a power outage. They may also “clean” the power, protecting
against surges, spikes, and other forms of electrical faults. UPSs provide
power for a limited period of time, and can be used as a bridge to
generator power.
• Generators - designed to provide power for long periods of times, and will
run as long as fuel is available. Sufficient fuel should be stored onsite for
the period the generator is expected to provide power. Refueling
strategies should be considered.
 should not be placed in areas impacted by weather events
 contain complex mechanics; should be tested/serviced regularly
Electricity – cont’d
• Common-Mode Noise – radiation generated by the charge difference
between hot and ground wire
• Transverse-Mode noise – (same as above) but between hot and neutral
wire
• RFI - Radio Frequency Interference – noise generated from radio waves
• EMI - Electromagnetic Interference – magnetism emitted by any electric
conductor: circuits, power cables, network cables… etc..
• Crosss Talk - occurs between poorly shielded network cables – impacts
INTEGRITY and possibly CONFIDENTIALITY; can be mitigated via proper
network cable management.
 Never route power cables close to network cables.
 Network cable choice can also lower crosstalk; Unshielded Twisted Pair (UTP)
cabling is far more susceptible than Shielded Twisted Pair (STP) or coaxial
cable.
 Fiber optic cable uses light instead of electricity to transmit data, and is not
susceptible to EMI.
Electricity – cont’d
TEMPEST (Transient Electro-Magnetic Pulse
Emanation Standards & Testing) – standard for
controlling emanations emitted by electrical
equipment
FARADAY – (Faraday Cage) – an enclosure formed
by conductive material or by a mesh of such
material. The enclosure blocks out external static
electricity fields. (1500 volts from a static charge
can cause data loss on a disk drive.)
HVAC
Latent Cooling – removes moisture
Sensible Cooling – removes heat (used in a data center)
 Data Center humidity: 40-60%
• Too high: condensation
• Too low: static
 Data Center temperature: 70-74F
(can be higher if there is adequate air flow)
***USE ANTI-STATIC FLOORS
Positive Air Pressure - ensures higher air pressure inside than
out. Air goes out the door when openned/ouside air does
not come in (allows smoke to exit in the event of a fire)
Positive Drain – water flows out not in.
FIRE
Fire Triange:
HEAT
OXYGEN
•
•
•
•
Reduce Temerature
Reduce Oxygen Supply
Reduce Fuel Supply
Interfere with Chemical Reaction
FUEL
Fire
U.S. Class Europe Class Material
Suppression Agent
A
A
Common
Water or Soda Acid
Combustibles
(wood and paper)
B
B
Liquid
Halon/halon substitiute,
CO2, or Soda acid
B
C
Flammable Gases Halon/halon substitute,
CO2, or Soda acid
C
E
Electrical
Halon/halon
substitiute, CO2
D
D
Metals
Dry powder
K
F
Kitchen (oil or fat) Wet chemicals
Smoke Detectors
Ionization – NO LIGHT; it measure particle change; radioactive source
creates small electrical charge
Photoelectric – BEAM OF LIGHT; contains LED (light emitting diode)
(Both alert when interrupted by smoke **Neither has “line of
sight” limitation)
Aspirating – draws air into a sample chamber
Flame Detectors – detects infrared or ultraviolet light emitted from a
fire. **Needs “line of sight”
Heat Sensing – measures temperature change
• Fixed- temperature (lower rate of false alarm
• Rate-of-rise
Flame Sensing – senses the “flicker” (infrared energy of the flame)
Smoke Sensing – detects smoke
Automatic Dial-Up – calls fire dept. and plays a pre-recorded message
Suppression Agents
Water –the safest of all suppressive agents - removes heat; recommended for CLASS A.
***Cut electrical power when extinguishing a fire with water
Soda Acid (sodium bicarbonate mixed w/water - glass acid vial suspended on top) –
Breaking vial creates a gas and floats on top of the fire; removes heat, starves oxygen
supply; CLASS A OR B
Dry Powder (such as sodium chloride) - removes heat and oxygen; smothers fire;
Primarily used for CLASS D
Wet Chemical (potassium acetate mixed with water) - covers a grease or oil fire in a
soapy film which lowers the temperature; primarily used for CLASS K.
CO2 – RISK: is it is odorless and colorless, and our bodies will breathe it as air. By the
time we begin
suffocating, it is often too late. Recommended for use in unstaffed areas. Requires
special training for use; additional safety controls (such as oxygen tanks) are usually
recommended. Removes the oxygen. Use for CLASS B or C
***A gas mask can not be used with CO2 – it sucks out the oxygen!!
Halon – interferes with the chemical reaction; breaks the triangle - see next slide
Halon/Halon Replacements
Montreal Protocol (1987) –IS Cworldwide ban of ozone depleting CFC’s amended in 1992 to establish a phase-out schedule (CARRIED OUT IN THE
US AS PART OF THE CLEAN AIR ACT)
Halon and Halon Substitutes – causes a chemical reaction that consumes
energy and lowers the temperature
• Argon – IG55
• FE-13 – HFC23 - the newest of these agents, and comparatively safe; can
be breathed in concentrations of up to 30%. (Other types typically only
safe up to 10-15% concentration.)
• FM-200 – HFC227 – the most commonly used
• Inergen – IG541 – not halocarbon agent; it is an inert gas agent
• CEA – 410
• CEA – 308
• NAS – S – III (HCFC Blend A)
• Argonite – IG01
Trick Question:
**HFC – 22 – (R-22) – refrigerant of choice – used in heat pumps and A/C
units (a bi-product of this is HFC-23)
Countdown Timer
CO2, halon, and halon substitutes such as FM200 are considered gas-based systems. All gas
systems should use a countdown timer (both
visible and audible) before gas is released. This is
primarily for safety reasons, to allow personnel
evacuation before release. A secondary effect is
to allow personnel to stop the release in case of
false alarm.
Sprinklers
Wet Pipe – has water right up to the sprinkler head which contains a metal or small glass bulb
designed to melt or break at a specific temperature. The bulbs come in different colors, which indicate
the trigger temperature:
•
•
•
•
•
orange (135 °F/57 °C)
red (155 °F/68 °C)
yellow (175 °F/79 °C)
green (200 °F/93 °C)
blue (286 °F/141 °C)
Dry Pipe - also has a closed head, but filled with compressed air. Water is held back as long as
sufficient air pressure remains in the pipes. As the sprinkler heads open, the air pressure drops
allowing water to flow. Often used in areas where water may freeze, such as parking garages.
Deluge - similar to dry pipes, except the sprinkler heads are open and much larger. The pipes are
empty at normal air pressure; the water is held back by a deluge valve. The valve is opened when
a fire alarm triggers.
Pre-Action - a combination of wet, dry, or deluge systems, and require two separate triggers to
release water. Single interlock systems release water into the pipes when a fire alarm triggers. The
water releases once the head opens. Used in areas such as museums, where accidental discharge
would be expensive.
Single interlock – releases water
Double interlock - use compressed air (same as dry pipes): the water will not fill the pipes until both
the fire alarm triggers and the sprinkler head opens. Used in cold areas such as freezers to avoid
frozen pipes.
Gas Discharge – usually installed under floor boards to smother a fire
Fire Extinguisher
• All portable fire extinguishers should be marked with the type of
fire they are designed to extinguish.
• Portable extinguishers should be small enough to be operated by
any personnel who may need to use one. This means those old
brass monster extinguishers are not a recommended control.
• Use the “PASS” method to extinguish a fire with a portable fire
extinguisher:




Pull the pin
Aim low
Squeeze the pin
Sweep the fire
Evacuation
Safety Warden – ensures everyone is evacuated
from the building
Meeting Point Leader – ensures everyone is
accounted for
Emergency Procedure should include:
• Shutdown procedure
• Evacuation procedure
• Employee Training/Drills
• Equipment and System tesing
Fire Misc.
 Computer Systems are toast @ 175F
 Magnetc Storage is toast @ 100F
 Paper is toast @ 350F
Noncombustible – will not aid or add appreciable heat to an ambient flame
Fire Retardent – lessens or prevents the spread of a fire
Non-flammable – will not burn
Fire Resistant – applicable for use in a computer room
Plenum Areas - wiring and cables should be strung in spaces above dropped ceilings,
in wall cavities, and the space under raised floors.
Only plenum-rated cabling should be used in plenum areas, which is cabling that is
made out of material that does not let off hazardous gases if it burns.
Plenum Cables – do not release hazardous gass when burned.
Media Handling
Store media offsite.
• Use bonded/insured companies
• Site should be reasonable distance (accessible,
but not subject to the same natural disasters)
Media should be securely cleaned/destroyed
before disposal – AVOID OBJECT REUSE (also a
target of dumpster-diving)
Data Removal
Remanence – remnants of data left behind – data is still
there (deleting files or formatting a hard disk)
Overwriting – writes over previous data – more secure
than deleting of reformatting – less secure than
destruction
Degausing – destroys the integrity by exposure to a
magnetic field (disks can usually no longer be
formatted)
Oersted - A unit of magnetic intensity equal to the
intensity of a magnetic field in a vacuum.
Coercivity - The amount of applied magnetic field (of
opposite polarity) required to reduce magnetic
induction to zero. The ease (or difficulty) by which
magnetic media can be demagnetized. A tape with a
rating of 1800 oersteds or higher will also be called a
high coercivity tape.