Physical controls are important aspects of protecting data from both internal and external malicious users. Although attacks are a major reason that strong physical access controls are needed, there are plenty of completely mundane actions that can disrupt an operation and endanger data integrity. Listed below are two incidents in the private sector in which physical access controls solved major IT issues.

A new Midwestern biotechnology company, Acme Medical Technologies, had just expanded its offices, adding a server room to the main IT floor. This new server room was designed to handle a high-availability, Windows-based web server that contained customer-facing websites. The server room was in a part of the office in which access was limited. Only the networking and web server teams in the IT department had access to the area. Because of the security in that section of the office, further physical access controls were not implemented on the server room.

An unusual issue started almost immediately. Every night around midnight, the web servers went offline. The server configurations were verified and when the logs were checked, they showed that the servers had ungraceful shutdowns every night around the same time. To determine the root cause, the web server administrator stayed late to see if anything physical was causing the outage.

That evening, the server administrator watched as a janitor walked into the server room and proceeded to unplug the web server from the uninterruptable power supply (UPS). He then proceeded to plug in his vacuum cleaner to vacuum the server room. The simple solution to this issue was to utilize the electronic keypad lock that had been installed on the server room and explain to facilities management that their services were not needed in the server room.

Another example shows the need for physical security within the private sector. Agents for a major Midwestern insurance company had direct connections to the corporate mainframe systems via microcomputers at each agent’s office. One office was having an intermittent connection issue. Approximately once a week, usually on Fridays, the system would crash. Due to the nature of the jobs that the system ran, it wasn’t worth restarting the system until the next morning, so the agent was losing a few hours of productivity every week.

A technician was sent from IT to inspect the system. It was quickly determined that there were no hardware faults or heat issues that could be causing the problem. Oddly, the system refused to crash while the technician was onsite—the first week in months that it didn’t fail at least once. After hearing this, the technician suggested installing a lock on the closet that the microcomputer was housed in. After the door was locked, the server stopped crashing. It seems the staff enjoyed getting out early on the days that the server crashed and had been occasionally manually rebooting the system.

Primary schools and school districts face a number of issues when it comes to physical access control of their facilities. School districts must protect their students, staff, and school property. This must all be done while maintaining a friendly learning environment. Most districts have neither the ability nor the desire to hire full-time gate guards, but they must monitor the entry points to the schools to make sure no unauthorized adults enter, and that no unauthorized individuals leave with a child. A school must also be vigilant of student activities and be prepared to respond quickly to altercations among students. The school districts also have a secondary goal of preventing theft, vandalism, and graffiti.

Consider how Moss Point School District in Mossville, Mississippi, handles these challenges. The district serves 3,100 students spread out among a high school, a junior high school, and six elementary schools. A few of the schools had VCR-based security cameras, but that solution had too many drawbacks. The images were grainy, making it hard to identify people. The systems could only be viewed onsite, and only after an incident occurred, which didn’t allow the schools to identify and react to incidents as they happened.

This gave the school district two main requirements for a new system. It had to be centralized, and it had to integrate with existing access controls, such as alarm systems. The solution was to implement an IP-based video surveillance network.

This network utilized over 200 digital video cameras, all connected to a digital video recording (DVR) server connected to a central management system at the district office. Now, by looking at a single screen, school officials can see the feed from all of their schools’ cameras, and district security officials can monitor all of the schools from one location in real time. Before the fall semester of 2000, the school district first installed cameras in the 10 facilities, most in hallways and on campus perimeters. Each camera is housed in a protective enclosure to prevent tampering. Eventually, the school district plans to have cameras in all of the classrooms as well.

The cameras allow officials to see what is happening in the schools when it is happening. This allows for a more proactive approach to safety and security. For example, the officials can detect signs that a fight may occur and defuse the situation before it starts. The cameras also act as a significant deterrent. Cases of vandalism and unsafe driving at the high school dropped dramatically after the system was installed.

By adding digital video cameras to their physical access controls, the Moss Point schools were able to greatly enhance the safety and security of the learning environment that they provide to students.

Physical access controls in the case of critical infrastructure have a number of obstacles to overcome. There are a lot of organizations that intermingle. If they do not share a common authentication method, controlling access becomes unwieldy. There is also a large volume of requestors needing access at any given time. A universal, secure, and quick method of identifying requestors and granting access is required. This is further complicated by various rules and regulations that critical facilities must adhere to. In this section, you will learn how U.S. port facilities handle these issues for maritime workers.

The Transportation Worker Identification Credential (TWIC) program is a joint program involving the Transportation Security Administration (TSA) and the U.S. Coast Guard (USCG) within the Department of Homeland Security (DHS). TWIC is intended to strengthen the security of U.S. maritime infrastructure through the vetting of civilian maritime workers and through the issuance of tamper-resistant, biometrically-enable identification credentials to workers. TWIC was developed in response to the regulations found in two legislative acts: the Maritime Transportation Security Act (MTSA) of 2002 and the Security and Accountability for Every Port (SAFE Port) Act of 2006. TWIC is a massive program, with over 1 million workers issued a TWIC card. Possession of a TWIC card is required for unescorted access at over 3,000 land- and ocean-based facilities and over 10,000 vessels that are subject to MTSA regulations.

In the early stages of developing the TWIC card, the maritime industry expressed concerns about the proposed approach, which called for the TWIC card to be fully compliant with the Federal Information Processing Standards (FIPS) 201 standard. FIPS 201 allows access to biometric data on a smart card only through a contact interface, requiring insertion of the card into a contact interface slot on the card reader. The concern was that this standard was not appropriate for the high volume of physical access and rapid access operational requirement of the industry. There was also a concern that the extreme conditions at the port facilities would allow airborne contaminants into the readers, causing delays and maintenance problems. FIPS 201 also required a personal identification number (PIN) to be entered to access the card, further slowing down the access process.

These concerns resulted in the TWIC Reader Hardware and Card Application Specification, published by the TSA. This specification implements an alternative authentication mechanism allowing for contactless reading of the biometric information stored on the card without requiring PIN entry. To protect personal privacy, the biometric data stored on the card is encrypted. Decryption is accomplished through the use of a symmetric key called the TWIC Privacy Key (TPK), which is generated during card personalization by the TSA and is unique to each TWIC card. The TPK can only be accessed through the contact interface or through a swipe read of the magnetic stripe.

This approach to contactless biometric reading presented a unique challenge for the implementers. To decrypt the contactless biometric information, the reader must first have a way to obtain the TPK. This can be achieved by having a one-time registration process that requires card contact, and then the TPK can be stored in a local server. An alternative method is to have a reader with both magnetic stripe and contactless smart card capabilities. In this scenario, the cardholder would swipe the TWIC card before presenting the card to the contactless interface. It should also be noted that the TWIC card includes separate FIPS 201–compliant information, so the card may be used in conjunction with a traditional PIN and a biometric reader can be utilized with the card. Utilizing biometrics and IT to secure and simplify maritime and port access allowed TWIC to provide a faster and more secure and reliable way to allow authorized access to our nation’s critical infrastructures.