(b) Fences are often used around a complex or facility. If so, the entrance gates should be
secured with an approved locking device.
(3) Protective lighting. Exterior of buildings housing computer facilities will have protective
lighting. Such lighting will be installed for use during the hours of darkness.
(4) Security forces. All computer facilities should have a dedicated service provided. This
service should be dependent upon the classification and sensitivity of data stored and processed.
Military/security police would patrol the facility every few hours, or an on-site security force of two or
three people might be provided.
(5) Personnel movement control: Recommended measures for personnel movement include
the following:
(a) Use of a badge/pass system with an access control roster.
(b) Electrical release doors or cipher lock doors.
(c) A buffer zone to prevent accidental access into an area.
(d) Human control of access (such as a receptionist).
(6) Intrusion Detection System (IDS). Security personnel must keep in mind that IDSs are not
delaying devices. They are detection systems. IDS should not be installed where they would hinder
the operation of the facility, or cause a security hazard. Some areas are not compatible with certain
types of sensors, or closed circuit television (CCTV). For instance, passive ultrasonic IDS sensors are
similar to microphones and cannot be used where classified information is discussed. The use of
CCTV cameras would not be advised if the guard monitoring the system could see the terminals on
which classified or sensitive information is processed.
(a) Application.
(1) Use where computer facility is not manned 24 hours a day.
(2) Use where there is no dedicated guard.
(3) Use where there is no closed circuit television (CCTV).
(b) Locations.
(1) Main computer room.
(2) Mag tape/disk storage library.
(3) All other areas where sensitive information is stored.
2-3
MP1003
Previous Page
