6.5 - Physical Protection
Exam Board:
OCR
Specification:
2016 - Unit 2
RFID & Tokens
Radio-frequency identification (RFID) uses electromagnetic fields to attach tags to physical objects.
RFID tags can be embedded within 'dumb' objects such as clothing, packages and even animals.
RFID is used with security tokens (such as an ID keycard) to permit the access of authorised people to certain areas.
​
RFID can be used by IT companies to track equipment and manage access.
Shredding
This is the cutting up of documents (paper or CDs) into small pieces so that they cannot be reassembled and read. Sensitive data on paper or optical disc should be shredded when no longer required.
Locks
A lock can be used to prevent access to server rooms or sensitive data stores. Only authorised personnel with the right key will have access.
Physical Security Measures
Backup
Backups should be taken regularly and stored at a secure location away from the main site.
Backups could also be stored on cloud servers so that any damage to the organisation's building will not affect the backup as well.
Biometrics
Biometric devices require the input of a human characteristic (such a fingerprint, iris or voice scan).
The biometric data is checked against previously inputted data in a database. A match will allow access to the user.
Security Staff
Staff may be employed to physically prevent unauthorised people from accessing certain areas of a building where sensitive information is stored.
They may check ID keycards or use surveillance like CCTV to monitor who is entering and exiting a secure area.
Questo's Questions
6.5 - Physical Protection:
​
1. Explain how locks can be used as a physical security method within an organisation. [2]
​
2. Explain what RFID is and how it can be used with tokens as a physical security method. [3]
​
3. Explain how biometric devices can be used as a physical security method. [3]
​
4. Explain how security staff can be employed to protect data. [2]
​
5. What is the purpose of shredding? [2]
​
6. Why should backups be stored off-site? [1]