// A Physical Security Primer for the Community
//
// by dual
//
// http://www.oldskoolphreak.com


"There are three simple principles to follow: keep people away, keep them
out, and protect your plumbing."
	- Microsoft 5-Minute Security Advisor - Basic Physical Security


Unfortunately, physical security is not as simple as most IT-centric books
and websites lead you to believe.  Effective physical security is not a
checklist.  Effective physical security comes form a methodology that is
applied system-wide (the idea of "system" discussed later).  This article
will present the foundation of a methodology that can be used to secure
assets of any value, and then discuss a few specific technologies and
how they are used (and misused) in the methodology.
	Checklist?  Methodology?  Even more basic - What is physical
security?  First, what physical security is not.  Physical security is not
safety.  For example, protecting your lab from accidental fire or storms and
keeping harm from humans from said fire or storms is not security; that is
safety.  Security is the protection of assets from humans with malevolent
intent, hereon called adversaries.  Assets can be material objects,
information or human life.
	It was said that a system-wide view to physical security must be
taken.  Here, system does not mean a single computer or network, but the
entire entity within which an asset resides.  To the example of a hacker's
lab, the computers within the room, within the house, the people that reside
and have access, any security technology used, and any off-site security
elements.  That is a system.  Every element interacts in some way.