Physical security involves the prevention of physical damage to system
hardware, and prevention of the corruption of software . The term
"hardware" includes the central processing unit (CPU), System Console,
terminals, and other peripherals, such as printers, disc drives, and tape
drives. The term "software" includes the operating system, programs, and data.
The causes of damage to hardware and software can range from deliberate
sabotage or vandalism, to inadvertent damage caused by unskilled users.
Regardless of the cause, such damage usually can be prevented by restricting
physical access to hardware and logon access to software.
Physical access to hardware is usually effected by perimeter controls, which restrict entry into areas in which computer equipment is located, including system consoles. Perimeter controls include locked computer rooms, fenced building sites, and guard stations at building entrances. Access to the terminal servers and the network wires leading between the system unit and the terminal servers must be protected. Physical access can be controlled by
issuing keys and ID badges only to authorized persons.
Access to software is usually controlled by logon restrictions. Such
restrictions include the use of passwords, establishment of accounts and
groups, and control of user capabilities. Access to programs and files can be
provided by assigning users to accounts, issuing appropriate capabilities,
enforcing the use of passwords, lockwords and by creating programs and files in groups that belong to special accounts. The physical aspect of securing access to software involves prevention of physical access to terminals, and limitations
on or prevention of access via communication lines.