Physical security involves the prevention of physical damage to system hardware, and prevention of the corruption of software . The term "hardware" includes the central processing unit (CPU), System Console, terminals, and other peripherals, such as printers, disc drives, and tape drives. The term "software" includes the operating system, programs, and data.
The causes of damage to hardware and software can range from deliberate sabotage or vandalism, to inadvertent damage caused by unskilled users. Regardless of the cause, such damage usually can be prevented by restricting physical access to hardware and logon access to software.
Physical access to hardware is usually effected by perimeter controls, which restrict entry into areas in which computer equipment is located, including system consoles. Perimeter controls include locked computer rooms, fenced building sites, and guard stations at building entrances. Access to the terminal servers and the network wires leading between the system unit and the terminal servers must be protected. Physical access can be controlled by issuing keys and ID badges only to authorized persons.
Access to software is usually controlled by logon restrictions. Such restrictions include the use of passwords, establishment of accounts and groups, and control of user capabilities. Access to programs and files can be provided by assigning users to accounts, issuing appropriate capabilities, enforcing the use of passwords, lockwords and by creating programs and files in groups that belong to special accounts. The physical aspect of securing access to software involves prevention of physical access to terminals, and limitations on or prevention of access via communication lines.
