JavaScript is disabled in your browser. For optimum display and performance please enable Javascript in your browser settings.
use the following links to go to different parts of this page:
CPNI - Centre for the Protection of National Infrastructure
Advanced Search
You are here:
CPNI YouTube Channel
Share This
Share this page with the external widget: close
Physical security measures aim to either prevent a direct assault on premises or reduce the potential damage and injuries that can be inflicted should an incident occur.
For most organisations the recommended response will involve a sensible mix of general good housekeeping alongside appropriate investments in CCTV, intruder alarms and lighting that deter as well as detect – measures that will also protect against other criminal acts such as theft and vandalism and address general health and safety concerns.
In some locations these measures may already be in place to some degree. However, external and internal threats to organisations (and their staff) will constantly evolve and so all procedures and technology should be kept under constant review.
Before designing a physical security scheme, it is recommended that security practitioners read the "Guide to producing operational requirements" (see Related Documents). An Operational Requirement (OR) is a statement of need based upon a thorough and systematic assessment of the problem to be solved and the hoped for solutions.
Producing an OR is a mandatory requirement of the Cabinet Office - Security Policy Framework (SPF) and is a process that has been successfully applied across the UK national infrastructure.
Since the early 1990s, concern that terrorists might use chemical, biological and radioactive (CBR) materials as weapons has increased steadily.
CCTV should form only part of a whole security system; it should not be used on its own. It cannot replace security staff, although it may permit a reduction in their number or their redeployment to other security activities.
Most terrorist bombs are improvised and so are known as improvised explosive devices (IEDs). If you believe your business or organisation might become the target of a bomb attack, you should assess the threat and potential damage and plan how to prevent or mitigate it.
Vehicle-borne threats range from vandalism to sophisticated or aggressive attacks by determined criminals or terrorists. The mobility and payload capacity of a vehicle offers a convenient delivery mechanism for a large explosive device. The HVM section contains policy and good practice guidance that will help practitioners to determine the vehicle-borne threat, assess site strengths and vulnerabilities, and provide options for HVM.
Lighting can be an important security measure, but may in fact assist an intruder if used incorrectly.
Keep access points to a minimum and make sure the boundary between public and private areas of your building is secure and clearly signed. Invest in good quality access controls such as magnetic swipe identification cards or 'proximity' cards which are readable from a short distance.
The disposal of media that has been used to store or process sensitive information is often undertaken using physical destruction methods. Those responsible for information security should be familiar with best practice guidance on the need for physical destruction, the development of robust procedures and appropriate destruction equipment suppliers and service providers.
The random screening of hand baggage is a significant deterrent and you have the right to refuse entry to anyone who does not allow you to search their possessions.
The CPNI trademark identifies products which have been assured by CPNI.