4.1 Buildings

Description

The building surrounds the IT and thus guarantees external protection. Furthermore, infrastructure installations of the building allow IT operation in the first place. These are, for example, the building itself, i.e. walls, ceilings, floors, roof, windows and doors, but also utilities throughout the building, such as electricity, water, gas, heating, pneumatic dispatch, etc. The cabling within a building and PBX facilities are dealt with separately in Chapter 4.2, and in Part I, Chapter 8, respectively.

Threat Scenario

The following typical threats (T) are assumed as regards IT baseline protection for a building:

Force Majeure:

• T 1.3 Lightning
• T 1.4 Fire
• T 1.5 Water

Organisational Shortcomings:

• T 2.1 Lack of, or insufficient, rules
• T 2.6 Unauthorised admission to rooms requiring protection

Technical Failure:

• T 4.1 Disruption of power supply
• T 4.2 Failure of internal supply networks
• T 4.3 Inoperability of existing safeguards

Deliberate Acts:

• T 5.3 Unauthorised entry into a building
• T 5.4 Theft
• T 5.5 Vandalism
• T 5.6 Attack

Recommended Countermeasures (S)

For the implementation of IT baseline protection, selection of the required packages of safeguards ("modules") as described in chapters 2.3 and 2.4, is recommended. In the following, the countermeasure package for "Buildings" is set out:

Infrastructure:

Power Supply

• S 1.1 (2) Compliance with relevant DIN standards/VDE specifications
• S 1.2 (2) Regulations governing access to distributors
• S 1.3 (1) Adapted segmentation of circuits
• S 1.4 (3) Lightning protection devices (optional)
• S 1.5 (3) Galvanic separation of external lines (optional)

Fire Protection

• S 1.6 (2) Compliance with fire-protection regulations and requirements imposed by the local fire department
• S 1.7 (2) Hand-held fire extinguishers
• S 1.8 (2) Room allocation, with due regard to fire loads
• S 1.9 (1) Fire sealing of trays
• S 1.10 (2) Use of safety doors (optional)

Building Protection

• S 1.11 (2) Plans detailing the location of supply lines
• S 1.12 (2) Avoidance of references to the location of building parts requiring protection
• S 1.13 (3) Layout of building parts requiring protection
• S 1.14 (2) Automatic drainage (optional)
• S 1.15 (1) Closed windows and doors
• S 1.16 (3) Selection of a suitable site (optional, if and where alternatives exist)
• S 1.17 (3) Entrance control service (optional)
• S 1.18 (2) Intruder and fire detection devices (optional)
• S 1.19 (2) Protection against entering and breaking (optional)

Organisation:

• S 2.14 (2) Key management
• S 2.15 (2) Fire safety inspection
• S 2.16 (2) Supervising or escorting outside staff/visitors (optional)
• S 2.17 (2) Entry regulations and controls
• S 2.18 (3) Inspection rounds (optional)

Contingency Planning:

• S 6.17 (1) Alert plan and fire drills

© Copyright by Bundesamt für Sicherheit in der Informationstechnik 2000

Last Update on 6 April 2000