5.1 Physical security & access control
Physical security in a high-tech manufacturing environment is not simply about straightforward theft prevention; it is fundamentally about preserving the “Chain of Custody” for our clients’ invaluable Intellectual Property. A breach here compromises not just physical inventory, but the contractual integrity and trust of the entire operation. Facility access must be treated as a layered filtration system—each successive zone must require a higher authentication friction to enter, ensuring that only validated personnel can interact with the most sensitive assets.
Access control architecture (zoning)
Section titled “Access control architecture (zoning)”The facility must be defined by its physical risk profile, not simply by administrative departmental borders. Movement between these distinct security zones must be restricted and digitally logged at all times.
- Zone 1: Public/Admin (Lobby, Offices): Access requires a standard RFID Badge. If a visitor or external contractor arrives, a highly visible “Escort Required” badge (usually red or yellow) must be issued. As a fundamental rule, visitors must remain within a reasonable distance (e.g. 2 meters) of their designated host at all times.
- Zone 2: Production Floor (SMT, PCBA): Access requires an RFID Badge combined with robust Anti-Passback logic. Anti-passback physics prevent a badge from entering a restricted zone twice without a corresponding, logged exit scan. This effectively stops “Tailgating,” where one authorized badge improperly grants physical entry to multiple people.
- Zone 3: Restricted (Server Room, High-Value Cage): Access here requires Multi-Factor Authentication (MFA), specifically combining an RFID Badge with biometric verification (such as fingerprint or iris scanning). The unbreakable rule in Zone 3 is that no single credential is ever sufficient to access these high-risk assets.
Pro-Tip: Secondary door contact sensors should be installed on all perimeter and Zone 3 doors. The access control system must be programmed to trigger a loud “Door Forced / Door Propped” alarm locally and at the main security desk if the contact remains open for more than 30 seconds. This prevents simple circumvention of the locks.
Surveillance (CCTV) standards
Section titled “Surveillance (CCTV) standards”Cameras are primarily forensic tools; they are rarely effective as proactive, live monitors. Their true value lies entirely in the ability to clearly reconstruct an event frame-by-frame after an incident has occurred.
- Loading Dock & Entry Areas: Cameras covering these high-traffic zones must be capable of consistently capturing distinct facial IDs and vehicle license plates under various lighting conditions.
- High-Value Areas (“The Cage”): Resolution in these specific areas should ideally be at least 4K (8MP) to clearly capture tiny part numbers on small component reels or labels.
- Retention Policy: All footage must be stored for ≥ 90 Days on secure, redundant RAID arrays. A standard 30-day loop is often insufficient for investigating subtle inventory shrinkage that is typically only discovered during deferred quarterly financial audits.
High-value asset storage (“the cage”)
Section titled “High-value asset storage (“the cage”)”Processors, FPGAs, and high-density memory modules represent immense, easily resalable dense value. These must be stored in a physical enclosure that is structurally harder to breach than the main facility itself.
- The Two-Person Rule: Whenever personnel are accessing the high-value cage, the Two-Person Rule must be enforced. The system logic should mandate that two distinct badges must scan simultaneously to release the magnetic lock. This structural requirement forces collusion, significantly raising the psychological and logistical barrier for internal, opportunistic theft.
- Daily Cycle Counts: If the inventory in the cage represents the Top 10 Value SKUs, a Daily Cycle Count must be implemented. Any discrepancies must be rigorously investigated and resolved before the shift is allowed to end.
Intellectual property protection & imaging
Section titled “Intellectual property protection & imaging”- Personal Devices: If entering Zone 2 (Production), personal smartphones and cameras must be Prohibited. Employees must store all such personal devices in secure lockers located in Zone 1 before crossing the boundary.
- Privacy Masks: If CCTV fields of view inadvertently capture active computer monitors on the production floor, digital Privacy Masks must be applied within the camera software interface. Cameras absolutely must not record or legibly display sensitive CAD data, proprietary schematics, or customer BOMs.
Final Checkout: Physical security & access control
Section titled “Final Checkout: Physical security & access control”| Parameter | Metric / Rule | Critical State |
|---|---|---|
| Zone 2 Access | Logic | Anti-Passback Active |
| Zone 3 Access | Credential | Biometric + Badge |
| CCTV Retention | Storage Duration | ≥ 90 Days |
| Door Alarms | Propped Time | < 30 Seconds |
| The Cage | Entry Protocol | Two-Person Rule |
| Personal Devices | Zone 2 Status | Banned / Lockers |
| Visitor Policy | Supervision | 100% Escort |