Content library
Property security
Protection practices for technical security areas
Physical security
Property security

Protection practices for technical security areas

Start free trial

Task description

Protection practices for technical security areas

Information of classification levels IV–II may be processed in a security area. Information of classification levels III–II must be stored in a security area.

Technical security areas follow the general protection practices for security areas, as well as the following additional practices:

  • the area has an intrusion detection system
  • the area is kept locked when not in use and guarded when in use
  • keys are controlled
  • individuals and materials entering the area are monitored
  • the area is regularly inspected to detect any unauthorized communication connections, communication devices, or other electronic equipment
  • there are no unauthorized communication connections or devices within the area
  • all equipment brought into the area must be inspected before use, particularly in areas where meetings involving EU SECRET/NATO SECRET classified information are held.

The Finnish Security Intelligence Service or the Defence Command decides on the threat assessment, risk management measures, and possible approval of temporary security arrangements for a technically protected security area.

Requirements connected to the task

3.2: Toimitilaturvallisuus
TiHL: Suositus tietoturvan vähimmäisvaatimuksista
F-07: TECHNICALLY SECURED AREA
Katakri 2020
F02: Hallinnolliset alueet, turva-alueet ja tekniset turva-alueet
Katakri (Finnish national security auditing criteria)

Other tasks from the same security theme

Task name
Priority
Policy
Other requirements
Visitor instructions and log
Critical
High
Normal
Low
Property security
22
requirements

Examples of other requirements this task affects

F04: Kulkuoikeuksien hallinta
Katakri
11.1.2: Physical entry controls
ISO 27001
PR.AC-2: Physical access control
NIST
FYY-04: Tiedon säilytys
Julkri
FYY-05.5: Turvallisuusalue - Vierailijat
Julkri
See all related requirements and other information from tasks own page.
Go to >
Visitor instructions and log
Physical access control to building, offices and other premises
Critical
High
Normal
Low
Property security
40
requirements

Examples of other requirements this task affects

F04: Kulkuoikeuksien hallinta
Katakri
11.1.2: Physical entry controls
ISO 27001
11.1.1: Physical security perimeter
ISO 27001
6.6.4: Fyysisten tilojen, laitteiden ja tulosteiden turvallisuus
Omavalvontasuunnitelma
PR.AC-2: Physical access control
NIST
See all related requirements and other information from tasks own page.
Go to >
Physical access control to building, offices and other premises
Notification process in case of loss of physical identifiers
Critical
High
Normal
Low
Property security
5
requirements

Examples of other requirements this task affects

11.1.2: Physical entry controls
ISO 27001
7.2: Physical entry
ISO 27001
CC6.4: Physical access control to facilities and protected information assets
SOC 2
9.12 §: Fyysinen turvallisuus
Kyberturvallisuuslaki
See all related requirements and other information from tasks own page.
Go to >
Notification process in case of loss of physical identifiers
Development and implementation of physical security procedures
Critical
High
Normal
Low
Property security
3
requirements

Examples of other requirements this task affects

§ 2.3: Fysiska säkerhetsskyddsåtgärder
SSL
See all related requirements and other information from tasks own page.
Go to >
Development and implementation of physical security procedures
Protecting connections from physical tampering or damage
Critical
High
Normal
Low
Property security
2
requirements

Examples of other requirements this task affects

§ 11: Fysiske sikkerhetstiltak
NIS2 NO
See all related requirements and other information from tasks own page.
Go to >
Protecting connections from physical tampering or damage
Access control to premises
Critical
High
Normal
Low
Property security
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Access control to premises
Reviewing and revoking physical access rights
Critical
High
Normal
Low
Property security
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Reviewing and revoking physical access rights
Physical security measures for facilities
Critical
High
Normal
Low
Property security
1
requirements

Examples of other requirements this task affects

§ 10: Krav om sikkerhet for tilbydere av digitale tjenester
NIS2 NO
See all related requirements and other information from tasks own page.
Go to >
Physical security measures for facilities
Environmental security
Critical
High
Normal
Low
Property security
3
requirements

Examples of other requirements this task affects

Article 32: Physical and environmental security
DORA simplified RMF
See all related requirements and other information from tasks own page.
Go to >
Environmental security
Management of supporting assets
Critical
High
Normal
Low
Property security
0
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Management of supporting assets
Physical security objectives
Critical
High
Normal
Low
Property security
1
requirements

Examples of other requirements this task affects

F-01: GOAL FOR PHYSICAL SECURITY MEASURES
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Physical security objectives
Security services in real estates
Critical
High
Normal
Low
Property security
15
requirements

Examples of other requirements this task affects

11.1.1: Physical security perimeter
ISO 27001
PR.AC-2: Physical access control
NIST
DE.CM-2: The physical environment monitoring
NIST
FYY-07.6: Turva-alue - tunkeutumisen ilmaisujärjestelmät - TL III
Julkri
7.1: Physical security perimeters
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Security services in real estates
Preventing eavesdropping
Critical
High
Normal
Low
Property security
8
requirements

Examples of other requirements this task affects

F07: Salakuuntelulta suojautuminen
Katakri
11.1.3: Securing offices, rooms and facilities
ISO 27001
6.6.4: Fyysisten tilojen, laitteiden ja tulosteiden turvallisuus
Omavalvontasuunnitelma
FYY-05.1: Turvallisuusalue - Äänieristys
Julkri
7.3: Securing offices, rooms and facilities
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Preventing eavesdropping
Preventing unauthorized viewing personal data
Critical
High
Normal
Low
Property security
9
requirements

Examples of other requirements this task affects

F06: Salakatselulta suojautuminen
Katakri
11.1.3: Securing offices, rooms and facilities
ISO 27001
6.6.4: Fyysisten tilojen, laitteiden ja tulosteiden turvallisuus
Omavalvontasuunnitelma
FYY-05.2: Turvallisuusalue - Salaa katselun estäminen
Julkri
7.3: Securing offices, rooms and facilities
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Preventing unauthorized viewing personal data
Using visible IDs
Critical
High
Normal
Low
Property security
6
requirements

Examples of other requirements this task affects

11.1.2: Physical entry controls
ISO 27001
11.1.6: Delivery and loading areas
ISO 27001
7.2: Physical entry
ISO 27001
CC6.4: Physical access control to facilities and protected information assets
SOC 2
3.1.1: Management of secure areas
TISAX
See all related requirements and other information from tasks own page.
Go to >
Using visible IDs
Strong authentication for processing or storage areas of highly confidential information
Critical
High
Normal
Low
Property security
16
requirements

Examples of other requirements this task affects

11.1.1: Physical security perimeter
ISO 27001
11.1.3: Securing offices, rooms and facilities
ISO 27001
PR.AC-2: Physical access control
NIST
DE.CM-2: The physical environment monitoring
NIST
FYY-03: Tiedon käsittely
Julkri
See all related requirements and other information from tasks own page.
Go to >
Strong authentication for processing or storage areas of highly confidential information
Using keys and other IDs that produce electronic movement log
Critical
High
Normal
Low
Property security
5
requirements

Examples of other requirements this task affects

11.1.2: Physical entry controls
ISO 27001
FYY-07.2: Turva-alue - kulunvalvonta - TL III
Julkri
7.2: Physical entry
ISO 27001
CC6.4: Physical access control to facilities and protected information assets
SOC 2
See all related requirements and other information from tasks own page.
Go to >
Using keys and other IDs that produce electronic movement log
Principle of layered protection
Critical
High
Normal
Low
Property security
5
requirements

Examples of other requirements this task affects

F01: Fyysiset turvatoimet
Katakri
FYY-02: Fyysisten turvatoimien valinta (monitasoinen suojaus)
Julkri
FYY-07: Turva-alue - TL III
Julkri
ACCESS-3: Control Physical Access
C2M2
F-03: SELECTION OF PHYSICAL SECURITY MEASURES (DEFENCE-IN-DEPTH)
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Principle of layered protection
Turvallisuusjärjestelmien sekä -laitteiden turvallisuus ja testaus
Critical
High
Normal
Low
Property security
2
requirements

Examples of other requirements this task affects

F03: Tietojen fyysiseen suojaukseen tarkoitetut turvallisuusjärjestelmät ja laitteet
Katakri
FYY-02: Fyysisten turvatoimien valinta (monitasoinen suojaus)
Julkri
See all related requirements and other information from tasks own page.
Go to >
Turvallisuusjärjestelmien sekä -laitteiden turvallisuus ja testaus
Numeroyhdistelmien vaihtamiskäytännöt
Critical
High
Normal
Low
Property security
0
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Numeroyhdistelmien vaihtamiskäytännöt
Management practices for access codes
Critical
High
Normal
Low
Property security
3
requirements

Examples of other requirements this task affects

F05: Avainten ja numeroyhdistelmien hallinta
Katakri
FYY-05.4: Turvallisuusalue - Pääsyoikeuksien ja avaintenhallinnan menettelyt
Julkri
F-05.2: MANAGEMENT OF ACCESS RIGHTS
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Management practices for access codes
Avainten hallintajärjestelmä
Critical
High
Normal
Low
Property security
1
requirements

Examples of other requirements this task affects

F05: Avainten ja numeroyhdistelmien hallinta
Katakri
See all related requirements and other information from tasks own page.
Go to >
Avainten hallintajärjestelmä
Definition and protection of areas designated for the handling of confidential information
Critical
High
Normal
Low
Property security
6
requirements

Examples of other requirements this task affects

F02: Hallinnolliset alueet, turva-alueet ja tekniset turva-alueet
Katakri
FYY-05: Turvallisuusalue
Julkri
FYY-06: Hallinnollinen alue
Julkri
FYY-07: Turva-alue - TL III
Julkri
42: Turvallisuusalueiden määrittely
Digiturvan kokonaiskuvapalvelu
See all related requirements and other information from tasks own page.
Go to >
Definition and protection of areas designated for the handling of confidential information
Hallinnollisen alueen suojauskäytännöt
Critical
High
Normal
Low
Property security
1
requirements

Examples of other requirements this task affects

F02: Hallinnolliset alueet, turva-alueet ja tekniset turva-alueet
Katakri
See all related requirements and other information from tasks own page.
Go to >
Hallinnollisen alueen suojauskäytännöt
Turva-alueen suojauskäytännöt
Critical
High
Normal
Low
Property security
1
requirements

Examples of other requirements this task affects

F02: Hallinnolliset alueet, turva-alueet ja tekniset turva-alueet
Katakri
See all related requirements and other information from tasks own page.
Go to >
Turva-alueen suojauskäytännöt
Protection practices for technical security areas
Critical
High
Normal
Low
Property security
3
requirements

Examples of other requirements this task affects

F02: Hallinnolliset alueet, turva-alueet ja tekniset turva-alueet
Katakri
F-07: TECHNICALLY SECURED AREA
Katakri 2020
3.2: Toimitilaturvallisuus
TiHL tietoturvavaatimukset
See all related requirements and other information from tasks own page.
Go to >
Protection practices for technical security areas
Access control for secure areas
Critical
High
Normal
Low
Property security
9
requirements

Examples of other requirements this task affects

PR.AC-2: Physical access to assets is managed and protected.
CyberFundamentals
2.4.3: Identify physical access to switches and cables
NSM ICT-SP
PR.AA-06: Risk-based physical access to assets
NIST 2.0
Article 34: ICT operations security
DORA simplified RMF
13.1.b: Ensure adequate physical protection
CER
See all related requirements and other information from tasks own page.
Go to >
Access control for secure areas
Access control on datacenter perimeter
Critical
High
Normal
Low
Property security
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Access control on datacenter perimeter
Training against unauthorized ingress and egress
Critical
High
Normal
Low
Property security
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Training against unauthorized ingress and egress
Countermeasures against compromising emanations (TEMPEST) (CL III)
Critical
High
Normal
Low
Property security
2
requirements

Examples of other requirements this task affects

TEK-15: Hajasäteily (TEMPEST) ja elektroninen tiedustelu - TL III
Julkri
I-14: DEFENCE-IN-DEPTH – ELECTROMAGNETIC EMANATIONS (TEMPEST) AND ELECTRONIC INTELLIGENCE
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Countermeasures against compromising emanations (TEMPEST) (CL III)
Countermeasures against compromising emanations (TEMPEST) and verification of adequacy (CL II)
Critical
High
Normal
Low
Property security
2
requirements

Examples of other requirements this task affects

TEK-15.1: Hajasäteily (TEMPEST) ja elektroninen tiedustelu - TL II
Julkri
I-14: DEFENCE-IN-DEPTH – ELECTROMAGNETIC EMANATIONS (TEMPEST) AND ELECTRONIC INTELLIGENCE
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Countermeasures against compromising emanations (TEMPEST) and verification of adequacy (CL II)
Countermeasures against compromising emanations (TEMPEST) (CL I)
Critical
High
Normal
Low
Property security
2
requirements

Examples of other requirements this task affects

TEK-15.2: Hajasäteily (TEMPEST) ja elektroninen tiedustelu - TL I
Julkri
I-14: DEFENCE-IN-DEPTH – ELECTROMAGNETIC EMANATIONS (TEMPEST) AND ELECTRONIC INTELLIGENCE
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Countermeasures against compromising emanations (TEMPEST) (CL I)
Continuous monitoring of physical access to critical facilities
Critical
High
Normal
Low
Property security
16
requirements

Examples of other requirements this task affects

7.4: Physical security monitoring
ISO 27001
ARCHITECTURE-3: Implement IT and OT Asset Security as an Element of the Cybersecurity Architecture
C2M2
I-17: HANDLING OF CLASSIFIED INFORMATION WITHIN PHYSICALLY PROTECTED AREAS - PHYSICAL SECURITY
Katakri 2020
Article 9b: Prevention
DORA
DE.CM-1: The network is monitored to detect potential cybersecurity events.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Continuous monitoring of physical access to critical facilities
Guidelines for operating in processing areas for confidential information
Critical
High
Normal
Low
Property security
9
requirements

Examples of other requirements this task affects

7.6: Working in secure areas
ISO 27001
42: Turvallisuusalueiden määrittely
Digiturvan kokonaiskuvapalvelu
11.1.5: Working in secure areas
ISO 27001
SEC-05: Remote access user authentication
Cyber Essentials
6.9: Fyysinen turvallisuus osana tietojärjestelmien käyttöympäristön turvallisuutta
Tietoturvasuunnitelma
See all related requirements and other information from tasks own page.
Go to >
Guidelines for operating in processing areas for confidential information
Camera surveillance in real estates
Critical
High
Normal
Low
Property security
14
requirements

Examples of other requirements this task affects

11.1.1: Physical security perimeter
ISO 27001
PR.AC-2: Physical access control
NIST
DE.CM-2: The physical environment monitoring
NIST
7.1: Physical security perimeters
ISO 27001
7.4: Physical security monitoring
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Camera surveillance in real estates
Limited access and monitoring of support staff
Critical
High
Normal
Low
Property security
9
requirements

Examples of other requirements this task affects

F04: Kulkuoikeuksien hallinta
Katakri
11.1.2: Physical entry controls
ISO 27001
FYY-03: Tiedon käsittely
Julkri
7.2: Physical entry
ISO 27001
CC6.4: Physical access control to facilities and protected information assets
SOC 2
See all related requirements and other information from tasks own page.
Go to >
Limited access and monitoring of support staff

Never duplicate effort. Do it once - improve compliance across frameworks.

Reach multi-framework compliance in the simplest possible way
Security frameworks tend to share the same core requirements - like risk management, backup, malware, personnel awareness or access management.
Cyberday maps all frameworks’ requirements into shared tasks - one single plan that improves all frameworks’ compliance.
Do it once - we automatically apply it to all current and future frameworks.
Start free trial
Get to know Cyberday
Start your free trial
Cyberday is your all-in-one solution for building a secure and compliant organization. Whether you're setting up a cyber security plan, evaluating policies, implementing tasks, or generating automated reports, Cyberday simplifies the entire process.
With AI-driven insights and a user-friendly interface, it's easier than ever to stay ahead of compliance requirements and focus on continuous improvement.
Clear framework compliance plans
Activate relevant frameworks and turn them into actionable policies tailored to your needs.
Credible reports to proof your compliance
Use guided tasks to ensure secure implementations and create professional reports with just a few clicks.
AI-powered improvement suggestions
Focus on the most impactful improvements in your compliance with help from Cyberday AI.
Effortless compliance improvement
Widest framework library in EU
Extensive support

Start your compliance journey

Use in MS Teams or use your browser with Slack integration.
Risk free trial. No credit card required. Stop at any time.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementPrivacy managementVendor assessments
Resources
AcademyWebinarsBlogHelp articlesVideo coursesContent libraryGuidesNewsletterLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security