physical protection system uses small sensors mounted at intervals on the fence and at each gate. Emanations Protection In evaluating the need for perimeter protection, take into  account  the  possibility  that  electromagnetic  or acoustic  emanations  from  AIS  hardware  may  be intercepted.  Tests  show  that  interception  and interpretation of such emanations may be possible under the right conditions by technically qualified persons using generally available hardware. As a rule of thumb, interception of electromagnetic emanations beyond 325 yards is very difficult. However, if there is reason  to  believe  that  a  potential  exposure  to interception exists, seek technical guidance from upper management and the Chief of Naval Operations. Measures to control compromising emanations are subject to approval under the provisions of  Control of Compromising Emanations, DOD Directive C5200.19, by  the  cognizant  authority  of  the  component  approving security features of the AIS system. Application of these measures within industrial AIS systems is only at the direction of the contracting activity concerned under provisions of the Security Requirements for Automated Information Systems (AIS’s), DOD Directive 5200.28, and the requirements are to be included in the contract. Interior Physical Protection Intrusion detection systems (IDSs) (OPNAVINST 5510.1) provide a means of detecting and announcing proximity or intrusion that endangers or may endanger the security of a command. The use of an IDS in the protective program of a command may be required because of the critical importance of a facility or because of the location or the layout of the command. Remember,  IDSs  are  designed  to  detect,  not prevent,   an   attempted   intrusion.   Thus,   a comprehensive security plan must contain appropriate security  measures  along  with  procedures  for  an effective reaction force. Remote Terminal Areas Protection The physical and personnel security requirements for the central computer facility area are based upon the overall requirements of the total AIS system. The remote terminal area requirements are based upon the highest classified and most restrictive category and type of material that will be accessed through the terminal under system constraints. Each  remote  terminal  should  be  individually identified  to  ensure  required  security  control  and protection.  Identify  each  terminal  as  a  feature  of hardware in combination with the operating system. Before  personnel  of  a  component  that  is  not responsible for the overall AIS operation can use a remote  device  approved  for  handling  classified material, security measures must be established. These security measures are established by the authority responsible for the security of the overall AIS. They are agreed to and implemented before the remote device is connected to the AIS. DOD component systems may become part of a larger AIS network. The approval and authority to authorize  temporary  exceptions  to  security  measures for the component’s system in the network requires two components.  These  include  the  DOD  component operating  the  AIS  system  and  the  DOD  component having  overall  responsibility  for  the  security  of  the network. Each  remote  terminal  that  is  not  controlled  and protected as required for material accessible through it should be disconnected from the AIS system when the system  contains  classified  information.  Disconnect procedures are used to disconnect remote input/output terminals and peripheral devices from the system by a hardware  or  software  method  authorized  by  the designated  approving  authority  of  the  central  computer facility. Security Survey An annual security survey of the AIS facility area should be conducted by the AIS technical manager. The first step of the survey is to evaluate all potential threats to the AIS facility as discussed earlier in this chapter. The second step is to define and tabulate areas within the facility for control purposes. Details depend on the specifics of each facility, but the following are common areas  to  consider: l l * l l l l l l Public entrance or lobby; Loading dock; Spaces occupied by other building tenants; AIS facility reception area; AIS input/output counter area; AIS data conversion area; Media  library; Systems analysis and programming areas; Computer room spaces; 4-24