Why is physical security important? Resolve physical security gaps

Source: Internet
Author: User

When talking about information security, we usually focus on technology or management controls. In fact, most enterprises have separated physical security from the IT security team and have not paid enough attention to IT. A vulnerable physical security control or a control that does not exist at all may cause data leakage. Analyzing physical security gaps should be a must for every information security manager.

  Why is physical security so important?

Real physical security includes fire suppression systems, backup power supplies, and backups. However, we will not talk about this here. Instead, we will focus on blocking, locking, and supporting controls and other tools that can delay the intrusion of attackers. In this article, we talk about the purpose of physical security gap analysis to determine whether the control is sufficient and in place:

1. Delay intruders

2. detect intruders

3. Capture intruders

Without these controls, criminals can directly obtain your data without breaking the firewall or interfering with the defense system. All he has to do is open the desktop or server and you can freely manipulate your computer. Moreover, any technical or administrative controls cannot prevent experienced attackers from intruding your system physically.

  Physical Security Control

The purpose of physical security is to delay the investigation and investigation of intruders so that effective intervention can be performed by security personnel or laws. You need to consider the following controls:

1. Target sensitivity

2. Whether there are security personnel on duty

3. Response Time

Figure 1 shows a physical security model deployed for a highly sensitive target. Although most people do not need physical protection at this level, the following discussion on this figure will help us understand what steps are feasible.

  

Figure 1

First, let's assume that a hacker intends to intrude into the system. When the hacker approached the building, he found the building surrounded by barbed wire. These barbed wire may block some random intruders, but when the hacker transfers data to the target building and thinks that there are thousands of dollars waiting for him, he certainly cannot afford the temptation.

However, he cannot directly cross the fence. The safety lights around the building external security cameras provide sufficient lighting, so the camera captures any exceptional image of turning over the barrier. Unless hackers can turn off these lights. After carefully checking between the fence and the building, the hacker may find that his preparation may not be sufficient to cope with such complicated alerts. The target enterprise has installed motion sensors to detect whether someone has crossed the barrier. Hackers have been dealing with such troubles in the past, but this will still delay the intrusion time. That is to say, in this step alone, he needs to go through three obstacles: safety lights, fences, and motion sensors.

At this point, the hacker will end his first reconnaissance, and his next step is to see the security equipment in the building. Close to the building door is not enough. He also needs to understand the target response mechanism and internal control. Hackers will discuss with the security manager and try to view the target on the spot. He may pretend to be a security executive who wants to learn how to protect his device security. The security manager is proud to explain how the target system of hackers is protected, but it has opened the door for hackers. Furthermore, the door to the target device is usually locked. The on-duty security personnel will prevent anyone without a work card from approaching the device. Before entering the Target Room, you must present your creden。 to the security team. If the visitor is listed in the authorized access list, the visitor can enter the target room, and the security lock will be opened immediately.

All activities inside the building are recorded by cameras and continuously transmitted to the monitoring room for storage. The Emergency Response Plan is activated no matter when intruders are detected. Documented response plans include locking the device, alerting, and deploying security in key locations. The security manager said he would regularly train the process with his team, so the security response could be in place in a very short time.

After returning home, the hacker will carefully review the control deployed by the target enterprise. After analysis, he felt that he could not overcome so many obstacles and complete the task smoothly before being caught. His only choice may be to find a secret and apply for an internal or external combination.

  Protect your business

The protection suffered by the hacker is not a typical security measure. Most enterprises do not have the level of security because they either don't need it or they have limited funds to afford this type of physical protection. However, no matter what method you use, remember the following principles:

1. Use obstacles, such as fences, walls, and locks to prevent attacks or delay intruders. Make sure that the delay is longer than the response time.

2. Deploy the detection control to identify intrusions as soon as possible.

3. Plan the Intrusion Response Process with written regulations and conduct drills on the process.

Risk and enterprise awareness must be taken into account for physical security gap analysis. However, any information-based enterprise should regularly evaluate its physical security performance to prevent physical intrusion into key systems and network devices.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.