In This Chapter
Understanding the importance of physical security
Q&A with a well-known physical security expert
Looking for physical security vulnerabilities
Implementing countermeasures for physical security attacks
Istrongly believe that information security is more dependent on nontechnical policies, procedures, and business processes than on the technical hardware and software solutions that many people and vendors swear by. Physical security — the protection of physical property — encompasses both technical and nontechnical components.
Physical security is an often-overlooked but critical aspect of an information security program. Your ability to secure your information depends on your ability to secure your site physically. In this chapter, I cover some common physical security weaknesses, as they relate to computers and information security, that you should look out for in your systems. I also outline free and low-cost countermeasures you can implement to minimize your business's physical vulnerabilities.
I don't recommend breaking and entering, which would be necessary to test certain physical security vulnerabilities fully. Instead, approach those areas to see how far you can get. Take a fresh look — from an outsider's perspective — at the physical vulnerabilities covered in this chapter. You might discover holes in your physical security infrastructure that you had previously overlooked.
Whatever your computer- ...