Why Physical Security Is Cybersecurity

by | Mar 3, 2022

Home » Blog » Why Physical Security Is Cybersecurity

Physical Security Awareness

Physical Security is an important aspect of protecting your organization’s networks, hardware, and data. However, physical security is often overlooked when cybersecurity policies are written, and often times sub-par security measures will be installed, opening the organization to the risk of a malicious intruder.

Locked Door

What Does Physical Security Have To Do With Cybersecurity?

Cyber criminals have been known to breach an organization by infiltrating the physical perimeter and plugging in an infected piece of hardware, or by downloading malicious software directly to systems. These attacks should not be taken lightly, and often indicate a serious risk of insider threats within the organization. Many times, the attacker has performed reconnaissance on the organization and has already mapped out most of the vulnerabilities within the attack surface. Once an attacker has physical access to your networks they can perform several attacks that could be devastating to the organization.

Common Physical Threat Vectors

  • An attacker employs Social Engineering to disguise themselves as an employee, maintenance worker, or authoritative figure to gain access to unauthorized areas.
  • An attacker plants an infected USB drive into common areas of the organization. The attacker can leave it in a lobby, parking lot, or other organizational watering hole hoping someone will plug in the device. Once plugged in, the device will begin secretly downloading malicious software onto the infected system.
  • An attacker deploys his own infected hardware by connecting the device straight into the network. The device is often in an unsuspecting spot and is usually small and unassuming.
  • An attacker breaches a server room and installs a device onto the system, allowing the attacker remote access directly to the server.
    An attacker targets an internet drop line and intercepts communications, allowing them to collect critical business data. They can also use these drop lines to disrupt services.
  • An insider threat leverages their privileges and escalates their security credentials to gain unauthorized access to restricted areas.

How Can I Protect My Organization from Physical Security Threats?

    1. Secure your organization’s equipment, paper files, data storage devices, and hardware by limiting physical access to authorized personnel only. Store data, devices, and files in a locked room and keep an active inventory of all information assets being protected. Perform regular inventory checks to ensure there are no unexpected anomalies that could impact your information security, such as missing assets or additional devices.
    2. Ensure that you are training your employees to practice safe data usage, including:
      • remembering to lock doors or cabinets;
      • logging out of systems, applications, and networks when away from the computer or not in use;
      • never plugging in unfamiliar devices;
      • shred documents promptly and regularly when no longer needed;
      • how to properly erase data (the “delete” key does not permanently erase data)
      • and never leaving sensitive files/devices unattended.
    3. Implement strong password policies by requiring complex passwords (such as pass-phrases), utilizing multi-factor authentication, and limiting login attempts to unlock devices.
    4. Ensure all hardware and communications are encrypted at all times.
    5. Enforce strong Physical Information Security Controls

Physical Information Security Controls

    • Access Control
      • Security Staff
      • Proper Lighting Inside and Outside the Building
      • Fences
      • Doors
      • Locks
      • Picture IDs
    • Video Surveillance
    • Intrusion Alarms
    • Employee and Management Training
    • Equipment Documentation

How Do I Know if My Physical Security Is Protected?

The most effective way to ensure your critical infrastructure is protected is to implement regular physical penetration tests and continue to improve your physical security according to the results of your pen test. Additionally, be certain you are constantly auditing and documenting the physical devices within your organization. If any piece of critical hardware goes missing, or you discover an undocumented device, it could indicate that an attacker may already have gained access to your systems. Keep track of all physical security controls that exist within your organization and consult with your information security team to determine any gaps that may exist in your critical infrastructure.

Related Blog Posts

Are Your Credentials on the Web?

Are Your Credentials on the Web?

Let's Find Out! Step 1: Go to haveibeenpwned.com Step 2: Place Your Email (Never your password) Step 3: Click the “pwned?” button. Step 4: Write down all the sites  Step 5: Go to every site and change your passwords  This step should be based on prioritization of how...

MOVEit: What You Need to Know about CVE-2023-25708

MOVEit: What You Need to Know about CVE-2023-25708

MOVEit: What You Need to Know about CVE-2023-25708 The MOVEit Vulnerability, or CVE-2023-25708, is an SQL Injection vulnerability that targets the database of the MOVEit Transfer software. This is a new critical risk vulnerability and the impacts are...

Madison Horn Joins the Critical Fault Team as CEO

Madison Horn Joins the Critical Fault Team as CEO

Madison Horn Joins the Critical Fault Team as CEO In Madison’s new role as CEO of Critical Fault, she will lead the vision and strategy for the organization while fostering a culture of growth and collaboration. Madison is dedicated to strengthening...

What Do Hackers Do with Stolen Data

What Do Hackers Do with Stolen Data

Threat Actors Many individuals may ask, "What would someone want with my data?" or "Who would want my data?" It is important to describe who wants the data because that determines what they are going to do with it. These individuals and organizations...

Critical Fault all white text

Newsletter

Subscribe To Our Newsletter

We've been creating some excellent webinars and local events. Join our mailing list for the latest on industry trends and strategies for cyber defense.

Need Immediate Assistance?

Give us a call (405) 771-6399

Headquarters

3841 E Danforth Rd, Ste 106, Edmond, OK 73034 

110 E. Houston St, 7th Floor, San Antonio, TX 78205

Copyright 2024 - Critical Fault, LLC. | Privacy Policy