Why is physical security at least as important as technical security? As a colleague and friend once explained some years ago “physical security trumps all”. If we lose the physical security of a device, we have truly lost ownership. We often talk about systems and applications being owned by bad actors, and the l33t skillz employed to gain these prizes. We cannot lose sight of the fact that a smash and grab is still an effective way to gain access to your data. Some of the top security firms operating today will often demonstrate the weakness by actually physically penetrating the office/datacenter/DCO, returning with images of the days headlines next to your assets. |
Tony 150 Posts ISC Handler Jun 27th 2013 |
Thread locked Subscribe |
Jun 27th 2013 7 years ago |
Very true and it's easy to overlook the physical when you're focused on the technical. We need to always remember the three pillars of information security:
Technical (CIA triad) Physical Managerial (procedures/policy) You can invest $10,000,000 in technical controls... only to be compromised by a $20 lock on the datacenter door. |
Anonymous |
Quote |
Jun 27th 2013 7 years ago |
Sign Up for Free or Log In to start participating in the conversation!