The Physical Security Aspect of Cyber Security

 

In the IT field, cyber security can be considered a highly technical control which includes: intrusion prevention systems (IPS), encryption and algorithms, firewalls and access control lists (ACL’s), scan engines, log rotation and review, and much more. However, there is a physical security aspect to it as well and it is sometimes overlooked. Physical security is an important part of cyber security because it limits who has access to spaces where the data is stored (Meraki, 2022). The idea is simple, if the attacker cannot physically access the material, they can’t steal or compromise it. This gets a little bit more complicated because authorized users must be able to access the data to perform their job functions. Determining how to allow access to authorized users and prevent access to unauthorized users is where the difficulties lie. A successful security plan merges both the cyber security and physical security teams, opens communications between the two teams, and encourages open communication between the two (Meraki, 2022). Some of these strategies for success include:

·        Any space that houses sensitive data, proprietary, or PII data should fall under access control and surveillance. Entry and exit points such as doors and fences should be secured in order to prevent unauthorized access.

·        Security best practices should be followed by both the cyber security and physical security teams. Multi-factor authentication, least privilege, strict data storage and retention policies, required security training, active threat detection and system monitoring, as well as frequent vulnerability testing should all be applied.

·        Security teams should be restructured so that both the cyber security and physical security teams are working together to maximize security across the entire organization.

·        Active collaboration between the two security teams should be encouraged to provide a better way to openly share information.

Physical security is the bricks and mortar aspect of enterprise security architecture (Sherwood, n.d.). It includes an equipment inventory, number and location of the physical equipment, both their size and the bandwidth that is needed to connect them together. It is necessary to identify this information before a physical security plan can be created. Once these different aspects have been identified, then an overall physical security plan can be designed and implemented. Lastly, it is important to frequently test the physical security controls. This can include testing the security equipment to make sure it is operational, calibrated, and fully functional. It can also include sending individuals without access to test these controls. Many times, these physical security controls are bypassed by employees by simply holding the door open for someone, allowing someone in that either has an expired access badge, or that says they left it at home. Humans are frequently the ones responsible for (knowingly or unknowingly) allowing unauthorized people access to data or equipment.

 

References

Cybersecurity and physical security convergence. Cisco Meraki. (2022, April 4). Retrieved May 2, 2022, from https://meraki.cisco.com/blog/2021/06/merging-physical-security-and-cybersecurity/#:~:text=Physical%20security%20protects%20cybersecurity%20by,are%20common%20targets%20for%20hackers.

Sherwood, N. (n.d.). Enterprise security architecture. O'Reilly Online Learning. Retrieved May 2, 2022, from https://www.oreilly.com/library/view/enterprise-security-architecture/9781578203185/K16265_C012.xhtml