This paper presents an informal checklist compiled to raise awareness of physical security issues in the data centre environment. Information security specialists should use this checklist to ascertain weaknesses in the physical security of the data centres that their organisation utilises.
In a 'defence-in-depth' security model, physical threat vectors are often the most vulnerable and overlooked (Schneier, 284). Physical penetration offers the hacker or malicious user access to sensitive data with less technical acumen making it a tempting attack method (Schwartau, 112). Social engineering, shoulder surfing and physical access to console ports are all facilitated (118-119). Dumpster diving by definition involves a breach of physical security.
People are not the only physical threat. Disaster recovery also falls under the purview of physical security. In other words, e-mail should not be lost because there is a flood in the basement (Mason, 1).
Length: 6 pages.
© Technews Publishing (Pty) Ltd | All Rights Reserved