A company’s physical security team analyzed physical security threats and vulnerabilities for its systems. What types of vulnerabilities did the company focus on?
The types of vulnerabilities that the company will focus on are access control and environmental, and human vulnerabilities. Access control is weaknesses in the system that allow entry into restricted and confidential areas. Cybercriminals could try to break into systems and a strong password would help keep them out. Also, from the video in class, we saw that an individual broke into 3 branches of a bank. The man simply had an ID with the brand Oracle on it and was able to use a USB on many devices. The employees allowed the man to go through. Environmental vulnerabilities are risks from natural disasters like floods or earthquakes. The location of data services is important as well. It is vital to avoid areas that face more hurricanes and earthquakes. Human vulnerabilities are weaknesses related to employees like poor security awareness and social engineering risks. In class, we viewed a video about how someone was able to get into someone’s account by having fake baby noises playing in the background.
Hi Neel
I agree with your insights, i like how you linked the vulnerabilities to the video clips we watched. I will also add some technical threats in my watchlist. Thanks.
The first vulnerability a company should focus on is unauthorize physical access. Those who are not employees should not be in the building unless accompanied by an authorized individual. Other restricted areas such as server rooms should only be accessed by a certain number of employees who are authorized, unauthorized access can lead to other threats like theft, and vandalism. Having the equipment to dictate environmental threats such as inappropriate temperature and humidity, fire and smoke, water damage, biological, and radiological threats is a vital area to focus on. The organization should be able to assess the high risk of natural disaster in choosing the location of data centers. Technical threats such as uninterrupted power supply (UPS), battery backup unit, emergency power supply like generators in the case of longer blackouts. Lastly an organization should focus on internal vulnerability that can be exploited by threat actor such as insider threats by employees, the best way to mitigate it is; providing adequate security education, awareness training to the employees.
Hi Nelson,
I agree with your focus on unauthorized physical access as a critical vulnerability, as well as the need for controlling entry to sensitive areas like server rooms. However, I would add that while having environmental monitoring equipment is crucial, equally important is ensuring these systems are regularly tested and integrated into a centralized alert system to provide real-time notifications of any threats. Additionally, insider threats, while often overlooked, should be addressed not only through education but by implementing stricter monitoring of employee behavior around sensitive areas, using access logs and anomaly detection. Quick question. How would you balance trust in employees with the need for surveillance to mitigate insider threats without fostering a culture of suspicion?
If I may chime in here, I think transparency and communication from employers is key to balance trust to help employees understand the purpose and benefits of surveillance, along with the potential negative impacts.
When analyzing physical security threats and vulnerabilities, a company’s security team typically focuses on key areas such as access control vulnerabilities, perimeter security gaps, internal threats, and environmental risks. Weak access control and perimeter security can lead to unauthorized entry, exploitation of weak authentication methods, and physical breaches. Internal threats may come from employees who intentionally or accidentally misuse their access to sensitive areas, resulting in theft, deletion, or leakage of confidential information. Environmental vulnerabilities can cause physical damage to infrastructure, power outages, and loss of productivity.
I agree that access control and perimeter security are critical components, as any weaknesses can provide opportunities for unauthorized access, potentially leading to serious breaches. Additionally, internal threats, whether intentional or accidental, can be particularly challenging to manage, as they involve trusted personnel. I also appreciate your point about environmental vulnerabilities, which are often overlooked but can have significant impacts on infrastructure and operations.
Great point on internal threats! Insider threats, especially from trusted personnel, can be difficult to detect, making it essential to implement continuous monitoring systems to flag any unusual behavior. Additionally, regular security awareness training for employees can help mitigate accidental internal threats. It’s also important to establish clear policies around data access and implement the principle of least privilege, ensuring employees only have access to the information necessary for their role. This limits the potential damage if an insider threat does occur, reducing the risk of widespread breaches.
I also agree that internal threats are an important factor and can often get overlooked as everyone is focused more on physical access. While perimeter security and access control are crucial, insider threats, whether malicious or accidental, can bypass even the best external defenses. It’s important to remember that trusted personnel, such as employees or contractors, often have legitimate access to sensitive areas, making it difficult to detect unauthorized activity.
Companies will focus on a few key vulnerabilities, one major concern is unauthorized access, where they ensure that only approved individuals can enter critical areas. Another focus is intrusion detection, making sure that perimeter defenses and monitoring systems are strong enough to prevent unauthorized people from sneaking in.
They make asset management a priority, as they need to protect important equipment from being stolen or damaged, they also look at physical security gaps, especially where physical and IT security don’t work well together, like when there are manual processes for revoking access after someone leaves the company. Lastly, asset management is a priority, as they need to protect important equipment from being stolen or damaged.
Christopher, I also listed unauthorized access as the most important point of focus when looking at physical security risks. However you brought up a few good risks that I did not consider. Past employees pose a massive risk to company’s systems as they know where a company’s data is located, the physical makeup of the building, and if they were high enough in the company, might know who has access and what devices have access to the company’s systems.
While the company was analyzing physical security threats and vulnerabilities, they most likely focused on vulnerabilities in Access Control.
They would analyze the current effectiveness of the mechanisms in place to restrict access to authorized personnel. The mechanisms would probably be badge readers, keypads, and biometric sensors. The company would look into the possibilities for threat actors to bypass badge readers and other types of access control. Another element to be examined would be the vulnerabilities to social engineering, the effectiveness of the tool would need to be examined on staff. Lastly, the effectiveness of deterrents such as cameras should be analyzed. They should be in plain view and be functional to document events.
Some of the primary physical security vulnerabilities of focus include access devices (PIV and Chip cards and readers), access device monitoring systems, access violation handling, journal management, and emergency access processes. Other vulnerabilities would involve human vulnerabilities, such as social engineering, tailgating, unaccounted and unauthorized visitors.
I like the points you make about other aspects of social engineering! I did not think about tailgating. So far, in my experience at Temple, I have witnessed people tailgate when trying to get into buildings like Residence Halls or Academic Buildings. Tailgating is a big issue and can even occur in the presence of security if they are not attentive. Great response!
The emergency response aspect of your opinion stands out to me. Incident response is just as important as incident prevention. The processes in place to ensure business continuity need to be closely guarded and audited for effectiveness and efficiency..
You bring up some great points I did not mention in my post, such as chip cards and readers and social engineering. Attackers using phishing tactics have gotten very smart in tricking the average person. So I agree with that being a huge vulnerability in today’s world! Tailgating is also a great point I did not even think of. When I lived in apartments that was a frequent occurrence.
When a company’s physical security team assesses vulnerabilities, it typically focuses on areas like unauthorized access, physical tampering, and gaps in monitoring. According to PHYSBITS, organizations often encounter issues with “incompatibilities” between physical and IT security systems and the lack of integration between the two, which creates vulnerabilities in access control, monitoring, and response. Strengthening these areas through better integration and monitoring helps mitigate these risks and protects both physical and IT assets.
This does ,make complete sense, but I personally believe that this is something that should be addressed later in the process. Location and protecting from natural disaster would need to take priority in my opinion.
Physical security teams should focus on vulnerabilities that derive from human-centered, technical and environmental factors. Human-caused vulnerabilities such as an employee being granted unauthorized access, vandalism, and theft. Technical vulnerabilities could include the lack of a backup power system, system configurations, and security camera system. Environmental vulnerabilities would include the risks of natural disasters occurring in the area such as hurricanes, floods, and earthquakes. As well a gauging the overall temperature in the area such as high humidity as opposed to extreme heat which could potentially cause damage to the physical components of hardware.
I agree with your mention of natural disasters and how things like humidity or extreme temperatures can damage hardware. It’s important for security teams to consider all these aspects to prevent unexpected issues.
The first physical vulnerabilities that I think a company should focus on are the ones that cannot be fixed later in the process, planning for natural disaster. It doesn’t matter how good your security is if your data center was built on a natural fault line with no earthquake protection.
Nice response – I think natural disasters are an ever-increasing risk. Climate change is only further perpetuating new vulnerabilities. Your response talked about building a data center on a fault line. I think that is a great example. Furthermore, with hurricanes and tropical storms becoming more frequent and severe, it is important to locate a data center in an area that can least likely be affected by it.
You are absolutely correct about the importance of location as the first step in minimizing physical vulnerabilities. In response to the question about ideal choices for data center locations, upon examining Redlands, my initial assumption was that due to its proximity to California’s strong and widely recognized technological advancements, it would be one of the least likely places to consider. In addition to potential issues related to earthquakes because of Redlands’ proximity to fault lines, the overall weather at that location isn’t ideal.
The company likely focused on identifying potential weaknesses in access controls, such as unauthorized entry points, ineffective perimeter defenses, and insufficient surveillance systems. Other vulnerabilities could include a lack of secure storage for sensitive equipment, insufficient lighting around the premises, and vulnerabilities in environmental controls like fire suppression systems. Additionally, the company may have considered human related risks, such as inadequate training for security personnel or the risk of insider threats, and the potential for physical damage to systems through theft, vandalism, or natural disasters.
In addition to these core vulnerabilities, the company may have also assessed vulnerabilities related to physical security integration with cybersecurity. This could include weak points where physical systems interface with digital networks, such as unsecured server rooms, inadequate monitoring of data center access, or vulnerabilities in badge systems and biometric authentication processes. The risk of social engineering tactics, where attackers manipulate staff into granting physical access, could also be a focus. Ensuring that physical barriers are reinforced by administrative controls, such as access logs, regular audits, and incident response protocols, would further strengthen the company’s defense against physical security threats.
When a company’s physical security team analyzes threats and vulnerabilities, they typically focus on vulnerabilities such as access control weaknesses, environmental risks, and procedural deficiencies.
Access control weaknesses include vulnerabilities like unauthorized access to sensitive areas and inadequate authentication mechanisms. These weaknesses can lead to unauthorized individuals gaining physical access to critical systems, potentially leading to data breaches or sabotage. Environmental risks encompass threats from natural disasters, as well as man-made issues like vandalism. These risks can cause significant damage to physical infrastructure and disrupt business operations. Lastly, procedural deficiencies involve inadequate documentation, lack of regular security audits or monitoring, and insufficient training. These deficiencies can reduce the overall effectiveness of the physical security measures.
Britanny, in your response you mentioned how inadequate documentation, lack or regular security audits or monitoring, and insufficient training can be potential vulnerabilities. In my response I didn’t consider this, and you make a great point. Especially when looking at insufficient training, employees lack of knowledge on securing themselves and the company’s systems often times leads to unauthorized access and tampering.
Based on the SANS document on implementing robust physical security, an information security team will likely focus on several vulnerabilities that could pose risks to their systems such as unauthorized physical access, human error, environmental hazards, insider threats and computer theft.
Insider threats are a top concern for me, especially given my previous roles where strict compliance with SOPs on integrity and data security was crucial. When employees or contractors can’t be trusted to protect sensitive information and perform their duties responsibly, the entire security infrastructure is at risk. Implementing strong policies and fostering a culture of integrity and accountability are essential to mitigate these threats. It’s not only about preventing malicious actions but also avoiding inadvertent mistakes that could compromise confidential data. Creating an environment where employees understand the importance of their role in protecting data, organizations can reduce the potential for both intentional and accidental breaches.
Beyond the obvious risks, the company’s physical security team might have explored more subtle and often overlooked vulnerabilities. For example, they could consider the potential threat posed by maintenance crews, delivery personnel, or even janitorial staff who frequently access sensitive areas. These individuals might unknowingly or deliberately compromise security, either by leaving doors propped open, tampering with security systems, or inadvertently causing equipment damage. Additionally, the team might focus on the human factors, like social engineering attacks where intruders impersonate authorized personnel to gain access. Environmental control vulnerabilities are another unique focus area that coudl lead to unexpected failures. Even the positioning of windows or the building’s exterior layout can be vulnerable, as they might expose critical areas to prying eyes or physical breaches.
The company more than likely found vulnerabilities in access control that could potentially allow entry into restricted areas. The policies in place for access control may be correct but may not be implemented on the ground. For example, we watched the video in class where an individual was able to access bank systems by simply showing a badge. No verification necessary. Additionally, individuals could have access to more than what is needed for their role. For example, the organization I am employed at, there is strict policies around who access to what. Tickets have to be raised and rationale provided as to why an individual needs access. Additionally, someone can have access to a particular system but should only be allowed to see what is necessary to complete their job. Other physical vulnerabilities could include lack of cooling for servers, adequate back up servers, and having servers in a geographical location that is prone to natural disasters.
A company that is analyzing physical security threats and vulnerabilities should be most focused on unauthorized access. A company should be strict with only allowing employees into their building, and anyone outside their company should have permission and supervision when inside the building. Furthermore, restricted areas that if accessed could lead to an attack, should be restricted to only authorized personnel who have been through a background check. Other areas to focus on would be password protection on systems. A company’s systems can be vulnerable to an attack if they do not have strong password protection. Risks outside of the company’s infrastructure include natural disasters, making sure that a company’s data is secured in a building that is protected from natural disasters should be a point of focus. Lastly, it is always important to focus on the employees that work for your company, as often times they have some sort of access to systems. Training employees on security awareness is important, but more importantly doing background checks and monitoring employees activity for potential tampering should be made a priority.
Neel Patel says
The types of vulnerabilities that the company will focus on are access control and environmental, and human vulnerabilities. Access control is weaknesses in the system that allow entry into restricted and confidential areas. Cybercriminals could try to break into systems and a strong password would help keep them out. Also, from the video in class, we saw that an individual broke into 3 branches of a bank. The man simply had an ID with the brand Oracle on it and was able to use a USB on many devices. The employees allowed the man to go through. Environmental vulnerabilities are risks from natural disasters like floods or earthquakes. The location of data services is important as well. It is vital to avoid areas that face more hurricanes and earthquakes. Human vulnerabilities are weaknesses related to employees like poor security awareness and social engineering risks. In class, we viewed a video about how someone was able to get into someone’s account by having fake baby noises playing in the background.
Nelson Ezeatuegwu says
Hi Neel
I agree with your insights, i like how you linked the vulnerabilities to the video clips we watched. I will also add some technical threats in my watchlist. Thanks.
Nelson Ezeatuegwu says
The first vulnerability a company should focus on is unauthorize physical access. Those who are not employees should not be in the building unless accompanied by an authorized individual. Other restricted areas such as server rooms should only be accessed by a certain number of employees who are authorized, unauthorized access can lead to other threats like theft, and vandalism. Having the equipment to dictate environmental threats such as inappropriate temperature and humidity, fire and smoke, water damage, biological, and radiological threats is a vital area to focus on. The organization should be able to assess the high risk of natural disaster in choosing the location of data centers. Technical threats such as uninterrupted power supply (UPS), battery backup unit, emergency power supply like generators in the case of longer blackouts. Lastly an organization should focus on internal vulnerability that can be exploited by threat actor such as insider threats by employees, the best way to mitigate it is; providing adequate security education, awareness training to the employees.
James Nyamokoh says
Hi Nelson,
I agree with your focus on unauthorized physical access as a critical vulnerability, as well as the need for controlling entry to sensitive areas like server rooms. However, I would add that while having environmental monitoring equipment is crucial, equally important is ensuring these systems are regularly tested and integrated into a centralized alert system to provide real-time notifications of any threats. Additionally, insider threats, while often overlooked, should be addressed not only through education but by implementing stricter monitoring of employee behavior around sensitive areas, using access logs and anomaly detection. Quick question. How would you balance trust in employees with the need for surveillance to mitigate insider threats without fostering a culture of suspicion?
Ericberto Mariscal says
Hi James,
If I may chime in here, I think transparency and communication from employers is key to balance trust to help employees understand the purpose and benefits of surveillance, along with the potential negative impacts.
Cyrena Haynes says
When analyzing physical security threats and vulnerabilities, a company’s security team typically focuses on key areas such as access control vulnerabilities, perimeter security gaps, internal threats, and environmental risks. Weak access control and perimeter security can lead to unauthorized entry, exploitation of weak authentication methods, and physical breaches. Internal threats may come from employees who intentionally or accidentally misuse their access to sensitive areas, resulting in theft, deletion, or leakage of confidential information. Environmental vulnerabilities can cause physical damage to infrastructure, power outages, and loss of productivity.
Andrea Baum says
I agree that access control and perimeter security are critical components, as any weaknesses can provide opportunities for unauthorized access, potentially leading to serious breaches. Additionally, internal threats, whether intentional or accidental, can be particularly challenging to manage, as they involve trusted personnel. I also appreciate your point about environmental vulnerabilities, which are often overlooked but can have significant impacts on infrastructure and operations.
Cyrena Haynes says
Hi Andrea,
Great point on internal threats! Insider threats, especially from trusted personnel, can be difficult to detect, making it essential to implement continuous monitoring systems to flag any unusual behavior. Additionally, regular security awareness training for employees can help mitigate accidental internal threats. It’s also important to establish clear policies around data access and implement the principle of least privilege, ensuring employees only have access to the information necessary for their role. This limits the potential damage if an insider threat does occur, reducing the risk of widespread breaches.
Aisha Ings says
I also agree that internal threats are an important factor and can often get overlooked as everyone is focused more on physical access. While perimeter security and access control are crucial, insider threats, whether malicious or accidental, can bypass even the best external defenses. It’s important to remember that trusted personnel, such as employees or contractors, often have legitimate access to sensitive areas, making it difficult to detect unauthorized activity.
Christopher Williams says
Companies will focus on a few key vulnerabilities, one major concern is unauthorized access, where they ensure that only approved individuals can enter critical areas. Another focus is intrusion detection, making sure that perimeter defenses and monitoring systems are strong enough to prevent unauthorized people from sneaking in.
They make asset management a priority, as they need to protect important equipment from being stolen or damaged, they also look at physical security gaps, especially where physical and IT security don’t work well together, like when there are manual processes for revoking access after someone leaves the company. Lastly, asset management is a priority, as they need to protect important equipment from being stolen or damaged.
Vincenzo Macolino says
Christopher, I also listed unauthorized access as the most important point of focus when looking at physical security risks. However you brought up a few good risks that I did not consider. Past employees pose a massive risk to company’s systems as they know where a company’s data is located, the physical makeup of the building, and if they were high enough in the company, might know who has access and what devices have access to the company’s systems.
Gbolahan Afolabi says
While the company was analyzing physical security threats and vulnerabilities, they most likely focused on vulnerabilities in Access Control.
They would analyze the current effectiveness of the mechanisms in place to restrict access to authorized personnel. The mechanisms would probably be badge readers, keypads, and biometric sensors. The company would look into the possibilities for threat actors to bypass badge readers and other types of access control. Another element to be examined would be the vulnerabilities to social engineering, the effectiveness of the tool would need to be examined on staff. Lastly, the effectiveness of deterrents such as cameras should be analyzed. They should be in plain view and be functional to document events.
Jocque Sims says
Some of the primary physical security vulnerabilities of focus include access devices (PIV and Chip cards and readers), access device monitoring systems, access violation handling, journal management, and emergency access processes. Other vulnerabilities would involve human vulnerabilities, such as social engineering, tailgating, unaccounted and unauthorized visitors.
Neel Patel says
Hi Jocque!
I like the points you make about other aspects of social engineering! I did not think about tailgating. So far, in my experience at Temple, I have witnessed people tailgate when trying to get into buildings like Residence Halls or Academic Buildings. Tailgating is a big issue and can even occur in the presence of security if they are not attentive. Great response!
Gbolahan Afolabi says
The emergency response aspect of your opinion stands out to me. Incident response is just as important as incident prevention. The processes in place to ensure business continuity need to be closely guarded and audited for effectiveness and efficiency..
Brittany Pomish says
You bring up some great points I did not mention in my post, such as chip cards and readers and social engineering. Attackers using phishing tactics have gotten very smart in tricking the average person. So I agree with that being a huge vulnerability in today’s world! Tailgating is also a great point I did not even think of. When I lived in apartments that was a frequent occurrence.
James Nyamokoh says
When a company’s physical security team assesses vulnerabilities, it typically focuses on areas like unauthorized access, physical tampering, and gaps in monitoring. According to PHYSBITS, organizations often encounter issues with “incompatibilities” between physical and IT security systems and the lack of integration between the two, which creates vulnerabilities in access control, monitoring, and response. Strengthening these areas through better integration and monitoring helps mitigate these risks and protects both physical and IT assets.
Benjamin Rooks says
This does ,make complete sense, but I personally believe that this is something that should be addressed later in the process. Location and protecting from natural disaster would need to take priority in my opinion.
Tache Johnson says
Given these challenges, what strategies can organizations implement to effectively bridge the gap between physical and IT security systems?
Ericberto Mariscal says
Physical security teams should focus on vulnerabilities that derive from human-centered, technical and environmental factors. Human-caused vulnerabilities such as an employee being granted unauthorized access, vandalism, and theft. Technical vulnerabilities could include the lack of a backup power system, system configurations, and security camera system. Environmental vulnerabilities would include the risks of natural disasters occurring in the area such as hurricanes, floods, and earthquakes. As well a gauging the overall temperature in the area such as high humidity as opposed to extreme heat which could potentially cause damage to the physical components of hardware.
Christopher Williams says
I agree with your mention of natural disasters and how things like humidity or extreme temperatures can damage hardware. It’s important for security teams to consider all these aspects to prevent unexpected issues.
Benjamin Rooks says
The first physical vulnerabilities that I think a company should focus on are the ones that cannot be fixed later in the process, planning for natural disaster. It doesn’t matter how good your security is if your data center was built on a natural fault line with no earthquake protection.
Neel Patel says
Hi Benjamin!
Nice response – I think natural disasters are an ever-increasing risk. Climate change is only further perpetuating new vulnerabilities. Your response talked about building a data center on a fault line. I think that is a great example. Furthermore, with hurricanes and tropical storms becoming more frequent and severe, it is important to locate a data center in an area that can least likely be affected by it.
Jocque Sims says
Good morning, Benjamin,
You are absolutely correct about the importance of location as the first step in minimizing physical vulnerabilities. In response to the question about ideal choices for data center locations, upon examining Redlands, my initial assumption was that due to its proximity to California’s strong and widely recognized technological advancements, it would be one of the least likely places to consider. In addition to potential issues related to earthquakes because of Redlands’ proximity to fault lines, the overall weather at that location isn’t ideal.
Andrea Baum says
The company likely focused on identifying potential weaknesses in access controls, such as unauthorized entry points, ineffective perimeter defenses, and insufficient surveillance systems. Other vulnerabilities could include a lack of secure storage for sensitive equipment, insufficient lighting around the premises, and vulnerabilities in environmental controls like fire suppression systems. Additionally, the company may have considered human related risks, such as inadequate training for security personnel or the risk of insider threats, and the potential for physical damage to systems through theft, vandalism, or natural disasters.
In addition to these core vulnerabilities, the company may have also assessed vulnerabilities related to physical security integration with cybersecurity. This could include weak points where physical systems interface with digital networks, such as unsecured server rooms, inadequate monitoring of data center access, or vulnerabilities in badge systems and biometric authentication processes. The risk of social engineering tactics, where attackers manipulate staff into granting physical access, could also be a focus. Ensuring that physical barriers are reinforced by administrative controls, such as access logs, regular audits, and incident response protocols, would further strengthen the company’s defense against physical security threats.
Brittany Pomish says
When a company’s physical security team analyzes threats and vulnerabilities, they typically focus on vulnerabilities such as access control weaknesses, environmental risks, and procedural deficiencies.
Access control weaknesses include vulnerabilities like unauthorized access to sensitive areas and inadequate authentication mechanisms. These weaknesses can lead to unauthorized individuals gaining physical access to critical systems, potentially leading to data breaches or sabotage. Environmental risks encompass threats from natural disasters, as well as man-made issues like vandalism. These risks can cause significant damage to physical infrastructure and disrupt business operations. Lastly, procedural deficiencies involve inadequate documentation, lack of regular security audits or monitoring, and insufficient training. These deficiencies can reduce the overall effectiveness of the physical security measures.
Vincenzo Macolino says
Britanny, in your response you mentioned how inadequate documentation, lack or regular security audits or monitoring, and insufficient training can be potential vulnerabilities. In my response I didn’t consider this, and you make a great point. Especially when looking at insufficient training, employees lack of knowledge on securing themselves and the company’s systems often times leads to unauthorized access and tampering.
Aisha Ings says
Based on the SANS document on implementing robust physical security, an information security team will likely focus on several vulnerabilities that could pose risks to their systems such as unauthorized physical access, human error, environmental hazards, insider threats and computer theft.
Insider threats are a top concern for me, especially given my previous roles where strict compliance with SOPs on integrity and data security was crucial. When employees or contractors can’t be trusted to protect sensitive information and perform their duties responsibly, the entire security infrastructure is at risk. Implementing strong policies and fostering a culture of integrity and accountability are essential to mitigate these threats. It’s not only about preventing malicious actions but also avoiding inadvertent mistakes that could compromise confidential data. Creating an environment where employees understand the importance of their role in protecting data, organizations can reduce the potential for both intentional and accidental breaches.
Tache Johnson says
Beyond the obvious risks, the company’s physical security team might have explored more subtle and often overlooked vulnerabilities. For example, they could consider the potential threat posed by maintenance crews, delivery personnel, or even janitorial staff who frequently access sensitive areas. These individuals might unknowingly or deliberately compromise security, either by leaving doors propped open, tampering with security systems, or inadvertently causing equipment damage. Additionally, the team might focus on the human factors, like social engineering attacks where intruders impersonate authorized personnel to gain access. Environmental control vulnerabilities are another unique focus area that coudl lead to unexpected failures. Even the positioning of windows or the building’s exterior layout can be vulnerable, as they might expose critical areas to prying eyes or physical breaches.
Dawn Foreman says
The company more than likely found vulnerabilities in access control that could potentially allow entry into restricted areas. The policies in place for access control may be correct but may not be implemented on the ground. For example, we watched the video in class where an individual was able to access bank systems by simply showing a badge. No verification necessary. Additionally, individuals could have access to more than what is needed for their role. For example, the organization I am employed at, there is strict policies around who access to what. Tickets have to be raised and rationale provided as to why an individual needs access. Additionally, someone can have access to a particular system but should only be allowed to see what is necessary to complete their job. Other physical vulnerabilities could include lack of cooling for servers, adequate back up servers, and having servers in a geographical location that is prone to natural disasters.
Vincenzo Macolino says
A company that is analyzing physical security threats and vulnerabilities should be most focused on unauthorized access. A company should be strict with only allowing employees into their building, and anyone outside their company should have permission and supervision when inside the building. Furthermore, restricted areas that if accessed could lead to an attack, should be restricted to only authorized personnel who have been through a background check. Other areas to focus on would be password protection on systems. A company’s systems can be vulnerable to an attack if they do not have strong password protection. Risks outside of the company’s infrastructure include natural disasters, making sure that a company’s data is secured in a building that is protected from natural disasters should be a point of focus. Lastly, it is always important to focus on the employees that work for your company, as often times they have some sort of access to systems. Training employees on security awareness is important, but more importantly doing background checks and monitoring employees activity for potential tampering should be made a priority.