Do not Underestimate Physical Security

Source http://www.retailsecuritytrader.co.uk/shop/images/products/72.jpg

Security in IT is everywhere: firewalls, proxies, anti-[spam|virus], IDS and more! But what about physical security to your IT infrastructure? Read the following story: Peter Gabriel‘s web site was off the web due to a server theft! I would like to know how the thieves performed!

Why spend money to protect your resources from network attacks if they are vulnerable to theft (or any other degradations). If it’s easy to steal hardware, criminals will prefer take out the servers and try to grab information later from a safe place.

Reminder:

  • Install the hardware in a dedicated place.
  • Restrict physical access to the hardware to authorized persons only.
  • Monitor access via a CCTV.
  • Log access (bagdes, biometric or card readers)
  • Do not install hardware in the basement not on ground level
  • Select a central place in the building without direct external walls
  • Keep racks closed!
  • Prefer remote management (who’s happy to work between two racks with a notebook on the knees?)

One comment

  1. the most shocking about the Peter Gabriel story is :
    a) they do not mention anything about the personal data & CC information that might have been compromised by the theft.
    b) their first concern is to bring their commercial leg back and not so much to worry about the customer data that was involved in the theft …

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.