Talk With an Expert

Data Center Physical Security Checklist

Data Center Physical Security Checklist (PDF, 1.58MB)Published: 01 Dec, 2001
Created by
Sean Heare

This paper will present an informal checklist compiled to raise awareness of physical security issues in the data center environment. Information Security Specialists should use this checklist to ascertain weaknesses in the physical security of the data centers that their organization utilizes. In a Defense-in-Depth security model, physical threat vectors are often the most vulnerable and overlooked (Schneier, 284). Physical penetration offers the hacker or malicious user access to sensitive data with less technical acumen making it a tempting attack method (Schwartau, 112). Social engineering, Shoulder surfing and physical access to console ports are all facilitated (118-119). Dumpster diving by definition involves a breach of physical security. People are not the only physical threat. Disaster recovery also falls under the purview of physical security. In other words, e-mail should not be lost because there is a flood in the basement (Mason, 1).