Build crucial cyber security skills through interactive training during SANS Cyber Security Mountain 2021. Save $150 thru 6/30.

Reading Room

Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

Physical Security

Featuring 11 Papers as of September 16, 2016

  • Hardware Keyloggers Graduate Student Research
    by Glen Roberts - July 29, 2016 

    Most information security professionals are familiar with keyloggers. However, while the security industry has produced plenty of defenses for software-based keyloggers, hardware keyloggers continue to pose a daunting problem for the typical enterprise. A deeper understanding of these insidious devices can lead to viable techniques for both protection and detection.

  • Physical Security and Why It Is Important Graduate Student Research
    by David Hutter - July 28, 2016 

    Physical security is often a second thought when it comes to information security. Since physical security has technical and administrative elements, it is often overlooked because most organizations focus on "technology-oriented security countermeasures" (Harris, 2013) to prevent hacking attacks.

  • An Abbreviated History of Automation & Industrial Controls System and Cybersecurity by Ernie Hayden - January 23, 2015 

    Automation and industrial controls systems - often referred to as ICS - have an interesting and fairly long history.

  • Systems Engineering: Required for Cost-Effective Development of Secure Products by Dan Lyon - October 8, 2012 

    Security of data and systems is critical to consider during development of a complex system, and by taking a systems approach, secure design can be achieved in a cost effective manner.

  • A Practical Application of Background Investigations for Small Company Security Perimeters by Tim Cook - August 30, 2007 

    According to the 2003 CSI/FBI Computer Crime and Security Survey, the two most cited forms of computer attack or abuse were virus incidents (82 percent) and insider abuse of network access (80 percent) and according to the 2005 CSI/FBI Computer Crime and Security Survey despite some variation from year to year, inside jobs occur about as often as outside jobs. This data is confirmed and supplemented by the 2006 CSI/FBI Computer Crime and Security Survey where it is reported that 62% of respondents believe that they have suffered losses due to insider threats and 7 percent of respondents thought that insiders account for more than 80 percent of their organization’s cyber losses.

  • Fiber Optics and its Security Vulnerabilities by Kimberlie Witcher - October 5, 2005 

    Researching fiber optic security vulnerabilities suggests that not everyone who is responsible for their networks security is aware of the different methods that intruders use to hack virtually undetected into fiber optic cables.

  • Implementing Robust Physical Security by Bob Pagoria - August 15, 2004 

    As the world of computer technology continues to grow, becomes increasingly competitive and vulnerable to malicious attacks, every business must more seriously consider IT (Information Technology) security as a high priority.

  • Using Passive Environmental Cues to Enhance Physical Security by David Pollack - July 25, 2004 

    Most computer users are not aware of the fact that malevolent individuals use a variety of methods to gain access to systems including social engineering and outright theft. All too often do people rely on electronic security devices to provide all of their information security needs.

  • Physical Security: A Biometric Approach by Ryan Hay - March 2, 2004 

    This paper will analyze various biometric techniques and products, provide advantages and disadvantages of these techniques, and conclude with a discussion on biometrics of the future.

  • Protect Yourself by Justin Bois - April 4, 2002 

    This paper is intended to demonstrate the design of a building with physical security in mind and how to apply the same theories to existing buildings.

  • Building the Ideal Web Hosting Facility: A Physical Security Perspective by Seth Friedman - December 10, 2001 

    The purpose of this paper is to provide a comprehensive look at Physical Security by means of building an ideal web hosting facility. By viewing this design and construction process from a Physical Security perspective, we will identify and describe the measures needed to make our facility fully secure; and create a comprehensive Physical Security Primer that can be used in many types of facilities and circumstances.

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact

All papers are copyrighted. No re-posting or distribution of papers is permitted. Graduate Student Research - This paper was created by a SANS Technology Institute student as part of the graduate program curriculum.