Using Passive Environmental Cues to Enhance Physical Security

Strong passwords, intrusion detection systems, properly configured firewalls and routers, up-to-date anti-virus software, properly patched operating systems, solid backup schemes and qualified security personnel are some of the most important aspects of information security. These help safeguard data from the potentially devastating effects of a determined hacker because they make unauthorized access to your network harder to attain. Unfortunately, this threat is not limited to the electronic medium. Most computer users are not aware of the fact that malevolent individuals use a variety of methods to gain access to systems including social engineering and outright theft. All too often people rely on electronic security devices to provide all of their information security needs. An electronic device such as an IDS may detect someone attacking a web server, but it will not detect someone at a terminal stealing data or equipment. If a person has physical access to a workstation or server, they control that system and the data stored on it. This highlights the idea that sound electronic security is only part of the security game. Physical security is the other. It is what enables all other security measures to perform effectively and is an absolute necessity in any comprehensive security plan.