How to Crack iOS Passwords
How to Exploit the Vulnerability of a Missing Patch Using Metasploit
Automate E-mail Security Controls to Prevent Hacks through E-mail

Know Your Physical Security Vulnerabilities to Avoid Hacks

Whatever your computer- and network-security technology, practically any hack is possible if an attacker is physically in your building or data center. That’s why looking for physical security vulnerabilities and fixing them before they’re exploited is important.

In small companies, some physical security issues might not be a problem. Many physical security vulnerabilities depend on such factors as

  • Size of the building

  • Number of buildings or sites

  • Number of employees

  • Location and number of building entrance and exit points

  • Placement of the data centers and other confidential information

Literally thousands of possible physical security vulnerabilities exist. The bad guys are always on the lookout for them — so you should look for these vulnerabilities first. Here are some examples of physical security vulnerabilities:

  • No receptionist in a building to monitor who’s coming and going

  • No visitor sign-in or escort required for building access

  • Employees trusting visitors because they wear vendor uniforms or say they’re in the building to work on the copier or computers

  • No access controls on doors or the use of traditional keys that can be duplicated with no accountability

  • Doors propped open

  • IP-based video, access control, and data center management systems accessible via the network with the default user ID and password

  • Publicly accessible computer rooms

  • Software and backup media lying around

  • Unsecured computer hardware, especially laptops, phones, and tablets

  • Sensitive information being thrown away in trash cans rather than being shredded or placed in a shred container

  • CDs and DVDs with confidential information in trash cans

When these physical security vulnerabilities are exploited, bad things can happen. All it takes to exploit these weaknesses is an unauthorized individual entering your building.

blog comments powered by Disqus
Prevent Network Hacking with Port Scanners
Capture and Record Voice Traffic to Demonstrate VoIP Security Vulnerabilities
How to Guard against Buffer Overflow Hacks
Avoid Hacks on Vulnerable Wireless Workstations
A Case Study in the Hacking of Web Applications
Advertisement

Inside Dummies.com