Skip main navigation

The Role of Physical Security

In this video, you will learn that without good physical security, cybersecurity can be ineffective.
11.3
Getting started with physical security, video number one. In this video, I want to briefly go over physical security. Now on a network, we could have amazing tools on here. We could have intrusion detection systems, intrusion prevention systems, or a robust firewall. None of this is going to do much good if a person gained physical access to your computer or your network.
36.1
If an intruder can gain physical access to your computer, if they can gain physical access to your server room, enter the building without authorization, plug an unknown USB device in your computer network, say even something as simple as a USB drive, a flash drive. Some of the flash drives I have will look like a flash drive, but it actually launches a payload that doesn’t get picked up by antivirus. In a matter of seconds, I could have an admin account on there with a reverse connection back to my computer. With physical devices, physical access to a computer network, you can plug a key logger in– something that logs all the keystrokes. Things that export information off. Any number of things.
80.1
And if someone can gain physical access to your network, again, an intruder could do any number of things to you in your network without you even knowing about it. So a couple of key points. Any place that is very secure, that needs to be secure like your server room, your main distribution closet where all your network switches are, it should be some sort of key card at entry. Whether it’s a badge to get in, it’s with a security guard, a lock that no one has keys to it, get into your building if you have since the information, again, it should be a key carded or should be locked up. And people coming in and out should be monitored.
122.5
Store your devices. Any removable storage device you have, including USB devices, laptops, DVDS, CDS, whatnot– anything that has sensitive information, information that you would not want out in the public. These could be financial records business records, user accounts, passwords, anything. Anything that you’re not OK with some stranger going through and reading or looking at should be stored and locked away. Not only at the end of the day, but if you’re going to be away, you should lock all that up. Who has access to your server room? Server room access should be limited and strictly enforced for only those that absolutely need access to it.
165
So key distribution, people that can access, it should be limited, again, to only those who really need to get in there, which are typically going to be your network administrators. Doesn’t mean that there can’t be a spare key. Say if your network administrators out sick, there could be a spare key kept in a secure location if someone needs to get in there, like a vendor needs to get in their fire department or whatnot. There should be security guidelines. You should have clearly written-out security guidelines that all employees understand, and have access to. Again, I stress clearly written, because if someone doesn’t understand a certain guideline or if the guideline is not reasonable, people aren’t going to follow it.
207.6
So you do need to make sure that it is respectful, it is clearly written, people are able understand it, they do understand, and they’re willing to follow it. These things are going to help keep your network safe. And we’re going to take a look at a lot of other things that are going to help keep your network safe, starting off with understanding tailgating in our next video. Thanks for watching. I’ll see you there.

In this video, you will learn that without good physical security, cybersecurity can be ineffective. If someone could easily break into your office, for example, then cybersecurity can only take you so far.

After watching the video, think about how you can increase your physical security. Here are some examples:

  • use carded entry to help reduce unauthorized entries
  • store any removable devices in a locked facility when you’re done with them
  • limit the number of individuals who have access
  • incorporate a strict set of security guidelines

Reflect and share: Now that you have learned how poor physical security can be a risk to your cybersecurity, take a moment to reflect on how physically secure you are. Share what you would change, or what you have learned, with your fellow learners below.

This article is from the free online

Cyber Security Foundations: Why Cyber Security is Important

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education