Skip main navigation

New offer! Get 30% off your first 2 months of Unlimited Monthly. Start your subscription for just £35.99 £24.99. New subscribers only T&Cs apply

Find out more

The Role of Physical Security

In this video, you will learn that without good physical security, cybersecurity can be ineffective.
Getting started with physical security, video number one. In this video, I want to briefly go over physical security. Now on a network, we could have amazing tools on here. We could have intrusion detection systems, intrusion prevention systems, or a robust firewall. None of this is going to do much good if a person gained physical access to your computer or your network.
If an intruder can gain physical access to your computer, if they can gain physical access to your server room, enter the building without authorization, plug an unknown USB device in your computer network, say even something as simple as a USB drive, a flash drive. Some of the flash drives I have will look like a flash drive, but it actually launches a payload that doesn’t get picked up by antivirus. In a matter of seconds, I could have an admin account on there with a reverse connection back to my computer. With physical devices, physical access to a computer network, you can plug a key logger in– something that logs all the keystrokes. Things that export information off. Any number of things.
And if someone can gain physical access to your network, again, an intruder could do any number of things to you in your network without you even knowing about it. So a couple of key points. Any place that is very secure, that needs to be secure like your server room, your main distribution closet where all your network switches are, it should be some sort of key card at entry. Whether it’s a badge to get in, it’s with a security guard, a lock that no one has keys to it, get into your building if you have since the information, again, it should be a key carded or should be locked up. And people coming in and out should be monitored.
Store your devices. Any removable storage device you have, including USB devices, laptops, DVDS, CDS, whatnot– anything that has sensitive information, information that you would not want out in the public. These could be financial records business records, user accounts, passwords, anything. Anything that you’re not OK with some stranger going through and reading or looking at should be stored and locked away. Not only at the end of the day, but if you’re going to be away, you should lock all that up. Who has access to your server room? Server room access should be limited and strictly enforced for only those that absolutely need access to it.
So key distribution, people that can access, it should be limited, again, to only those who really need to get in there, which are typically going to be your network administrators. Doesn’t mean that there can’t be a spare key. Say if your network administrators out sick, there could be a spare key kept in a secure location if someone needs to get in there, like a vendor needs to get in their fire department or whatnot. There should be security guidelines. You should have clearly written-out security guidelines that all employees understand, and have access to. Again, I stress clearly written, because if someone doesn’t understand a certain guideline or if the guideline is not reasonable, people aren’t going to follow it.
So you do need to make sure that it is respectful, it is clearly written, people are able understand it, they do understand, and they’re willing to follow it. These things are going to help keep your network safe. And we’re going to take a look at a lot of other things that are going to help keep your network safe, starting off with understanding tailgating in our next video. Thanks for watching. I’ll see you there.

In this video, you will learn that without good physical security, cybersecurity can be ineffective. If someone could easily break into your office, for example, then cybersecurity can only take you so far.

After watching the video, think about how you can increase your physical security. Here are some examples:

  • use carded entry to help reduce unauthorized entries
  • store any removable devices in a locked facility when you’re done with them
  • limit the number of individuals who have access
  • incorporate a strict set of security guidelines

Reflect and share: Now that you have learned how poor physical security can be a risk to your cybersecurity, take a moment to reflect on how physically secure you are. Share what you would change, or what you have learned, with your fellow learners below.

This article is from the free online

Cyber Security Foundations: Why Cyber Security is Important

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now