Is Physical Security a hidden weakness in your Information Security strategy? Your doors and locks may pose a greater threat to information security than technical exploits.
Physical Security as part of InfoSec Plans
Since Information Security primarily involves the security of electronic information, the bulk of InfoSec investment and effort tends to focus on the technical aspects. With the non-technical aspects receiving reduced budgets and resources, commensurate with their scope.
Occasionally this budget & resource dichotomy results in diminished political clout for the owners of these non-technical aspects. Which hinders their ability to impart organizational change, despite their ownership of key elements – such as facility security and end-user security training.
I’ve watched dozens of videos from “Penetration Testers”. Although most contain some useful information, I’ve not found them focused enough to post. However, I recently discovered a video that is packed with useful information, focused on a single topic area, and provides solutions for each weakness it describes – a rarity in Penetration Tester videos. This video focuses on a single aspect of physical security – exploiting doors & locks.
NOTE: this video contains occasional strong language and may not be appropriate for viewing in a professional environment.
Video – The Search for the Perfect Door
You spent a lot on a high-grade, pick-resistant, ANSI-rated lock for your door. Your vendor has assured you that it will resist attack and be difficult to copy the key. But, even if they’re right, the bulk of attacks against doors have little to do with the lock.
This talk is a hard-hitting exploration of the ways in which your doors — the most fundamental part of your physical security — may allow illicit entry.
Recorded and posted on youtube by the Shakacon LLC (Standard YouTube License).