Do not Underestimate Physical Security

May 6, 2008 – 7:04 PM

Security in IT is everywhere: firewalls, proxies, anti-[spam|virus], IDS and more! But what about physical security to your IT infrastructure? Read the following story: Peter Gabriel’s web site was off the web due to a server theft! I would like to know how the thieves performed!

Why spend money to protect your resources from network attacks if they are vulnerable to theft (or any other degradations). If it’s easy to steal hardware, criminals will prefer take out the servers and try to grab information later from a safe place.

Reminder:

• Install the hardware in a dedicated place.
• Restrict physical access to the hardware to authorized persons only.
• Monitor access via a CCTV.
• Log access (bagdes, biometric or card readers)
• Do not install hardware in the basement not on ground level
• Select a central place in the building without direct external walls
• Keep racks closed!
• Prefer remote management (who’s happy to work between two racks with a notebook on the knees?)

Source: /dev/random