In the December 2006 issue, Information Technology listed the "Most Overlooked" aspects of technology security, and old-fashioned physical security was first on its mind.
According to the article, the people who do IT security and the people who do physical security in large organizations don't work with one another. Many small- to mid-sized enterprise IT security groups may overlook physical issues altogether. It's not until a building break-in occurs that the two may even meet at all.
Quoting the article: "It's always somebody else's fault when there's a break-in in the building," says Steve Stasiukonis, vice president and founder of Secure Network Technologies, regarding IT security blaming facilities management and vice versa. But IT security should be on the same team as the facilities management group, he says.
In many organizations, physical security is often focused more on protecting copiers, printers, and fax machines from theft -- not servers or computer equipment. "A lot of companies are allocating surveillance technology in the wrong places," he says, and not where intruders are more likely to gain access, such as the cargo landing where smokers take their breaks, or on the cafeteria patio.
Stasiukonis broke into a credit union by simply wearing a copier company t-shirt. The servers were unsecured and open to anyone who could physically stand next to them. He was able to jack in and steal data directly from the servers.
Thieves might also steal valuable equipment worth thousands, but data worth many times as much - or compromise customer privacy when data on stolen hardware is exposed to thieves.
Vandalism or accidental damage can also occur when servers, computers, or other equipment is left exposed to unauthorized personnel. A lockable room or security barrier is relatively inexpensive and can pay large dividends.
To read the article in its entirety, visit Informa. Also, visit our article on data center physical security options.