October 1, 2022
physical information security

Physical information security

Physical information security involves the protection of organizational assets from environmental and manmade threats. It is the first layer of protection in any organization and is described as the certain safety measures that deny unauthorized access to organizational assets, and protects personnel and property from damage or harm (e.g. espionage, theft, or terrorist attacks). It involves the use of multiple layers of interdependent systems, which include CCTV surveillance, security guards, protective barriers, locks, access control protocols, and so on.

Physical security helps to:

Prevent any unauthorized access to the system resources:

Physical security protects information from unauthorized use and implements controls so that the authorized user does not inadvertently or intentionally misuse or compromise the integrity and availability of the information.

Prevent tampering/stealing of data from the computer systems:

Insider can use USB or other portable devices to steal information from a computer. Security administrators deploy monitoring tools that trigger an alarm if an insider connects an external device to any of the systems in the network.

Also Read: How to Hack Facebook

Safeguard against espionage, sabotage, damage, or theft:

Companies deploy surveillance systems, CCTVs, alarm systems, security guards, etc. to monitor and safeguard the organization’s assets. Security administrators also use an access card authentication system for server rooms, file areas, communication closets, off-site backups, phone rooms, IT equipment, and other areas to which only a limited number of people have access.

To protect personnel and prevent social engineering attacks:

Physical security personnel and internal employees need periodic physical security awareness training to protect themselves from social engineering attacks.

Physical security is perhaps the most overlooked aspect of security. Categories of physical security threats are:

Natural/Environmental Threats

This type of threat includes the results of naturally occurring events, including:

Floods: Administrators should conduct periodic inspections to check for water seepage, especially during times of heavy precipitation. They should also check the water detector periodically. Administrators should aware of proper shutdown procedures, and must perform exercise drills regularly.

Fire and Smoke: Administrators should periodically check the proper placement and functioning of fire alarms and extinguishers. They should also install smoke detectors throughout the building(s). The designated smoking area should be as far as possible from the computer system.

Also read: How to hack phone

Earthquakes: Even minor earthquakes may cause dust and debris to fall on computer equipment. Plastic sheets should be readily available in the system room. Covering computing assets in an emergency may mitigate the damage. Operators should properly cover magnetic tapes to prevent wear and tear.

Dust: Dust that naturally accumulates on hardware hinders its performance. Dust can seriously hinder a computer’s ability to cool down. Even if the computer case is closed, dust can still get in through drive openings. An effective way to remove dust from the inside of the CPU is to blow it away from the motherboard and other components using compressed air.

Man-made Threats

Man-made threats are one of the most important topics when we talk about Physical Information Security

The biggest threat to the physical components of an organization and its network are from human errors, be they intentional. For example, human errors include hitting the wrong button and unplugging the wrong cord.

Man-made threats include:

Terrorism:

Terrorist activities include the following:

  • Assassinations
  • Random killings
  • Bombings
  • Hijackings

Wars: Wherever they occur, wars destroy the major buildings, industries, and infrastructures and change the economic conditions of countries. Also, pollution can spread due to bombs and expelled gases.

Explosion: To prevent explosions chemicals should be isolated and kept away from computers.

Dumpster diving and theft: “Dumpster diving” involves searching the garbage of the targeted company in order to acquire important information. Attackers search for information such as phone numbers, credit card numbers, and other information commonly thrown away in dustbins. Attackers can also use discarded storage media such as floppy disks, CDs, and tapes to obtain important information.

Lack of proper security may result in equipment theft. A guard on the premises can help prevent this.

Vandalism: Disgruntled or former employees may try to compromise the system. In addition, in a case in which a disaster causes panic, the system might be mishandled.

Also Read: SQL Injection

If you need any extra information about Physical Information Security you can comment below we will help you soon.

– Ajinkya Kadam

12 thoughts on “What is Physical Information Security?

  1. Wow, superb blog layout! How long have you been blogging for? you make blogging look easy. The overall look of your website is excellent, let alone the content!

  2. My brother recommended I would possibly like this blog. He was once totally right. This publish actually made my day. You cann’t consider just how a lot time I had spent for this information! Thanks!

  3. Hi, i think that i saw you visited my weblog so i return the want?I am attempting to in finding things to enhance my web site!I guess its ok to use some of your ideas!!

  4. An additional issue is really that video gaming became one of the all-time biggest forms of excitement for people of all ages. Kids participate in video games, and adults do, too. The XBox 360 is probably the favorite gaming systems for those who love to have hundreds of video games available to them, along with who like to learn live with people all over the world. Thanks for sharing your thinking.

  5. Its like you read my mind! You appear to know so much about this, like you wrote the book in it or something. I think that you could do with a few pics to drive the message home a little bit, but instead of that, this is excellent blog. A fantastic read. I will certainly be back.

  6. I抦 impressed, I must say. Actually rarely do I encounter a weblog that抯 both educative and entertaining, and let me tell you, you have hit the nail on the head. Your idea is excellent; the problem is something that not enough people are speaking intelligently about. I am very joyful that I stumbled throughout this in my search for something referring to this.

  7. Would you like to know how to make big commissions daily without any product or inventory and with zero experience with sales and marketing? Get access to online training for free showing exactly how this is done in just 3 steps! You read correctly, the training is completely free and I’ll show you exactly how this is done, no strings attached.

  8. My developer is trying to convince me to move to .net from PHP. I have always disliked the idea because of the expenses. But he’s tryiong none the less. I’ve been using WordPress on numerous websites for about a year and am concerned about switching to another platform. I have heard good things about blogengine.net. Is there a way I can import all my wordpress posts into it? Any kind of help would be greatly appreciated!

  9. Ever wanted to push some competition site`s ranks down for not playing the game fair?

    Now you can:
    blackhat.to

Leave a Reply

Your email address will not be published.