Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 

Physical Security

By Steve Jones,

Think your office is secure? You have guards during the day checking badges, you have key card systems to control and audit access and alarms set at night. You don't worry if you have various system names or passwords scribbled on scratch paper. After all, who would target your office?

You never know. With the large number of people working in technology, there are bound to be a few people with less than prefect morals. The turnover of employees in technology can be high, and it might not be as easy to recognize an outsider as you think.  Even in companies that only have 50 or so employees, it's easy to assume the person you see in the company is new hire, contractor, or other individual that has reason to be there.

Especially if that person gets into your locked server room because they've hacked the alarm or key card system. At the Black Hat conference, hackers demonstrated how they can get past many alarm systems and talked about their methods for cloning RFID cards by walking near someone. The fact that these technologies are available, relatively cheap, and can be implemented by people that have some knowledge of the systems means we have to be more careful than ever about the physical security of our systems.

Be aware of the authorized users that can physically access systems. Ensure that you don't have passwords or other critical information easily available, and encrypt your systems. Even if someone breaks into your data center, they won't want to spend a lot of time there. If someone can easily get information, or copy files, they will. Adding a few security hurdles to bypass might mean the difference between keeping control of your data and losing it.

 
Total article views: 121 | Views in the last 30 days: 1
 
Related Articles
ARTICLE

The Security of Interconnected Systems

We are interconnecting more and more computer systems and applications all the time. Security become...

FORUM

Security Managemen Systems

problem with Security Managemen Systems

BLOG

Security: People Are the Weakest Link

There was an interesting conversation on Twitter today about security awareness and why the training...

ARTICLE

Letting People Go Securely

Having employees leave your company is a reality of life. But how do you handle letting your IT work...

FORUM

System Security Plan (examples) ?

I'm having to draft a System Security Plan for my org for SQL Server instances. to repeat [sorry] I...

Tags
editorial    
security    
 
Contribute