Physical Site Security
Personnel Hardware Programs Networks Data Protection from: Fire Natural disasters Burglary / Theft Vandalism Terrorism
Install malware, keyloggers, viruses, etc. Identify / capture credentials Physical network connections Data collection systems access Plant rogue Aps Theft / Dumpster diving
Categories Physical: Security guards, lighting, fences, locks, alarms, closed-circuit televisions, man-trap Technical: Firewalls, IDS, filtering and scanning Operational: Policies
Lock the server room Establish video surveillance Secure workstations and components Secure portable devices Secure backups Disable removable media devices Secure printers and output Lock picking:
Establish a response policy Refine policies Identify (notify?) stakeholders