Data Center Physical Security Checklist
This paper will present an informal checklist compiled to raise awareness of physical security issues in the data center environment. Information Security Specialists should use this checklist to ascertain weaknesses in the physical security of the data centers that their organization utilizes. In a Defense-in-Depth security model, physical threat vectors are often the most vulnerable and overlooked (Schneier, 284). Physical penetration offers the hacker or malicious user access to sensitive data with less technical acumen making it a tempting attack method (Schwartau, 112). Social engineering, Shoulder surfing and physical access to console ports are all facilitated (118-119). Dumpster diving by definition involves a breach of physical security. People are not the only physical threat. Disaster recovery also falls under the purview of physical security. In other words, e-mail should not be lost because there is a flood in the basement (Mason, 1).
416 (PDF, 1.58MB)
1 Dec 2001Related Content
Denial of Service Deterrence
Research PaperDenial of Service has been a very useful practice for attackers and continues to remain prevalent...
- 1 Apr 2015
Practical El Jefe
Research PaperEl Jefe is open source process monitoring software for Windows. With this tool, incident handlers...
- 31 Mar 2015
Using Influence Strategies to Improve Security Awareness Programs
Research PaperEven companies with extensive, well-funded security awareness programs fall victim to attacks...
- 25 Oct 2013
Talking Out Both Sides of Your Mouth: Streamlining Communication via Metaphor
Research PaperAs Security is a relatively new field, we are still learning how to communicate what we know with...
- 4 Oct 2013
Information Risks and Risk Management
Research PaperThis brief will cover the various exposures that companies now face as they increasingly rely on...
- 1 May 2013
Surfing the Web Anonymously - The Good and Evil of the Anonymizer
Research PaperCompanies of all sizes spend large amounts of time, resources, and money to ensure that their...
- 8 Oct 2012
Robots.txt
Research PaperAlthough this GIAC gold paper is not about search engine optimization, or SEO, this paper will...
- 31 May 2012
A Process for Continuous Improvement Using Log Analysis
Research PaperGood security is a moving target. Walls and castles were once good defenses against attackers, but...
- 26 Oct 2011
Measuring Psychological Variables of Control In Information Security
Research PaperThe effects of an individual's personal feelings of control over aspects of their health have been...
- 12 Jan 2011
Which Disney(c) Princess are YOU?
Research PaperSocial engineering for identity theft has always been around. But now, with the advent of social...
- 18 Mar 2010
Prelude as a Hybrid IDS Framework
Research PaperOrganizations both Large and Small are constantly looking to improve their posture on security....
- 24 Mar 2009
The Importance of Security Awareness Training
Research PaperOne of the best ways to make sure company employees will not make costly errors in regard to...
- 14 Jan 2009
Vendor-Supplied Backdoor Passwords - A Continuing Vulnerability
Research PaperVendor-Supplied Backdoor Passwords - A Continuing Vulnerability
- 26 Sep 2008
Making Security Awareness Efforts Work for You
Research PaperMaking Security Awareness Efforts Work for You
- 20 May 2008
The Controlled Event Framework for Information Asset Security
Research PaperThe Controlled Event Framework for Information Asset Security
- 20 Feb 2008
Data Leakage - Threats and Mitigation
Research PaperData Leakage - Threats and Mitigation
- 24 Oct 2007
Identity Theft
Research PaperThe act of identity theft can be performed by anyone, it could be family, friends or spouses. The...
- 2 Jul 2007
Social Engineering Your Employees to Information Security
Research PaperThis paper will examine the role and value of Information Security Awareness efforts in the...
- 19 Dec 2006
Building a Security Policy Framework for a Large, Multi-national Company
Research PaperInformation Security is not just technology. It is a process, a policy, and a culture. Our...
- 5 May 2005
The Role of the Security Analyst in the Systems Development Life Cycle
Research PaperThis paper will proceed in a very logical manner to describe how a sequential development life cycle...
- 5 May 2005