Physical Theft

An adversary gains physical access to a system or device through theft of the item. Possession of a system or device enables a number of unique attacks to be executed and often provides the adversary with an extended timeframe for which to perform an attack.

Most protections put in place to secure sensitive information can be defeated when an adversary has physical access and enough time.

To mitigate this type of attack, physical security techniques such as locks doors, alarms, and monitoring of targets should be implemented.

Physical security is a vital part of any security plan and is fundamental to all security efforts--without it, information security, software security, user access security, and network security are considerably more difficult, if not impossible, to initiate.

The most common physical security risks to organizations:

1. Tailgating - Tailgating is when an unauthorized person follows an authorized person into a secure area. Tailgating can be limited with the right physical security measures. Anti-tailgating doors make tailgating virtually impossible, but installing them can prove expensive.

Another way to reduce tailgating is by providing physical security training for your employees. It involves raising awareness among employees and providing them with a rigid physical security policy, including guidance such as not holding doors open to people they don’t recognize. 

2. Theft of documents - Sensitive documents can easily become unaccounted for - and fall into the wrong hands.

One of the best ways to prevent the theft or accidental revelation of documents and sensitive information is to institute a clear-desk policy. A clear-desk policy, which means ensuring that all desks are cleared and all documents are put away at the end of the workday, makes it less likely that sensitive documents are left in vulnerable locations.

In order to prevent the theft of documents, it is also essential to institute access control and prevent unaccounted visitors from entering your workplace. 

3. Unaccounted visitors - Unaccounted visitors pose a serious risk, as it is impossible to know if they were present if an incident occurs. Access control with swipe-card-access or ID doors is essential for business security, but you should also ensure that all visitors are accounted for by supplying them with visitor passes. Have a log of entry to later verify when a person was within your premises.

4. Stolen identification - An access control system only works if everyone uses their own identification. If people are going in and out of your promises using someone else’s identification, the result is the same as if you had no access control at all.

Employees need to be educated on the importance of protecting their IDs or access cards. Without training, employees will often share or lend each other their cards, making it hard to properly monitor access. Employees may also be careless with their IDs unless the importance of protecting them is demonstrated.

5. Social engineering - Social engineering attacks rely on manipulating your employees, often using information that they have managed to gain to impersonate someone else, or abusing basic human empathy to gain access to secure areas and networks.

Social engineering attacks can come in a huge variety of different forms. This is one of the reasons why it is so difficult to combat. 

The first step towards combating social engineering is to make a thorough physical security risk assessment and consider how someone could get through the protections that are in place. Raising awareness about social engineering among your employees is also key, as understanding the risks that social engineering can pose will help your employees be more alert to any suspicious activity or contacts.