{"id":8165,"date":"2021-04-05T00:16:54","date_gmt":"2021-04-05T00:16:54","guid":{"rendered":"https:\/\/wealthrevelation.com\/data-science\/2021\/04\/05\/why-is-physical-security-vital-for-data-security\/"},"modified":"2021-04-05T00:16:54","modified_gmt":"2021-04-05T00:16:54","slug":"why-is-physical-security-vital-for-data-security","status":"publish","type":"post","link":"https:\/\/wealthrevelation.com\/data-science\/2021\/04\/05\/why-is-physical-security-vital-for-data-security\/","title":{"rendered":"Why Is Physical Security Vital for Data Security?"},"content":{"rendered":"
\n

Modern businesses hold on to an increasing amount of sensitive and sometimes confidential data. As a result, they\u2019ve had to invest in new technology and practices to keep that data safe.<\/p>\n

Many of these businesses, when developing their data security or cybersecurity protocols, focus on the security of their hardware, software and business network. Prioritizing these assets is essential \u2014 however, if physical security gets left behind, even the best digital tech may not keep a company\u2019s data safe.<\/p>\n

There\u2019s practically no stopping someone with physical access to your data storage from stealing info or compromising your business network.<\/p>\n

This is why companies that prioritize digital security also need to carefully consider physical security \u2014 and what may happen when physical security is neglected.<\/p>\n

Physical Access Can Allow Criminals to Bypass Even the Best Digital Security<\/h2>\n

It\u2019s almost impossible to protect any device from a physical attack. If a hacker has sustained access to device hardware, they\u2019ll be able to breach its defenses eventually \u2014 potentially giving them access to the information on that device, as well as any stored security credentials.<\/p>\n

Devices that are digitally secured but not physically secured \u2014 like a laptop left behind in a coffee shop, or an IoT sensor in an unlocked case \u2014 can provide a valuable vector of attack for hackers. In some cases, that vector may be all they need to create serious trouble for a company.<\/p>\n

In some cases, poor building security may enable hackers to sneak into server rooms or gain access to off-site devices, like IoT sensors. Often, hackers also gain access to hardware either by theft \u2014 for example, swiping a laptop left sitting in a coffee shop \u2014 or by using social engineering to gain remote access.<\/p>\n

Even large devices that are rarely moved or accessed by staff \u2014 like servers in a data center \u2014 can be at risk.<\/p>\n

This is why large, high-budget data centers often have what\u2019s colloquially called a mantrap \u2014 a set of two interlocking doors, somewhat like an airlock, that one has\u00a0 to pass through to reach the server hardware. These doors serve as a final access check for the data center and help to minimize the risk of unauthorized server access.<\/p>\n

These threats aren\u2019t an abstraction \u2014 hackers and other criminals have used physical access to steal data in the past.<\/p>\n

In 2015, for example, hackers stole five servers<\/a> from the offices of a British charity, PlanUK. Those servers contained a wealth of information on donators, including names, addresses, bank account numbers and sort codes.<\/p>\n

In 2018, the theft of a laptop exposed the data<\/a> of more than 43,000 patients of the West Virginia-based Coplin Health System \u2014 part of the reason that laptop theft is ranked the number one cause<\/a> of health data breaches.<\/p>\n

Valuable Hardware and Essential Systems May Be at High Risk<\/h2>\n

Hackers may also use physical attack vectors if they need to gain access to critical infrastructure, which may otherwise be air-gapped from internet-connected systems and impossible to attack with digital-only methods.<\/p>\n

This is part of why major physical security manufacturers dedicate entire product lines to physical security for nuclear power plants<\/a>, for example, or airports or international organizations \u2014 and why those kinds of institutions take physical security so seriously.<\/p>\n

Enterprise-grade computer hardware can also be very valuable \u2014 making that hardware a major target. While you may expect criminals to be driven more by data or network access than by the resale value of your servers, theft for resale or reuse has happened before.<\/p>\n

In 2018, for example, Icelandic criminals stole 600 bitcoin-mining servers<\/a> in one of the biggest tech heists on record. Rising cryptocurrency prices may encourage some criminals to plan similar heists of powerful hardware. Owners of data centers, rendering farms and other facilities with high-value hardware should be aware of these risks, as well as how good physical security is necessary to keep their hardware safe.<\/p>\n

Using Physical Security to Complement Your Digital Security Planning<\/h2>\n

Without strong physical security practices, your data can be vulnerable \u2014 even if you have a great digital security plan in place.<\/p>\n

Hackers, when faced with strong cyber defenses, sometimes turn to physical attacks to gain access to critical hardware. In other cases, they may also be after the hardware for sale or personal use.<\/p>\n

Even a basic physical security plan \u2014 one that involves ID verification and access control \u2014 can go a long way in complementing a digital security strategy and keeping data safe.<\/p>\n

\n

Shannon Flynn<\/a><\/h3>\n
\"Avatar\"<\/div>\n

Shannon is a technology blogger who writes about IT trends, cybersecurity, and biztech news. She’s also the Managing Editor at ReHack.com. Follow ReHack on Twitter to read more from Shannon about other technology updates.<\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

https:\/\/data-science-blog.com\/en\/blog\/2021\/03\/30\/why-is-physical-security-vital-for-data-security\/<\/p>\n","protected":false},"author":0,"featured_media":8166,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[2],"tags":[],"_links":{"self":[{"href":"https:\/\/wealthrevelation.com\/data-science\/wp-json\/wp\/v2\/posts\/8165"}],"collection":[{"href":"https:\/\/wealthrevelation.com\/data-science\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wealthrevelation.com\/data-science\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/wealthrevelation.com\/data-science\/wp-json\/wp\/v2\/comments?post=8165"}],"version-history":[{"count":0,"href":"https:\/\/wealthrevelation.com\/data-science\/wp-json\/wp\/v2\/posts\/8165\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/wealthrevelation.com\/data-science\/wp-json\/wp\/v2\/media\/8166"}],"wp:attachment":[{"href":"https:\/\/wealthrevelation.com\/data-science\/wp-json\/wp\/v2\/media?parent=8165"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wealthrevelation.com\/data-science\/wp-json\/wp\/v2\/categories?post=8165"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wealthrevelation.com\/data-science\/wp-json\/wp\/v2\/tags?post=8165"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}