Physical controls
Often, the importance of physical control is underestimated by individuals and organizations. But the reality is attackers can attempt to penetrate your infrastructure physically so then they will be able to bypass many other controllers. This must be prevented at any cost as, if attackers get to bypass physical controls, they will have a better chance to compromise other controllers as well. Physical controls include the following:
- Securing devices and physical access controls
- Closed-circuit surveillance cameras
- Motion or thermal alarm systems
- Security guards
- Picture IDs
- Locked and dead-bolted steel doors
- Biometrics (including fingerprint, voice, face, iris, handwriting, and other automated methods used to recognize individuals)
If someone compromises your physical security, you can install different kinds of hacker tools quite easily and get to access your infrastructure.
Figure 2.15 – LAN turtle...
