Is Your Physical Security Exposing Your Information Security
Last week I stumbled across a rather interesting set of videos on YouTube by a presenter called Deviant Ollam (https://www.youtube.com/results?search_query=deviant+ollam+physical+security). Deviant Ollam is a physical security penetration tester in the US and runs a company doing just that: trying to gain access to places he shouldn’t. We’re not talking black hat breaking in activity here but we are talking about white hat: doing these things paid for by the client to test their physical security.
What I found watching some of these videos was startling. Yes, some of the content is a little bit US-centric and perhaps doesn’t apply to the UK, however, it really got me thinking about a question. As IT, we spend all this time and money investing in information security, event logging, event monitoring, alerting, and more. If the physical security of our premises, however, is so easily bypassed, are we just making it too easy for would-be attackers.
Read more…