Physical space can be frequently forgotten when considering cyber security, though it is vital to remember that technology and information always have their physical dimensions. Physical security has been important long before the need of cyber security, and it continues to be crucial to the safety of cyber information today. Technology and information are at risk if their physical components are not properly protected, and so, the correct measures must be taken to prevent this.
Physical security can take many forms, from identification of employees through badges and lanyards to biometric systems of entry and exit. Every system has its pros and cons, and almost every system can be bypassed, leading to the need of layering of multiple systems. This way, if one method fails, another should still offer adequate protection – you can think of it like a block of swiss cheese: while there are holes, hopefully none of the holes run all of the way through! Choosing the correct level and method of protection is essential in ensuring effectiveness. This can be worked out by considering the assets protected, vulnerabilities and threats. The method utilised must be deemed appropriate for the scenario, otherwise employees may view the security practices as excessive and choose to circumnavigate them. Similarly, systems may not be used to their full potential if staff do not understand the importance of them. Therefore, at the heart of effective physical cyber security is communication and education as to why systems such as key cards are in place.
On a large scale, the internet itself provides an example of the importance of physical cyber security. Its digital body lives inside of servers, which are typically found in large datacenter buildings. These datacenters are then connected via copper or glass fibre optics which send data through laser beams at the speed of light. Companies such as Amazon and Google will hold information about their users in their datacenters, so if their buildings are compromised, millions of peoples data is at risk. On top of this, countries must be connected too, which necessitates undersea cabling to transmit data worldwide. While the sea perhaps offers protection enough while underwater, the areas where the cables emerge onto land must be guarded thoroughly at all times.
Whether on the scale of office computer systems or global corporations’ datacenters, it is certain that the physical components of technology must be assigned sufficient protection. In the same way in which social engineering can be used for phishing and other online scams, it has been used continually in the physical world. Manipulating people in workplaces, or observing flaws in security systems can cause devastating breaches of information or data.