What is security?
Security for information technology (IT) refers to the methods, tools and personnel used to defend an organization's digital assets. The goal of IT security is to protect these assets, devices and services from being disrupted, stolen or exploited by unauthorized users, otherwise known as threat actors. These threats can be external or internal and malicious or accidental in both origin and nature.
An effective security strategy uses a range of approaches to minimize vulnerabilities and target many types of cyberthreats. Detection, prevention and response to security threats involve the use of security policies, software tools and IT services.
Unfortunately, technological innovation benefits both IT defenders and cybercriminals. To protect business assets, companies must routinely review, update and improve security to stay ahead of cyberthreats and increasingly sophisticated cybercriminals.
IT security consists of two areas: physical and information.
Physical security
Physical security is the protection of people, hardware, software, network information and data from physical actions, intrusions and other events that could damage an organization and its assets. Safeguarding the physical security of a business means protecting it from threat actors, as well as accidents and natural disasters, such as fires, floods, earthquakes and severe weather. A lack of physical protection could risk the destruction of servers, devices and utilities that support business operations and processes. That said, people are a large part of the physical security threat.
Theft and vandalism are examples of human-initiated threats that require physical security solutions. A physical security breach doesn't necessarily require technical knowledge, but it can be just as dangerous as a data breach.
There are three parts to physical security:
- access control
- surveillance
- testing
The success of an organization's physical security program depends on effectively implementing, maintaining and updating each of these components.
Access control
Controlling access to office buildings, research centers, laboratories, data centers and other locations is vital to physical security. An example of a physical security breach is an attacker gaining entry to an organization and using a Universal Serial Bus (USB) flash drive to copy and steal data or put malware on the systems.
The goal of access control is to record, monitor and limit the number of unauthorized users interacting with sensitive and confidential physical assets. Access control can be as simple as barriers like walls, fences and locked doors. Identification badge and keycodes are also part of an effective physical access system. Physical identification is a great way to authenticate the identity of users attempting to access devices and areas reserved for authorized personnel.
More sophisticated access control methods include various forms of biometric authentication. These security systems use biometrics, or unique biological characteristics, to authenticate the identity of authorized users. Fingerprint and facial recognition are two examples of common applications of this technology.
Surveillance
Surveillance involves the technologies and tactics used to monitor activity in and around facilities and equipment. Many companies install closed-circuit television cameras to secure the perimeter of their buildings. These cameras act as both a deterrent to intruders and a tool for incident response and analysis. Cameras, thermal sensors, motion detectors and security alarms are only some examples of surveillance technology.
Testing
Testing is a reliable way to increase physical security. Companies that have strong security protocols test their policies to see if they need to be updated or changed. Such tests can include red teaming, where a group of ethical hackers try to infiltrate a company's cybersecurity protocols.