Physical Penetration Testing
The most basic form of Information Security is physical security. A failure of any physical security control can immediately result in the theft of equipment, stock, data, a laptop, provide access to an internal network or even access to a data centre.
Physical Penetration Testing can include:
- Attempting to gain access to critical infrastructure or Executive area in a Control Centre and/or Service Centre;
- Attempting to gain access to any satellite facilities/branches.
In its simplest form, a person attempting to gain access to your facility may do so by Tailgating, (similar to Piggybacking) it is one of the simplest means to compromise physical security. It may be as simple as following somebody through a door meant to keep out intruders. Tailgating is actually a form of social engineering, whereby someone who is not authorised to enter a particular area does so by following closely behind someone who is authorised.
Physical Penetration Testing Options
Dependent upon you the client and your objectives, we can employ various Physical Penetration Testing techniques. Our Physical Penetration testing is intended to provide you with an accurate assessment of the physical security controls and can include:
- Physical security perimeter (e.g., fencing, car barriers)
- Physical entry control
- Guard posts/patrols
- Mechanical (gates, doors, locks, etc.)
- Electronic (key cards-magnetic, RFID, proximity, etc.; biometrics; etc.)
- Surveillance/Monitoring Techniques (e.g., Cameras/CCTV)
- Deterrents
- Alarms
- Security Lighting
- Intrusion Detection/Motion Sensors
- Office/desktop security
- Logging/Auditing
- Security of equipment off-premises