Sunday, July 22, 2007

Physical Security and e-Dumpster Diving

Physical security is the easiest part of IT security to overlook. And that makes sense. It isn't very sexy, and it isn't very technical -- on the surface. It's about locks and keys, secured rooms and video cameras, not firewall settings, secure application code, encryption or authentication.

Interestingly enough, in some places the two are slowly merging. Look at biometrics or HSPD-12, a US government initiative to require Smart Cards for both physical access to federal facilities and logical access to its computers.

CSO magazine ran an interesting piece last month about physical security at Starbucks and Computer World had an equally interesting article about dumpster divers now looking for old computer equipment with data. It used to be that dumpster divers just looked for plain old paper trash to steal information.

I also made this point in Chapter 5 of my book, The Little Black Book of Computer Security.

0 Comments:

Post a Comment

<< Home