- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
Data Center Physical Security Checklist
- Abstract
- This paper will present an informal checklist compiled to raise awareness of physical security issues in the data center environment. Information Security Specialists should use this checklist to ascertain weaknesses in the physical security of the data centers that their organization utilizes. In a "Defense-in-Depth" security model, physical threat vectors are often the most vulnerable and overlooked (Schneier, 284). Physical penetration offers the hacker or malicious user access to sensitive data with less technical acumen making it a tempting attack method (Schwartau, 112). Social engineering, Shoulder surfing and physical access to console ports are all facilitated (118-119). Dumpster diving by definition involves a breach of physical security. People are not the only physical threat. Disaster recovery also falls under the purview of physical security. In other words, e-mail should not be lost because there is a flood in the basement (Mason, 1).