Is physical security overlooked in lieu of network security?

I would have to say yes. I think this is partly a technology issue. As information security managers think we can design a system that can be managed by technology. We sit in front of consoles and we feel secure. Physical security requires work that involves people, and not just machines and technology. This process involves education, awareness, and training of actual people. This is something most people in information security don’t like to do. With so much emphasis given to DLP these days, I suspect that physical security will have to be stepped up as well. Most companies I consult with, have separate physical and network security departments. The physical security aspects are never thought about by most network security architects, and in the cases it is, it’s an afterthought. Something else that can be fixed with technology, e.g. video cameras and biometrics.

This entry was posted on September 5, 2008 at 11:22 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response or trackback from your own site.