If anyone can wander into your server room, if you have network ports in public spaces, or if your building access control is substandard, you have a huge hole in your network security. Unrestricted physical access to a network is a much larger security threat than is generally appreciated because, if a person has physical access to a device, there is almost always a way to take control of it or to get data out of it. The fastest way into a network is not through the firewall, but through a USB port on an unattended workstation. Your most dangerous information thief may not be a faraway hacker, but one of the cleaning staff inside your building.
This’s why it’s important to secure your hardware—a lost laptop, an open USB port, or a simple network tap can be a conduit for quick and devastating data loss that no firewall can prevent. Today’s digital printer/copiers store copies of pages, so it’s essential to scrub their memories before they leave your premises when they reach the end of their service life. Think also about the paper generated and make sure that sensitive printouts are destroyed before they’re discarded.
There are many ways to ensure the physical security of your network, from simple port locks to sophisticated remote monitoring systems. At minimum, doors and cabinets should be kept locked and laptop computers secured. Biometric locks add an extra layer of security. Video surveillance has become so practical and inexpensive that there’s no reason not to use it in secure areas.