The advent of physical security devices that connect to the Internet of Things (IoT) has been a boon for hackers who see them as an expansion of the attack surface and an abundance of vectors. This could be a problem for business owners who equip their offices with devices such as IP cameras, smart lighting systems, electronic locks, cloud printers, and many others.
When talking about information security, the attack surface refers to the size of the space that hackers aim to access. Vectors are points of entry within the attack surface. In an office workplace, the attack surface includes servers, workstations, network printers, routers, IoT devices, and all mobile devices that connect to a business data network.
In general, large attack surfaces with multiple vectors require stronger cyber security strategies that take into account physical security. If you are using IoT devices for security purposes, you have to ensure they are adequately protected and do not become a cyber security risk. At the same time, you must provide adequate cyber security to ensure your IoT devices do not become physical security risks.
Let's say an office manager installs a small network of IP surveillance cameras that she can access from her smartphone. If the servers that this network of security cameras connect to are breached, hackers will be able to remotely turn off the cameras, thus giving thieves an opportunity to break into the office without being recorded.
When SynchroNet technicians conduct a network security audit, they pay equal attention to both cyber and physical security issues that can compromise business operations. All fixed and mobile endpoints are evaluated in terms of how secure they are, and this includes treating printers, IP cameras, electronic locks, sensors, and alarms as potential attack vectors. The idea is to apply sufficient security so that endpoints do not become breaching points.
At SynchroNet, we believe in giving equal weight to cyber and physical security issues that can impact business operations. Our security audits aim to discover any vulnerabilities that hackers may seek to exploit in order to breach data networks through physical or cyber means.
With the current cyber threat environment, business owners cannot afford to ignore either cyber or physical security. One should not be given priority over the other, particularly in business workplaces where IoT devices are part of their physical security strategy. Should you have questions about the best practices you should be implementing to improve your cyber and physical security, please contact SynchroNet today.