Lesson 1: Assets

Concerns with Hardware Assets: Physical Security, Con't.

The case illustrates a few potential problems with physical security and hardware assets. Hardware assets house many of an organization's information assets, and as such need to be kept under tight lock and key. There are several questions that should be asked of your hardware assets to insure that good physical security is being practiced:

1. Where are your hardware assets located, and how are they stored?

For obvious reasons, location of your hardware assets is important. If, for instance, your company's server is sitting on the credenza in your lobby with a potted plant, stale donut and 16 day-old leaky Big Gulp sitting on top of it, physical security is lacking. Hardware assets must be placed in a safe environment, safe from natural disaster, accidents, and misuse. Different assets will have to be protected according to their function and the risk associated with them. In other words, a laptop will be protected in a different manner than a server or an infrastructure control system.

2. Who has access to your hardware assets, how is that access controlled, and is the access logged?

If you can adequately answer the above question about your hardware assets, then you are practicing good physical security. The use of monitoring devices, such as a video camera or vigilant, trusted employees, allows you to create a log of who has had access to your hardware assets. But these logs are insufficient by themselves. Also needed to protect your hardware assets are good "locks and doors"; both literally and figuratively. Keys, biometrics, passwords, lockdown devices for laptops, and watchful employees are all methods of controlling access to your hardware assets.

3. Do your hardware assets need a UPS?

Consider what happens during a power outage, a brownout, lightning strike, or surge. Not only can important information be lost forever, but hardware assets themselves can be significantly damaged if they are not protected. A UPS (uninterruptible power source) can help alleviate some of the issues that these might cause.

Click "Back" to learn more about concerns with hardware assets.