CyberGuard Compliance’s team of security professionals have years of experience, leverage the most advanced security tools, and lead the industry in security practices to provide a comprehensive set of physical breach testing services for our clients.
Physical Breach Testing Overview
Many businesses do an excellent job of protecting themselves against virtual threat with network and application cybersecurity testing. At the same time, they might overlook the risk of physical threats. Physical threats could include such common security incidents as having criminals pick locks, steal devices, or even convince an employee to let them inside a server room.
According to the National Center for Education Statistics, without strong physical security, no security professionals can claim to provide true information security or a good security posture. CyberGuard Compliance’s physical penetration testers know exactly how bad actors gain physical access to sensitive, secured areas, and they use this experience to provide recommendations to remediate problems.
In the world of cybersecurity, physical penetration tests point out some of the most common physical vulnerabilities for a company. Physical penetration tests are also referred to as “physical breach testing”. This is because these type of penetration tests identify opportunities to compromise the physical barriers of your company, including sensors, camera, and locks. The goal of this test is to identify weaknesses in your physical security controls. This is often done at important locations such as data centers, substations, or offices. Identifying these weaknesses and taking appropriate actions to remedy them will prevent unauthorized individuals from entering your premises and compromising assets.
CyberGuard Compliance’s physical breach testing meets or exceed the requirements for all well-known and established regulatory and compliance standards including PCI DSS, FISMA, MARS-E, HIPAA, Sarbanes-Oxley, ISO, and many more. Our methodology is based on the industry-accepted physical breach testing approach derived from the National Institute of Standards and Technology (NIST) These methodologies were then augmented by CyberGuard Compliance proprietary Penetration Testing Methodology.
Each physical breach test is initiated with a kickoff meeting to confirm the scope of the engagement, walk through our methodology, set the duration of the testing efforts, define clear communication and escalation plans, and schedule the actual physical breach test. The results of the kickoff meeting are compiled into a Rules of Engagement document that is used as the roadmap for the testing. All testing is performed onsite and may be performed at multiple locations including offices, data centers, and remote work centers.
CyberGuard Compliance has a team of experts who know exactly how criminals could gain access to physical locations and computer systems. Our process is custom tailored to each client’s unique environment and could include:
At the end of the physical breach test, we gather all the details, evidence, and recommendations to develop a custom-tailored physical breach report. We schedule a Zoom meeting to review the findings in detail with you and your technical team. This is a great opportunity for our team to provide training and guidance on physical security and cybersecurity deficiencies and remediation procedures. Based on the feedback from that meeting we finalize the report and deliver it via a secure file share.