Physical Breach Testing

cgc_services_audits-and-assessment_social-engineering_1340x345

 

CyberGuard Compliance’s team of security professionals have years of experience, leverage the most advanced security tools, and lead the industry in security practices to provide a comprehensive set of physical breach testing services for our clients.

 

Physical Breach Testing Overview

Many businesses do an excellent job of protecting themselves against virtual threat with network and application cybersecurity testing. At the same time, they might overlook the risk of physical threats. Physical threats could include such common security incidents as having criminals pick locks, steal devices, or even convince an employee to let them inside a server room.

According to the National Center for Education Statistics, without strong physical security, no security professionals can claim to provide true information security or a good security posture. CyberGuard Compliance’s physical penetration testers know exactly how bad actors gain physical access to sensitive, secured areas, and they use this experience to provide recommendations to remediate problems.

In the world of cybersecurity, physical penetration tests point out some of the most common physical vulnerabilities for a company. Physical penetration tests are also referred to as “physical breach testing”. This is because these type of penetration tests identify opportunities to compromise the physical barriers of your company, including sensors, camera, and locks. The goal of this test is to identify weaknesses in your physical security controls. This is often done at important locations such as data centers, substations, or offices. Identifying these weaknesses and taking appropriate actions to remedy them will prevent unauthorized individuals from entering your premises and compromising assets.

 

OUR METHODOLOGY

CyberGuard Compliance’s physical breach testing meets or exceed the requirements for all well-known and established regulatory and compliance standards including PCI DSS, FISMA, MARS-E, HIPAA, Sarbanes-Oxley, ISO, and many more. Our methodology is based on the industry-accepted physical breach testing approach derived from the National Institute of Standards and Technology (NIST) These methodologies were then augmented by CyberGuard Compliance proprietary Penetration Testing Methodology.

 

OUR PROCESS

Each physical breach test is initiated with a kickoff meeting to confirm the scope of the engagement, walk through our methodology, set the duration of the testing efforts, define clear communication and escalation plans, and schedule the actual physical breach test. The results of the kickoff meeting are compiled into a Rules of Engagement document that is used as the roadmap for the testing. All testing is performed onsite and may be performed at multiple locations including offices, data centers, and remote work centers.

 CyberGuard Compliance has a team of experts who know exactly how criminals could gain access to physical locations and computer systems. Our process is custom tailored to each client’s unique environment and could include:

  • Reconnaissance and Mapping – The first step if to perform reconnaissance of every location in the scope of the engagement. Our team will map all possible entry and exit points. Criminals will often enter through an unsecured fire escape, window, or another little-used entry point. While mapping the perimeter, the security professionals will document existing security barriers, such as locks and cameras.
  • Evaluate Entry Mechanisms – Each type of entry mechanism will be evaluated in an attempt to duplicate the actions that a criminal might take to evade or get past these barriers. CyberGuard Compliance’s team are experts with electronic, key, and combination lock picking.
  • Check Network Jacks – Any accessible network jack outside the facility or inside common areas of the facility will be assessed. These network jacks are often active to provide a more flexible workspace allowing employees to use meeting and collaboration spaces that may not be behind secure doors.
  • Check Wireless Connections – All wireless access points will be analyzed for insecure configurations. Attempts will be made to clone wireless access points to gain critical credential information. Once obtained, our team will be able to access company wireless assets for additional attacks.
  • Social Engineering and Tailgating – CyberGuard Compliance will perform social engineering to gain vital information about the business and its staff. This information can be used to gain entry directly or indirectly. One method of entry is tailgating, where our team member asks someone to hold the door because their hands are full. With a fake badge, and arm full of boxes, and being dressed like everyone at the company will allow easy tailgate access.
  • Bypassing Cameras and Sensors - Another attack vector common to physical breach tests are the cameras and sensors. Cameras and sensors are used to detect individuals in restricted areas of your physical operations, and to identify those who have compromised primary security installations like doors. CyberGuard Compliance will leverage any misconfigured or disabled cameras or sensors to ensure their presence is undetectable.

At the end of the physical breach test, we gather all the details, evidence, and recommendations to develop a custom-tailored physical breach report. We schedule a Zoom meeting to review the findings in detail with you and your technical team. This is a great opportunity for our team to provide training and guidance on physical security and cybersecurity deficiencies and remediation procedures. Based on the feedback from that meeting we finalize the report and deliver it via a secure file share.