Ensuring Data Security at Your Physical Layer – Part 1

Ensuring Data Security at Your Physical Layer – Part 1

Cybercriminals will find a way to exploit any vulnerability, and the aftermath can be disastrous for any organization. A 2018 study estimated the average cost of an enterprise network data breach at almost $4 million. Financial losses may only be the beginning as it may require several years until a company is able to regain its standing in the eyes of consumers and other businesses after a serious data breach.

These days modern buildings and facilities are becoming increasingly connected to enable IoT, PoE, and wireless connectivity solutions. Each connection is a potential opening to a company’s network. In order to prevent unauthorized access, an organization must secure each layer and secure every point of entry. Measures include application level encryption, firewalls, two-factor authentication, virtual private networks (VPNs), and physical layer security.

Network Infrastructure Targeted

Although it should be an integral aspect of an organization’s security strategy, physical layer infrastructure is often overlooked. This is because security implementation has been traditionally performed at a network’s higher, logical layers. However, as commercial building networks become increasingly integrated with all aspects of an enterprise, the physical layer is becoming a bigger target for cybercrime.

The party in command of a network’s routing infrastructure also controls the data that flows through it. As a result, concerns regarding network infrastructure security typically focus on the two types of unauthorized access below:

1) Unauthorized Access by Unauthorized Individual

The above is addressed by installing IP-connected cameras, access controls, occupancy sensors, and other security. Physical cabling security is implemented through secure patch cords, keyed connectors, and port blockers. AIM (Automated Infrastructure Management) solutions can also be deployed to detect and report unauthorized activities.

2) Unauthorized Access by Authorized Individual

Detection and prevention are both difficult because many security measures will be ineffective. However, AIM can be deployed for automatically detecting and reporting the installation of an unauthorized network device. Its location can be determined, and changes to the physical layer will be recorded as they occur.

Part 2 will discuss Recommendations for Implementation.

Alpha Engineering Business Support

Choosing an expert computer technology-support provider is an important decision for your business. Alpha Engineering Associates has been a trusted partner of many companies in the Washington, Baltimore and Annapolis areas since 1990. For affordable client-focused network consulting services and solutions, please call Alpha Engineering Associates today at (410) 295-9500.