Archive for Physical Security

Information and security – the basics haven’t changed

We still use the term Information Technology, or just IT, but what is more complex – managing information or managing technology?  In my estimation, technology is now just a commodity, and managing “Technology” is not rocket science. Information, or more directly managing, securing, and controlling Information, is becoming increasingly more complex.

Going back before the computer age, enterprises operated without much automated technology, but they did use information. Getting back to basics, there have always been business processes, and every business process is in some way tied to information.  Business, or the enterprise has always been in the simplest of terms, tied to business processes that drive services provided to clients, employees, and other stakeholders. No matter how you look at it, every business process is tied to information in one way or another.

Read more

The importance of physical security

It makes no difference what Operating System (OS) you run, Windows, Linux, BSD, or OSX, if someone has access to your computer (or server), password security is meaningless.  Every OS has the possibility of resetting the administrative password.

This does make some sense, as often computers or servers are set-up, run an application or service for an extended period of time, and potentially become “orphans” in the enterprise.  Put another way, the person who did the original set-up has moved on, let go, or simply forgot how the device was configured.

Read more