services

Physical Security Assessment

In today’s environment, analysis of the physical security of facilities and properties has become an even more critical aspect of an organization’s information security and business continuity planning. Foundstone addresses this requirement with a team of skilled experts who are able to blend their experience and expertise to focus on the critical aspects of physical security that impact an organization’s computing environment.

During an onsite assessment, our consultants perform physical inspections of facilities and operations. Foundstone begins each physical security review by gaining an understanding of the resources being protected and the perceived threat environment. Through interviews and limited reviews of local policies and procedures covering physical security operations, Foundstone gains an understanding of the level of protection desired and needed in a given location. Armed with this understanding, Foundstone conducts the review of the facility. Key areas assessed include:

  • Facility Security
    • Entry points
    • Data center
    • User and sensitive environments
    • Access control and monitoring devices
    • Guard personnel
    • Wiring closets
  • Internal Company Personnel
    • Control and accountability
    • Use of equipment
    • Security procedure compliance
    • Awareness
    • Use of break areas and entry points
  • External Visitor and Contractor Personnel
    • Control and accountability
    • Use of equipment
    • Security procedure compliance
    • Use of break areas and entry points
  • Computer Systems and Equipment
    • Workstations
    • Servers
    • Backup media
    • PDAs
    • Modems and physical access points (visual ID only)
  • Sensitive Information and Data
    • Control
    • Storage
    • Destruction

Foundstone does not conduct sweeps of the electronic spectrum to identify and isolate covert listening or transmission devices. We have relationships with several highly reputable firms that can provide this specialized service if requested.

We can expand on our overt assessment process through the use of covert red-team assessment techniques. These efforts include tactics such as social engineering, pretext entry, security systems bypass, device/Trojan planting, long range surveillance and other methods. Covert assessment is a secondary add-on package.

Foundstone’s physical security reviews are performed and analyzed in the context of your organization’s overall risk management strategy. The criticality of assets within the environment and the perceived threat environment directly affect the level of exposure that is classified as acceptable. By analyzing the combined factors of assets, threat, and exposure, Foundstone’s physical security review provides much more than a list of actionable security recommendations. We prioritize exposures and make recommendations to align physical security with your overall risk management strategy. This holistic view enables you to protect the right assets with the right level of security.

Click here to view a full datasheet about this service.

Contact us to learn how our security services can help you protect your most important assets today.

RFP Template

Foundstone has developed this Request for Proposal("RFP") template to help organizations identify and select a quality security vendor to perform professional services work.

> Download