Physical Security Red Team
Physical Security Red Team
Many companies spend time and resources focusing on security controls to safeguard their computer networks from cyber threats. Because of this focus physical security often gets overlooked which can have significant implications. Therefore a Physical Security Red Team can help your security management team understand their vulnerabilities and save money by highlighting weaknesses.
Security breaches occur when a vulnerability in a system is realised by an attacker. This certainly could have a financial and reputational impact on a company. Hard assets or intellectual property may be stolen or damaged or personnel could be subject to physical attack.
Physical Security Infiltration Testing; How a red teaming can be essential to a company’s overall security.
Physical security infiltration testing, commonly known as red teaming or penetration testing, provides realistic overviews of the effectiveness of current security measures.
Primary objectives of a test include assessing the ability of current physical security measures to prevent infiltration by attackers. It will assess these measures to determine their efficacy and discover any vulnerabilities.
Red Teams are specialists that simulate these attacks. Eclectic Security’s red team is known as ESIT (Eclectic Security Infiltration Team). Each team member is highly trained and experienced in the techniques used by professional attackers to infiltrate secure environments.
ESIT will rigorously test the ability of an organisation’s existing security methods. Our Team will also determine if:
- Alarms, CCTV, locked doors, windows and other access control points can be bypassed.
- Areas of the facility are approachable without detection. (Blind spots with incorrectly installed CCTV is a common security issue at many establishments).
- Security policies are adhered to after the facility has closed for the day. Tests will be carried out at different times to give an accurate picture of the complete physical security system. Staff will be tested, especially any security personnel such as guards. All too often the weakest aspect of security is the human element.
- People who should not be in the building, are questioned on who they are, what they are doing and how they entered the facility..
- Penetration of the facility is possible and if so, how much can be accessed. If we manage to enter, we will determine whether it is possible to access secure files or other assets which should be securely locked away.
ESIT specialise in physically gaining entry into secure areas. We use a range of techniques commonly deployed by seasoned attackers and some less well known methods. All our team have former military backgrounds with a wide range of security skills. All team members have been fully trained as locksmiths and all specialise in non destructive entry techniques. Our team will also look for areas vulnerable to destructive entry techniques and will highlight them in our final report, however we will not employ destructive techniques during a test.
Who ESIT work with
We work with cyber security penetration testers who want to offer a professional physical security penetration test as part of their service. We also work alongside professional social engineers who specialise in the human factor of security.
By working with companies and individuals who focus on their specialist areas we offer a complete and robust assessment of any organisations’ complete security system.
Working with ESIT
Please contact us if you are a cyber penetration (Pen) tester or social engineer and would like to know more about ESIT or to discuss use of our services or working with us.