Physical Security

Physical security encompasses the measures taken to protect facilities, equipment, and personnel from physical threats — unauthorized physical access, theft, vandalism, natural disasters, and environmental hazards. In cybersecurity, physical security is a critical layer because physical access to systems often bypasses technical controls entirely.

Physical security measures include access controls (badge readers, locks, guards), surveillance (cameras, monitoring), environmental controls (fire suppression, climate control), visitor management, and secure areas for sensitive equipment and data storage.

Why It Matters

Physical protection is a CMMC domain with specific requirements for controlling physical access to systems that process CUI. An attacker with physical access to your server room can bypass your best technical controls — physical security cannot be overlooked.

Related Resources

NIST 800-53: AT-3(2)