Skip to main content
Navigating Physical Security in a Remote Team Environment
In this blog, our team of Cyber Operations Analysts shares their insights from recent physical penetration testing engagements to help organizations navigate their physical security in this new and evolving threat landscape.

Remote teams have presented new security challenges for businesses across the globe. Among these challenges is maintaining security over physical buildings and their assets, despite a scaled-down in-office team.

How have physical penetration tests changed for organizations with a largely remote workforce?

With recent engagements, typically, there are not as many people on-site, so in those cases, it can be a lot easier to walk around unnoticed because no one is there to see you. So as long as we do our bypass techniques, we can go in and remain unseen in the building.

Another thing that we have noticed is that not as many people are challenging our presence. We hypothesize that this may be due to people being out of the office for so long and assuming that we are new hires they just haven't met yet.

What new vulnerabilities have arisen from scaled-down in-office teams?

With smaller in-office teams, often, there are not as many people to notice everything that's going on, and so it's kind of easier to slip through the cracks and not be detected by a smaller in-office team. There is a perception that if a person is inside a secure company building, they are seen as a trusted entity. However, as we know, this is not always the case.

Why do organizations still need to think about protecting their physical perimeter?

Most people don't want to think about the possibility of someone breaking into their facility because a building is supposed to be a safe place where people feel welcome. So the thought of someone breaking in and doing bad things isn't something that we always want to have at the forefront of our minds, but it is something that happens. For instance, an organization may have four doors with cameras on all four doors and conclude that they are protected, forgetting that an attacker doesn't think that way.

An attacker will see the cracked window, a roof access ladder on the exterior of the building, and any conventional or unconventional means of accessing the building. When we think only about doors as a means of coming and going from a building, we limit the level with which we can secure ourselves. This is why it is essential to think outside the box with an attacker mindset to become more secure.

Once inside, the opportunities for attacks are seemingly endless and allow for 'leave-behind' methods that enable us to sprinkle USB thumb drives loaded with malware and disguised plug-in devices that call back to our servers even after we have long since left the building.

No cybersecurity professional would claim to provide true information security with effective security controls without strong physical security. A Physical Penetration Test with RedTeam Security will help you better understand your risks, expose physical security vulnerabilities, and provide remediation suggestions to improve your overall security program. Schedule a consultation with our team, or request a customized quote for a true assessment of your physical security risk. 

Test Your Physical Security Perimeter Today
Contact UsContact Us

Get a Customized Proposal

Use our Scoping Questionnaire to provide us with the necessary information to put together a proposal for you. Please be as thorough as possible with your responses, as it helps us ensure an accurate and complete proposal.
If you're interested in application penetration testing, you may find this article helpful when formulating your responses: Understanding Application Complexity For Penetration Testing.

If you have any questions, contact us at (952) 836-2770 or schedule a meeting. We will follow up promptly once we receive your responses. We look forward to speaking with you soon.

Having trouble viewing the Scoping Questionnaire? Check to see if an ad-blocker is keeping the page from loading properly.

Dedicated Client Portal

Interact in real-time with your RedTeam security professionals on our user-friendly client portal and see firsthand as the team closes in on your company data.

Certified Security Experts

Our trusted security professionals hold certifications from the leading industry organizations, including OSCP, CASS, CPT, CISSP and more.

Research-Focused Approach

We hold industry-leading certifications and dedicate part of every day to research the latest exploit techniques to ensure our clients remain protected from evolving online attacks.

Free Remediation Testing

Once your team addresses remediation recommendations, RedTeam will schedule your retest at no additional charge.