The type of security illustrated in this example is a combination of physical security, authentication, and data encryption.
- The intruder physically breaks into the office and steals a hard drive, which is a breach of physical security measures designed to prevent unauthorized physical access to devices containing sensitive data
- When the intruder attempts to access the stolen hard drive, they encounter the company’s authentication protocols. Authentication controls access by verifying the identity of users before allowing access to data, ensuring only authorized users can unlock the drive’s contents
- Additionally, the data on the hard drive is protected by encryption , which transforms the data into an unreadable format (ciphertext) that can only be decrypted and accessed with the correct cryptographic keys. This protects the data even if the physical device is stolen
Together, these layers represent a layered defense strategy where physical security prevents theft, authentication restricts access, and encryption ensures data confidentiality even if access controls are bypassed. This approach is typical in protecting sensitive business information against unauthorized access after a physical breach
