SID-PHY-02 — Equipment and Media Security
| Property | Value |
|---|
| Status | to_do |
| Owner | operator |
| Category | physical |
| CSF Function | protect |
| Group | Physical Security Controls |
Description
Secure siting and protection of equipment (servers, HSMs, network
devices). Security of assets off-premises (mobile devices, backup
media). Storage media handling and secure disposal/re-use. Equipment
maintenance with authorized service providers only. Clear desk and
clear screen policies.
Components
- WSCA / HSM
- PostgreSQL Database
Audit Findings
| Finding | Severity | Status |
|---|
| ISO-PH-2 — Partial storage media controls | low | open |