Physical penetration testing plays an important role in assuring a company that the security policies are properly enforced and that the security awareness of the employees is on the appropriate level. In physical penetration tests the tester physically enters restricted locations and directly interacts with the employees to convince them to break a policy or provide credentials. The physical access and the direct interaction with the employees complicate the execution of the tests and have ethical, legal and safety implications.
When penetration testing is mentioned, the first thing management thinks of is trained security professionals behind their computers, hundreds of kilometers away, trying to penetrate the network of the company. And, in most cases they will be right. However, digital penetration tests are only one part of the whole story.
Read the whole story here