Physical security is an oft-overlooked component of data and system security in the technology world. You can have the most hardened servers and network but that doesn't make the slightest difference if someone can gain direct access to a console keyboard or, worse yet, march your hardware right out the door. While numerous ratings and standards exist in order to classify specific security hardware, many of these standards are ill-defined and poorly-understood. Do you know what makes a ‘hardened’ or ‘contractor grade’ lock special? What does the phrase ‘high security’ signify on hardware packaging? As it turns out, many of these terms are just for show... but Deviant will walk you step-by-step through some distinct and easy-to-follow examples of how low-grade locks can fail as well as how to clearly identify quality equipment. Additionally, we will cover the more difficult matter of hardware purchase decisions at the highest levels... fine distinctions such as which locks belong on the CEO's office versus which ones to use on your server rooms. Every situation calls for something a bit different, and those differences add up when you're spending $100 or more per lock. Make your money count and keep your budget, and your data, secure. outline: Introduction Weaknesses of Basic Locks Picking and Raking Shimming Bump Keying One Step Up - Pick Resistant and Commercial Locks Advanced Keyways Un-Shimmable Padlocks Pick Resistant Pins Basic Bump Resistance The Next Step - High Security Locks Side Pins Side Bars Rotating Disks The Highest Grade - Unpickable Locks Abloy Protec Rotating Disk Magnetic Locks (Evva MCS) Discussion of Safes Destructive Entry vs. Non-Destructive The Four Types of Lock Basic Resistant High Security Unpickable Where they are appropriate A Word About Forensics (if there's time) Which Locks are Which Direct Examples of these higher grades of lock