Skip to contentCYBERINFO
|

Control 7.12 : Cabling Security

Summary

Power and telecommunications cabling carrying data or supporting information services should be protected from interception, interference, or damage. This covers the physical routing of cables as well as the security of the points where they terminate.

Applicability

In-Scope: Critical for preventing unauthorized data interception (wiretapping) or accidental network disconnects. It is especially relevant for cabling located in public or shared building spaces.

Out-of-Scope: Only applicable if the organization utilizes 100% wireless communication with no physical patch panels, switches, or server racks.

Implementation Guidance

Microsoft 365 / Entra ID

  • Physical Protection: Ensure that all network cabling is housed in secured conduits or locked cable trays that are not accessible from public hallways or common suspended ceilings.

  • Port Security: Use Microsoft Intune and network hardware configurations to disable unused physical Ethernet ports in common areas, preventing unauthorized devices from joining the internal network.

  • Separation: Maintain strict physical separation between power cables and data cables to prevent electromagnetic interference (EMI) that could degrade network performance or corrupt data.

Evidence Checklist

  • Cabling Diagram: A professional map showing the routing of power and data cables throughout the facility and their termination points.

  • Security Standards: Documented requirements for how cables must be terminated and secured, such as the use of locked patch panels and racks.

  • Inspection Records: Logs of periodic physical checks to ensure conduits, racks, and cabinets remain sealed and tamper-free.

Practical Audit Advice

Here are some questions the auditor might ask:

  • Are your network patch panels and core switches located inside a restricted-access room or a locked security cabinet?

  • How do you prevent an unauthorized person from plugging a rogue device into an active Ethernet port in the reception area or a conference room?

  • Are data cables clearly labeled and physically separated from power lines to avoid interference and accidental maintenance errors?

  • In shared office buildings, how do you verify that your cabling is not accessible by other tenants in shared risers or basement utility rooms?