The organization must have physical barriers (doors, fences, walls, etc.) required to safeguard logical and physical information assets.
HIPAA Security Rules 164.310(a)(2)(ii): Facility Security Plan: Implement policies and procedures to safeguard the facility and the equipment therein from unauthorized physical access, tampering, and theft
Start with Fluid Attacks
We are a proud corporate member of the OWASP Foundation