Review the video \"The Sparks Chronicles: Episode 1\" at the end of the Week 2 L

Question

Review the video "The Sparks Chronicles: Episode 1" at the end of the Week 2 Lecture. What conditions and vulnerabilities do you see at this facility that could threaten the organization's network and data? What physical security measures and procedures would you implement to enhance the security of the IT room?

Below is the transcript

The Sparks Chronicles Episode1 Transcript

Print

BILL: Hi-- you must be Jack Spark. I'm Bill, the plant manager here at Acme. Corporate feels that we should be proactive about assessing threats to our plants, so we called you to conduct a security survey.

JACK: Great. Why don't you show me around the facility?

BILL: We manufacture auto parts at this facility, and we ship parts across the US and Mexico. We also import supplies from all over the world. As you can see, we already have security measures in place, such as this fence.

JACK: Hmm.

BILL: This is our main entrance. As you can see, everyone is required to wear an ID at all times. This is our financial department, records department, and over there is the executive suite.

JACK: Hmm.

BILL: This is our IT department that basically keeps the whole place running. As you can see, we take a lot of precautions with this area. --and go home, but no. She wanted to go to Blockbuster and pick up something that was going to be $4 and-- and-- [LAUGH] it's going to be a chick flick, we're not going to like it, so we're just going to waste the money and then waste the night. Great. Thanks a lot, honey-- that's all I really want.

JACK: Hmm.

BILL: Well, that's about it. What do you think, Jack?

JACK: I think you've got your work cut out for you. Acme is vulnerable in several different areas. That fence around the perimeter couldn't keep my dog Fluffy out. You need a fence that is least seven feet tall, with a top guard that extends another foot. Plus, there's no proper signage saying that only authorized employees can enter. And your main entrance? A gorilla could walk right in the front door and no one would stop it. You need a real security guard there, checking IDs. Visitors will have to go through the guard, too. He confirms that the visitor is expected, signs them in, and then makes sure they are escorted to where they need to go. As for the interior of the building, a major vulnerability is the executive suite. There is nothing stopping an employee or an intruder from walking right into the CEO's office and accessing sensitive information. There should be a closed entrance to the upper level management, with key-card access control. And finally, the IT department. Let me ask you-- do you leave your front door open when you leave your house? Do you leave valuables in your car? I thought not. You said the IT department keeps this whole place running. So why are unauthorized people hanging out in there? Lots of things could go wrong. The computer room should be secured with card-access control. Signs should clearly state no unauthorized persons are allowed inside. Plus, you should have strategically placed cameras at all key points in the building, not just the IT department.

BILL: Wow. I had no idea we were so vulnerable.

JACK: No problem. It's all in a day's work. [DIGITAL PHONE RING] Gotta go.

Explanation / Answer

What conditions and vulnerabilities do you see at this facility that could threaten the organization's network and data?

---

Administrators normally find that putting together a security policy that restricts both users and attacks is time consuming and costly. Users also become disgruntled at the heavy security policies making their work difficult for no discernable reason, causing bad politics within the company. Planning an audit policy on huge networks takes up both server resources and time, and often administrators take no note of the audited events. A common attitude among users is that if no secret work is being performed, why bother implementing security.

There is a price to pay when a half-hearted security plan is put into action. It can result in unexpected disaster. A password policy that allows users to use blank or weak passwords is a hacker's paradise. No firewall or proxy protection between the organization's private local area network (LAN) and the public Internet makes the company a target for cyber crime.

Organizations will need to determine the price they are willing to pay in order to protect data and other assets. This cost must be weighed against the costs of losing information and hardware and disrupting services. The idea is to find the correct balance. If the data needs minimal protection and the loss of that data is not going to cost the company, then the cost of protecting that data will be less. If the data is sensitive and needs maximum protection, then the opposite is normally true.

2) What physical security measures and procedures would you implement to enhance the security of the IT room

#1: Lock up the server room

Even before you lock down the servers, in fact, before you even turn them on for the first time, you should ensure that there are good locks on the server room door. Of course, the best lock in the world does no good if it isn't used, so you also need policies requiring that those doors be locked any time the room is unoccupied, and the policies should set out who has the key or keycode to get in.

The server room is the heart of your physical network, and someone with physical access to the servers, switches, routers, cables and other devices in that room can do enormous damage.

#2: Set up surveillance

Locking the door to the server room is a good first step, but someone could break in, or someone who has authorized access could misuse that authority. You need a way to know who goes in and out and when. A log book for signing in and out is the most elemental way to accomplish this, but it has a lot of drawbacks. A person with malicious intent is likely to just bypass it.

A better solution than the log book is an authentication system incorporated into the locking devices, so that a smart card, token, or biometric scan is required to unlock the doors, and a record is made of the identity of each person who enters.

A video surveillance camera, placed in a location that makes it difficult to tamper with or disable (or even to find) but gives a good view of persons entering and leaving should supplement the log book or electronic access system. Surveillance cams can monitor continuously, or they can use motion detection technology to record only when someone is moving about. They can even be set up to send e-mail or cell phone notification if motion is detected when it shouldn't be (such as after hours).

#3: Make sure the most vulnerable devices are in that locked room

Remember, it's not just the servers you have to worry about. A hacker can plug a laptop into a hub and use sniffer software to capture data traveling across the network. Make sure that as many of your network devices as possible are in that locked room, or if they need to be in a different area, in a locked closet elsewhere in the building.

#4: Use rack mount servers

Rack mount servers not only take up less server room real estate; they are also easier to secure. Although smaller and arguably lighter than (some) tower systems, they can easily be locked into closed racks that, once loaded with several servers, can then be bolted to the floor, making the entire package almost impossible to move, much less to steal.

#5: Don't forget the workstations

Hackers can use any unsecured computer that's connected to the network to access or delete information that's important to your business. Workstations at unoccupied desks or in empty offices (such as those used by employees who are on vacation or have left the company and not yet been replaced) or at locations easily accessible to outsiders, such as the front receptionist's desk, are particularly vulnerable.

Disconnect and/or remove computers that aren't being used and/or lock the doors of empty offices, including those that are temporarily empty while an employee is at lunch or out sick. Equip computers that must remain in open areas, sometimes out of view of employees, with smart card or biometric readers so that it's more difficult for unauthorized persons to log on.

#6: Keep intruders from opening the case

Both servers and workstations should be protected from thieves who can open the case and grab the hard drive. It's much easier to make off with a hard disk in your pocket than to carry a full tower off the premises. Many computers come with case locks to prevent opening the case without a key.

You can get locking kits from a variety of sources for very low cost, such as the one at Innovative Security Products.

#7: Protect the portables

Laptops and handheld computers pose special physical security risks. A thief can easily steal the entire computer, including any data stored on its disk as well as network logon passwords that may be saved. If employees use laptops at their desks, they should take them with them when they leave or secure them to a permanent fixture with a cable lock, such as the one at PC Guardian.

Handhelds can be locked in a drawer or safe or just slipped into a pocket and carried on your person when you leave the area. Motion sensing alarms such as the one at SecurityKit.com are also available to alert you if your portable is moved.

For portables that contain sensitive information, full disk encryption, biometric readers, and software that "phones home" if the stolen laptop connects to the Internet can supplement physical precautions.

Related Questions

Navigate

• Browse (All)
• Browse R
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.