Information Security Lesson 10 - Operational Security - Eric Vanderburg
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Information Security Lesson 10 - Operational Security - Eric Vanderburg

on

  • 235 views

Information Security Lesson 10 - Operational Security - Eric Vanderburg

Information Security Lesson 10 - Operational Security - Eric Vanderburg

Statistics

Views

Total Views
235
Views on SlideShare
235
Embed Views
0

Actions

Likes
0
Downloads
14
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Information Security Lesson 10 - Operational Security - Eric Vanderburg Presentation Transcript

  • 1. Information Security Chapter 10 Operational Security Information Security © 2006 Eric Vanderburg
  • 2. Physical Security • Often overlooked • Securing devices – Remove or disable I/O hardware – Lock servers in the rack – Biometrics • Server room /wiring closet Information Security © 2006 Eric Vanderburg
  • 3. Locks • Preset lock (key-in-knob lock) – automatically locks when it is closed. • Deadbolt – harder to break – requires key to lock and unlock • Cipher lock – button combination lock. It can also work at certain times (more expensive) • Securing keys – – – – – – – Track when keys are issued Issue keys to authorized people Inspect locks regularly Change locks when keys are lost Master keys should not be easily identified as a Master Lock up unused/spare keys Mark “Do not duplicate” on Master keys and remove the serial number so they cannot be reordered Information Security © 2006 Eric Vanderburg
  • 4. Physical Security • Suspended ceiling – metal grid with ceiling tiles • HVAC (Heating Ventilation and Air Conditioning) – ducts that can be used to gain building access. • Exposed door hinges – Hinges should be be on the inside so that the pins cannot be removed from the outside. • Provide adequate lighting • Monitor dead end corridors • Minimize the number of entry points • Post guards at secure locations or checkpoints • Install cameras Information Security © 2006 Eric Vanderburg
  • 5. Social Engineering • Train employees • Define what information is to be given out • People entering the facility should be preapproved and escorted through the building Information Security © 2006 Eric Vanderburg
  • 6. Wireless • • • • • • Site surveys Reposition APs Adjust signal strength Change antenna type from omni to patch or yagi Use a different frequency (802.11b/g  802.11a) Make structural changes – Ground interior studded walls – Use metal windows treatments – Use thermally insulated glass with a copper film for windows – Use metallic doped paints on walls – Line network closets with aluminum sheeting or chicken wire. Information Security © 2006 Eric Vanderburg
  • 7. Wired Signals • Interferrence – EMI (Electromagnetic Interference) – motor or lights – RFI (Radio Frequency Interference) – RF waves that conflict with the signal in the cable – NEXT (Near End Crosstalk) – One wire causes interference for another wire • Attenuation – Signals decrease in strength over time – Regenerate the signal • Equipment can be used to attempt to capture information traveling along a wire. Information Security © 2006 Eric Vanderburg
  • 8. Shielding • TEMPEST (Telecommunications Electronics Material Protected from Emanating Spurious Transmissions) – Standard for stopping other from picking up stray RFI or EMI signals from components – Applies to an entire system • Faraday cage – metallic mesh enclosure that is grounded to prevent electromagnetic radiation from escaping or entering (used much in testing of equipment) Information Security © 2006 Eric Vanderburg
  • 9. Fire • Extinguishers • Automated systems – Sprinklers – Dry chemical systems – Clean agent systems Information Security © 2006 Eric Vanderburg
  • 10. Business Continuity • A plan that explains how business will continue when problems occur. • BCP (Business Continuity Plan) – – Identify the goals of the business (these must be maintained) – Formulate continuity strategies – changes that occur now for each event – Develop a response – what should be done in each case – Test the plan – run through a scenario/drill Information Security © 2006 Eric Vanderburg
  • 11. Continuity Planning • Largest issue is power – UPS (Uninterruptible Power Supply) – Notify administrators of power outages – Notify users to log off – Prevent new users from logging on – Disconnect users and shut down Information Security © 2006 Eric Vanderburg
  • 12. Redundancy • RAID (Redundant Array of Inexpensive Disks) – RAID 0 – RAID 1 – RAID 5 – RAID 0+1 – RAID 10 • Backups Information Security © 2006 Eric Vanderburg
  • 13. Disaster Recovery • DRP (Disaster Recovery Plan) – Plan for how to deal with and recover from a catastrophic event – Purpose – Recovery team – who directs the plan – Preparation – what is done on a regular basis – Emergency Procedures – when the disaster happens – Recovery Procedures – after the disaster Information Security © 2006 Eric Vanderburg
  • 14. Recovery • Hot Site – All equipment necessary – Live communication links – Fully replicated • Cold Site – Office space but no equipment • Warm Site – Equipment is installed but communication must be enabled – Recovered up to the last backup applied Information Security © 2006 Eric Vanderburg
  • 15. Acronyms • • • • • • • BCP, Business Continuity Plan DRP, Disaster Recovery Plan EMI, Electromagnetic Interference NEXT, Near End Crosstalk RFI, Radio Frequency Interference RAID, Redundant Array of Independent Disks TEMPEST, Telecommunications Electronics Material Protected from Emanating Spurious Transmissions • UPS, Uninterruptible Power Supply Information Security © 2006 Eric Vanderburg