SlideShare a Scribd company logo
1 of 40
Download to read offline
MODULE 4MODULE 4
PHYSICAL SECURITYPHYSICAL SECURITY
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 2/40
What Is the Need for Physical Security?What Is the Need for Physical Security?
 To prevent any unauthorized
access to computer systems
 To prevent tampering/stealing
of data from computer systems
 To protect the integrity of the
data stored in the computer
 To prevent the loss of
data/damage to systems
against any natural calamities
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 3/40
Physical Security Checklist
 Company surroundings
 Premises
 Reception
 Server
 Workstation area
 Wireless access points
 Other equipment, such as fax, and
removable media
 Access control
 Computer equipment maintenance
 Wiretapping
 Remote access
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 4/40
Physical Security Checklist: Company
Surroundings
 The entrance to the company
premises should be restricted to
only authorized access
 The following is the checklist for
securing the company
surroundings:
 Fences
 Gates
 Walls
 Guards
 Alarms
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 5/40
Gates
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 6/40
Security Guards
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 7/40
Physical Security Checklist: Premises
 Premises can be protected by the
following:
 Checking for roof/ceiling access through
AC ducts
 Use of CCTV cameras with monitored
screens and video recorders
 Installing intruder systems
 Installing panic buttons
 Installing burglar alarms
 Windows and door bars
 Deadlocks
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 8/40
CCTV CamerasCCTV Cameras
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 9/40
Physical Security Checklist: Reception
 The reception area is supposed to be a busier area
than other areas of the firm with the number of
people entering and exiting
 The reception area can be protected by the
following:
 Files and documents, removable media, etc. should
not be kept on the reception desk
 Reception desks should be designed to discourage
inappropriate access to the administrative area by
non-staff members
 Computer screens should be positioned in such a way
that people cannot observe the screen near the
reception desk
 Computer monitors, keyboards, and other equipment
at the reception desk should be locked whenever the
receptionist is away from the desk and they should be
logged off after office hours
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 10/40
Reception
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 11/40
Physical Security Checklist: Server
 The server, which is the most important
factor of any network, should be given a high
level of security
 The server room should be well-lit
 The server can be secured by the following
means:
 Server should not be used to perform day-to-
day activities
 It should be enclosed and locked to prevent
any physical movement
 DOS should be removed from Windows
Servers as an intruder can boot the server
remotely by DOS
 Disable booting from the floppy disk and CD-
ROM drives on the server or, if possible,
avoid having these drives onthe server
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 12/40
Server RoomServer Room
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 13/40
Physical Security Checklist:Workstation
Area
 This is the area where a majority of
employees work
 Employees should be educated
about physical security
 The workstation area can be
physically secured by taking the
following steps:
 Use CCTV
 Screens and PCs should be
locked
 Workstation layout design
 Avoid removable media drives
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 14/40
Physical Security Checklist: Wireless Access
Points
 If an intruder successfully connects to the
firm’s wireless access points, then he is
virtually inside the LAN like any other
employee of the firm
 To prevent such unauthorized access, the
wireless access points should be secured
 The following guidelines should be
followed:
 WEP encryption should be followed
 SSID should not be revealed
 Access points should be password protected
to gain entry
 Passwords should be strong enough so that
they cannot be easily cracked
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 15/40
Physical Security Checklist: OtherPhysical Security Checklist: Other
EquipmentEquipment
 Other equipment, such as fax, and
removable media should be secured
by following these steps:
 Fax machines near the reception area
should be locked when the receptionist
is not at the desk
 Faxes obtained should be filed properly
 Modems should not have auto answer
mode enabled
 Removable media should not be
placed in public places, and corrupted
removable media should be physically
destroyed
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 16/40
Physical Security Checklist: Access
Control
 Access control is used to prevent
unauthorized access to any highly
sensitive operational areas
 The types of access controls are:
 Separation of work areas
 Biometric access control
 Entry cards
 Man traps
 Faculty sign-in procedures
 Identification badges
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 17/40
Physical Security Checklist: Biometric
Devices
 According to www.whatis.com “Biometrics is the science and
technology of measuring and statistically analyzing biological
data”
 Biometric devices consist of a reader or scanning device,
software that converts the scanned information into digital form,
and a location for the data to be analyzed; for instance a
database that stores the biometric data for comparison with
previous records
 The following methods are used by biometric devices for
access control:
 Fingerprints
 Face scan
 Iris scan
 Voice recognition
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 18/40
Biometric Identification TechniquesBiometric Identification Techniques
Physiological Biometric Techniques
 Fingerprinting
 Ridges and furrows on the surface
of a finger are used to identify a
person, which are unique
 Iris Scanning
 Analyzes the colored part of the eye
suspended behind the cornea
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 19/40
Biometric Identification TechniquesBiometric Identification Techniques
 Retinal scanning
 Identifies a person by analyzing the
layer of blood vessels at the back of
the eye
 Vein Structure
 Thickness and location of veins are
analyzed to identify person
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 20/40
Physical Security Checklist: Smart Cards
 A smart card is a plastic card about
the size of a credit card, with an
embedded microchip that can be
loaded with data. This data can be
used for telephone calling, electronic
cash payments, and other
applications, and then periodically
refreshed for additional use
 A smart card contains more
information than a magnetic strip
card, and can be programmed for
different applications
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 21/40
Physical Security Checklist: Computer
Equipment Maintenance
 Appoint a person who will be responsible for looking
after the computer equipment maintenance
 Computer equipment in a warehouse should also be
accounted for
 The AMC company personnel should not be left alone
when they come for the maintenance of the computer
equipment
 The toolboxes and the bags of the AMC company
personnel should be thoroughly scanned for any
suspicious materials that could compromise the
security of the firm
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 22/40
Physical Security Checklist: Wiretapping
 According to www.freesearch.com
wiretapping is the action of secretly
listening to other people’s
conversations by connecting a
listening device to their telephone
 According to www.howstuffworks.com,
“wiretap is a device that can interpret
these patterns as sound”
 You can do few things to make sure
that no one is wiretapping:
 Inspect all the data carrying wires
routinely
 Protect the wires using shielded cables
 Never leave any wire exposed
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 23/40
Physical Security Checklist: Remote
Access
 Remote access is an easy way for an employee of a
firm to work from any place outside the company’s
physical boundaries
 Remote access to the company’s networks should be
avoided as much as possible
 It is easy for an attacker to remotely access the
company’s network by compromising the employee’s
connection
 The data being transferred during the remote access
should be encrypted to prevent eavesdropping
 Remote access is more dangerous than physical
access as the attacker is not in the vicinity, and the
probability of catching him is less
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 24/40
Locks
 Locks are used to restrict physical access to an asset
 They are used on any physical asset that needs to be
protected from unauthorized access, including doors,
windows, vehicles, cabinets, and equipment
 Different levels of security can be provided by locks
depending on how they are designed and
implemented
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 25/40
Locks
 Locks are either mechanical or electrical:
 Mechanical Locks – Mechanical locks have moving
parts that operate without electricity
 Electric Locks - Electric locks are comprised of
electronic devices with scanners that identify users and
computers that process codes
 Electric locks consist of the following types:

card access systems

electronic combination locks

electromagnetic locks

biometric entry systems
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 26/40
Locks
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 27/40
Lock Picking
 The art of unlocking a lock
without the use of its key
 Preventing lock picking:
 Use a better quality of lock
 Do not give the keys to
anyone, as key imprints
can be taken for making a
duplicate key
 Do not reveal the lock
codes
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 28/40
Lock Picking Tools
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 29/40
Information Security
 Hierarchical view to secure
information:
 Password protection / Complex
passwords
 Encrypted File System
 Anti virus software
 Firewalls
 Intrusion detection systems
 Patches and Updates
 Lock down unwanted ports /
devices
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 30/40
EPS (Electronic Physical Security)
 An integrated application of a number of electronic
security systems
 EPS includes:
 Addressable fire detection systems
 Automatic gas suppression systems
 CCTV systems (IP Networks, Matrix Switchers, DVR
camera specifications, etc.)
 RFID-Biometric- Smart Card Access Control Systems
 Intrusion Detection Systems
 Scanners, Xray/ Gamma Scanners, Sniffers
 Guarding Equipment and Guarding Plan
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 31/40
Wireless Security
 Wireless Security Measures
 Checking the wireless traffic
 Enabling WEP/WPA on the
wireless network
 MAC address control
 End-to-end encryption
 VPN (Virtual Private Network)
 Access points evaluation
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 32/40
Spyware Technologies
 Hidden cameras, voice recorders
and spy cameras carried by your
employees can defeat your
physical security policy
 Categories:
 Video Recorders
 Audio Devices
 Bug Detectors
 Home Security
 Spy Gear
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 33/40
Spying Devices
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 34/40
Spying Devices
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 35/40
Spying Devices
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 36/40
Spying Devices
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 37/40
Physical Security: Lock Down USB Ports
 Administrators secure their networks behind firewalls by
 installing email filters on their SMTP servers
 installing anti-virus software on all client workstations
 Sometimes, it may not assure guaranteed protection against
the stealing of data
 What if the intruder carries his own USB memory sticks and
connects them to the computers at their office?
 In a fraction of a second, an intruder can steal all the business
information needed for establishing his own company where he
can get the customer database
 USB stick can be used to:
 Hold an entire company's vital data
 Compromise the network with an infected stick
 To prevent the above situations, there is a need for the
administrator to lock down the USB ports
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 38/40
Tool: DeviceLock (www.devicelock.com)
 Device Lock is a device control solution to
safeguard network computers against internal
and external attacks
 Using Device Lock:
 Network administrators can lock out
unauthorized users from USB
 Administrators can control access to any
device like floppies, serial and parallel ports,
Magneto-Optical disks, CD-ROMs, ZIPs, USB
 Generate a report concerning the permissions
that have been set
 Provide a level of precision control over device
resources unavailable
 Grant users temporary access to USB devices
when there is no network connection
 Control the system remotely using the
centralized management console
 Generate a report displaying the USB,
FireWire and PCMCIA devices
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 39/40
Blocking the Use of USB Storage Devices
Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 40/40
Track Stick GPS Tracking Device
 Track Stick records its own location, time,
date, speed, heading, and altitude at
preset intervals
 It can store months of travel information
 It receives signals from 24 satellites
orbiting the Earth, where it can calculate
its own position anywhere to within 15
meters
 Advantages:
 If the laptop is stolen, this device is able to
keep track of its location, so that it is
found easily
 Tells you how long the “target” has stayed
in one place

More Related Content

What's hot

Physical Security Presentation
Physical Security PresentationPhysical Security Presentation
Physical Security PresentationWajahat Rajab
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptOoXair
 
The difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information SecurityThe difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information SecurityPECB
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingWilliam Mann
 
Physical Security Assessment
Physical Security AssessmentPhysical Security Assessment
Physical Security AssessmentGary Bahadur
 
Physical Security Assessment
Physical Security AssessmentPhysical Security Assessment
Physical Security AssessmentFaheem Ul Hasan
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodologyPiyush Jain
 
Physical security
Physical securityPhysical security
Physical securityDhani Ahmad
 
New Hire Information Security Awareness
New Hire Information Security AwarenessNew Hire Information Security Awareness
New Hire Information Security Awarenesshubbargf
 
7. physical sec
7. physical sec7. physical sec
7. physical sec7wounders
 
Network Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information SecurityNetwork Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information SecurityEryk Budi Pratama
 

What's hot (20)

Incident response
Incident responseIncident response
Incident response
 
Physical Security Presentation
Physical Security PresentationPhysical Security Presentation
Physical Security Presentation
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
 
The difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information SecurityThe difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information Security
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Security Site Surveys and Risk Assessments
Security Site Surveys and Risk AssessmentsSecurity Site Surveys and Risk Assessments
Security Site Surveys and Risk Assessments
 
Physical Security Assessment
Physical Security AssessmentPhysical Security Assessment
Physical Security Assessment
 
Physical Security Assessment
Physical Security AssessmentPhysical Security Assessment
Physical Security Assessment
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodology
 
6 Physical Security
6 Physical Security6 Physical Security
6 Physical Security
 
Physical security
Physical securityPhysical security
Physical security
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
8 Access Control
8 Access Control8 Access Control
8 Access Control
 
New Hire Information Security Awareness
New Hire Information Security AwarenessNew Hire Information Security Awareness
New Hire Information Security Awareness
 
Physical Security.ppt
Physical Security.pptPhysical Security.ppt
Physical Security.ppt
 
SECURITY AWARENESS
SECURITY AWARENESSSECURITY AWARENESS
SECURITY AWARENESS
 
7. physical sec
7. physical sec7. physical sec
7. physical sec
 
Network Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information SecurityNetwork Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information Security
 
Physical Security
Physical SecurityPhysical Security
Physical Security
 

Viewers also liked

Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control PresentationWajahat Rajab
 
Integrated Physical Security
Integrated Physical SecurityIntegrated Physical Security
Integrated Physical SecurityJohn N. Motlagh
 
Journal of Physical Security 8(1)
Journal of Physical Security 8(1)Journal of Physical Security 8(1)
Journal of Physical Security 8(1)Roger Johnston
 
Physical Security Domain
Physical Security DomainPhysical Security Domain
Physical Security Domainamiable_indian
 
Access Control: Principles and Practice
Access Control: Principles and PracticeAccess Control: Principles and Practice
Access Control: Principles and PracticeNabeel Yoosuf
 
Plan your security
Plan your securityPlan your security
Plan your securityAccord Group
 
Conley Group Operational Security Presentation
Conley Group Operational Security PresentationConley Group Operational Security Presentation
Conley Group Operational Security Presentationguest019923
 
Technical seminar on Security
Technical seminar on Security Technical seminar on Security
Technical seminar on Security STS
 
Physical Layer Optical Network Security Thesis Presentation To The CNY ISSA C...
Physical Layer Optical Network Security Thesis Presentation To The CNY ISSA C...Physical Layer Optical Network Security Thesis Presentation To The CNY ISSA C...
Physical Layer Optical Network Security Thesis Presentation To The CNY ISSA C...Joshua S. White, PhD josh@securemind.org
 
2009 Security Mega Trends & Emerging Threats
2009 Security Mega Trends & Emerging Threats2009 Security Mega Trends & Emerging Threats
2009 Security Mega Trends & Emerging ThreatsLumension
 
Security MEGA PRojects
Security MEGA PRojectsSecurity MEGA PRojects
Security MEGA PRojectsWasef Al-Hakim
 

Viewers also liked (15)

Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
 
Integrated Physical Security
Integrated Physical SecurityIntegrated Physical Security
Integrated Physical Security
 
Physical security
Physical securityPhysical security
Physical security
 
Journal of Physical Security 8(1)
Journal of Physical Security 8(1)Journal of Physical Security 8(1)
Journal of Physical Security 8(1)
 
Physical Security Domain
Physical Security DomainPhysical Security Domain
Physical Security Domain
 
Access Control: Principles and Practice
Access Control: Principles and PracticeAccess Control: Principles and Practice
Access Control: Principles and Practice
 
Hotel security
Hotel securityHotel security
Hotel security
 
Plan your security
Plan your securityPlan your security
Plan your security
 
Conley Group Operational Security Presentation
Conley Group Operational Security PresentationConley Group Operational Security Presentation
Conley Group Operational Security Presentation
 
Technical seminar on Security
Technical seminar on Security Technical seminar on Security
Technical seminar on Security
 
Physical Layer Optical Network Security Thesis Presentation To The CNY ISSA C...
Physical Layer Optical Network Security Thesis Presentation To The CNY ISSA C...Physical Layer Optical Network Security Thesis Presentation To The CNY ISSA C...
Physical Layer Optical Network Security Thesis Presentation To The CNY ISSA C...
 
2009 Security Mega Trends & Emerging Threats
2009 Security Mega Trends & Emerging Threats2009 Security Mega Trends & Emerging Threats
2009 Security Mega Trends & Emerging Threats
 
Mega Events- מכון היצוא
Mega Events- מכון היצוא Mega Events- מכון היצוא
Mega Events- מכון היצוא
 
Security MEGA PRojects
Security MEGA PRojectsSecurity MEGA PRojects
Security MEGA PRojects
 
Event management
Event managementEvent management
Event management
 

Similar to Module 10 Physical Security

Ceh v5 module 17 physical security
Ceh v5 module 17 physical securityCeh v5 module 17 physical security
Ceh v5 module 17 physical securityVi Tính Hoàng Nam
 
Cat21:Development Mangement Information Systems
Cat21:Development Mangement Information SystemsCat21:Development Mangement Information Systems
Cat21:Development Mangement Information SystemsSimeon Ogao
 
ATM Security System using Iot Components .pptx
ATM Security System using Iot Components .pptxATM Security System using Iot Components .pptx
ATM Security System using Iot Components .pptxVinayMN3
 
Secure physical infrastructure
Secure physical infrastructureSecure physical infrastructure
Secure physical infrastructurePallavi Agarwal
 
Ict form 4 chapter 1(answer)
Ict form 4 chapter 1(answer)Ict form 4 chapter 1(answer)
Ict form 4 chapter 1(answer)smkengkilili2011
 
IT Network Security Policy
IT Network Security PolicyIT Network Security Policy
IT Network Security Policyssuser06c4a6
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdfdhanywahyudi17
 
Chapter 2 phisycal security threat
Chapter 2   phisycal security threatChapter 2   phisycal security threat
Chapter 2 phisycal security threatSyaiful Ahdan
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Jiunn-Jer Sun
 
physicalsecurity-150317020111-conversion-gate01.pdf
physicalsecurity-150317020111-conversion-gate01.pdfphysicalsecurity-150317020111-conversion-gate01.pdf
physicalsecurity-150317020111-conversion-gate01.pdfJohnLagman3
 
POLICY REVIEW - COMELEC.pptx
POLICY REVIEW - COMELEC.pptxPOLICY REVIEW - COMELEC.pptx
POLICY REVIEW - COMELEC.pptxJebsKwan
 
CiNPA Security SIG - Physical Security
CiNPA Security SIG - Physical SecurityCiNPA Security SIG - Physical Security
CiNPA Security SIG - Physical SecurityCiNPA Security SIG
 
28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippin...
28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippin...28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippin...
28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippin...marbimon
 
iot based home security using image processing algorithms
iot based home security using image processing algorithmsiot based home security using image processing algorithms
iot based home security using image processing algorithmsBadiginchala Manohari
 
CH. 5 Computer Security and Safety, Ethics and Privacy
CH. 5 Computer Security and Safety, Ethics and PrivacyCH. 5 Computer Security and Safety, Ethics and Privacy
CH. 5 Computer Security and Safety, Ethics and Privacymalik1972
 
Information Security 5 06
Information Security 5 06Information Security 5 06
Information Security 5 06johnhewitt_cpp
 
Project securing a microsoft windows environment e
Project securing a microsoft windows environment eProject securing a microsoft windows environment e
Project securing a microsoft windows environment eDIPESH30
 

Similar to Module 10 Physical Security (20)

Ceh v5 module 17 physical security
Ceh v5 module 17 physical securityCeh v5 module 17 physical security
Ceh v5 module 17 physical security
 
Cat21:Development Mangement Information Systems
Cat21:Development Mangement Information SystemsCat21:Development Mangement Information Systems
Cat21:Development Mangement Information Systems
 
ATM Security System using Iot Components .pptx
ATM Security System using Iot Components .pptxATM Security System using Iot Components .pptx
ATM Security System using Iot Components .pptx
 
Secure physical infrastructure
Secure physical infrastructureSecure physical infrastructure
Secure physical infrastructure
 
PROFIsafe and IT security - Peter Brown of Siemens A&D
PROFIsafe and IT security  - Peter Brown of Siemens A&DPROFIsafe and IT security  - Peter Brown of Siemens A&D
PROFIsafe and IT security - Peter Brown of Siemens A&D
 
Ict form 4 chapter 1(answer)
Ict form 4 chapter 1(answer)Ict form 4 chapter 1(answer)
Ict form 4 chapter 1(answer)
 
IT Network Security Policy
IT Network Security PolicyIT Network Security Policy
IT Network Security Policy
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdf
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics
 
Chapter 2 phisycal security threat
Chapter 2   phisycal security threatChapter 2   phisycal security threat
Chapter 2 phisycal security threat
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
 
physicalsecurity-150317020111-conversion-gate01.pdf
physicalsecurity-150317020111-conversion-gate01.pdfphysicalsecurity-150317020111-conversion-gate01.pdf
physicalsecurity-150317020111-conversion-gate01.pdf
 
POLICY REVIEW - COMELEC.pptx
POLICY REVIEW - COMELEC.pptxPOLICY REVIEW - COMELEC.pptx
POLICY REVIEW - COMELEC.pptx
 
CiNPA Security SIG - Physical Security
CiNPA Security SIG - Physical SecurityCiNPA Security SIG - Physical Security
CiNPA Security SIG - Physical Security
 
28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippin...
28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippin...28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippin...
28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippin...
 
iot based home security using image processing algorithms
iot based home security using image processing algorithmsiot based home security using image processing algorithms
iot based home security using image processing algorithms
 
CH. 5 Computer Security and Safety, Ethics and Privacy
CH. 5 Computer Security and Safety, Ethics and PrivacyCH. 5 Computer Security and Safety, Ethics and Privacy
CH. 5 Computer Security and Safety, Ethics and Privacy
 
Information Security 5 06
Information Security 5 06Information Security 5 06
Information Security 5 06
 
Presentation 1
Presentation 1Presentation 1
Presentation 1
 
Project securing a microsoft windows environment e
Project securing a microsoft windows environment eProject securing a microsoft windows environment e
Project securing a microsoft windows environment e
 

More from leminhvuong

More from leminhvuong (20)

Proxy
ProxyProxy
Proxy
 
Lession2 Xinetd
Lession2 XinetdLession2 Xinetd
Lession2 Xinetd
 
Module 7 Sql Injection
Module 7   Sql InjectionModule 7   Sql Injection
Module 7 Sql Injection
 
Iptables
IptablesIptables
Iptables
 
Lession1 Linux Preview
Lession1 Linux PreviewLession1 Linux Preview
Lession1 Linux Preview
 
Http
HttpHttp
Http
 
Dns
DnsDns
Dns
 
Net Admin Intro
Net Admin IntroNet Admin Intro
Net Admin Intro
 
Lession4 Dhcp
Lession4 DhcpLession4 Dhcp
Lession4 Dhcp
 
Lession3 Routing
Lession3 RoutingLession3 Routing
Lession3 Routing
 
Module 1 Introduction
Module 1   IntroductionModule 1   Introduction
Module 1 Introduction
 
Wire Less
Wire LessWire Less
Wire Less
 
Net Security Intro
Net Security IntroNet Security Intro
Net Security Intro
 
Module 9 Dos
Module 9   DosModule 9   Dos
Module 9 Dos
 
Module 8 System Hacking
Module 8   System HackingModule 8   System Hacking
Module 8 System Hacking
 
Module 6 Session Hijacking
Module 6   Session HijackingModule 6   Session Hijacking
Module 6 Session Hijacking
 
Module 5 Sniffers
Module 5  SniffersModule 5  Sniffers
Module 5 Sniffers
 
Module 4 Enumeration
Module 4   EnumerationModule 4   Enumeration
Module 4 Enumeration
 
Module 3 Scanning
Module 3   ScanningModule 3   Scanning
Module 3 Scanning
 
Module 2 Foot Printing
Module 2   Foot PrintingModule 2   Foot Printing
Module 2 Foot Printing
 

Recently uploaded

Fabric RFID Wristbands in Ireland for Events and Festivals
Fabric RFID Wristbands in Ireland for Events and FestivalsFabric RFID Wristbands in Ireland for Events and Festivals
Fabric RFID Wristbands in Ireland for Events and FestivalsWristbands Ireland
 
Plano de marketing- inglês em formato ppt
Plano de marketing- inglês  em formato pptPlano de marketing- inglês  em formato ppt
Plano de marketing- inglês em formato pptElizangelaSoaresdaCo
 
Personal Brand Exploration Presentation Eric Bonilla
Personal Brand Exploration Presentation Eric BonillaPersonal Brand Exploration Presentation Eric Bonilla
Personal Brand Exploration Presentation Eric BonillaEricBonilla13
 
Borderless Access - Global B2B Panel book-unlock 2024
Borderless Access - Global B2B Panel book-unlock 2024Borderless Access - Global B2B Panel book-unlock 2024
Borderless Access - Global B2B Panel book-unlock 2024Borderless Access
 
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...IMARC Group
 
Cracking the ‘Business Process Outsourcing’ Code Main.pptx
Cracking the ‘Business Process Outsourcing’ Code Main.pptxCracking the ‘Business Process Outsourcing’ Code Main.pptx
Cracking the ‘Business Process Outsourcing’ Code Main.pptxWorkforce Group
 
Live-Streaming in the Music Industry Webinar
Live-Streaming in the Music Industry WebinarLive-Streaming in the Music Industry Webinar
Live-Streaming in the Music Industry WebinarNathanielSchmuck
 
Data skills for Agile Teams- Killing story points
Data skills for Agile Teams- Killing story pointsData skills for Agile Teams- Killing story points
Data skills for Agile Teams- Killing story pointsyasinnathani
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access
 
Project Brief & Information Architecture Report
Project Brief & Information Architecture ReportProject Brief & Information Architecture Report
Project Brief & Information Architecture Reportamberjiles31
 
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for Business
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for BusinessQ2 2024 APCO Geopolitical Radar - The Global Operating Environment for Business
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for BusinessAPCO
 
Chapter_Five_The_Rural_Development_Policies_and_Strategy_of_Ethiopia.pptx
Chapter_Five_The_Rural_Development_Policies_and_Strategy_of_Ethiopia.pptxChapter_Five_The_Rural_Development_Policies_and_Strategy_of_Ethiopia.pptx
Chapter_Five_The_Rural_Development_Policies_and_Strategy_of_Ethiopia.pptxesiyasmengesha
 
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...Brian Solis
 
Upgrade Your Banking Experience with Advanced Core Banking Applications
Upgrade Your Banking Experience with Advanced Core Banking ApplicationsUpgrade Your Banking Experience with Advanced Core Banking Applications
Upgrade Your Banking Experience with Advanced Core Banking ApplicationsIntellect Design Arena Ltd
 
Intellectual Property Licensing Examples
Intellectual Property Licensing ExamplesIntellectual Property Licensing Examples
Intellectual Property Licensing Examplesamberjiles31
 
PDT 88 - 4 million seed - Seed - Protecto.pdf
PDT 88 - 4 million seed - Seed - Protecto.pdfPDT 88 - 4 million seed - Seed - Protecto.pdf
PDT 88 - 4 million seed - Seed - Protecto.pdfHajeJanKamps
 
Introduction to The overview of GAAP LO 1-5.pptx
Introduction to The overview of GAAP LO 1-5.pptxIntroduction to The overview of GAAP LO 1-5.pptx
Introduction to The overview of GAAP LO 1-5.pptxJemalSeid25
 
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...AustraliaChapterIIBA
 
Team B Mind Map for Organizational Chg..
Team B Mind Map for Organizational Chg..Team B Mind Map for Organizational Chg..
Team B Mind Map for Organizational Chg..dlewis191
 

Recently uploaded (20)

Fabric RFID Wristbands in Ireland for Events and Festivals
Fabric RFID Wristbands in Ireland for Events and FestivalsFabric RFID Wristbands in Ireland for Events and Festivals
Fabric RFID Wristbands in Ireland for Events and Festivals
 
Plano de marketing- inglês em formato ppt
Plano de marketing- inglês  em formato pptPlano de marketing- inglês  em formato ppt
Plano de marketing- inglês em formato ppt
 
Personal Brand Exploration Presentation Eric Bonilla
Personal Brand Exploration Presentation Eric BonillaPersonal Brand Exploration Presentation Eric Bonilla
Personal Brand Exploration Presentation Eric Bonilla
 
Borderless Access - Global B2B Panel book-unlock 2024
Borderless Access - Global B2B Panel book-unlock 2024Borderless Access - Global B2B Panel book-unlock 2024
Borderless Access - Global B2B Panel book-unlock 2024
 
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
 
Cracking the ‘Business Process Outsourcing’ Code Main.pptx
Cracking the ‘Business Process Outsourcing’ Code Main.pptxCracking the ‘Business Process Outsourcing’ Code Main.pptx
Cracking the ‘Business Process Outsourcing’ Code Main.pptx
 
Live-Streaming in the Music Industry Webinar
Live-Streaming in the Music Industry WebinarLive-Streaming in the Music Industry Webinar
Live-Streaming in the Music Industry Webinar
 
Data skills for Agile Teams- Killing story points
Data skills for Agile Teams- Killing story pointsData skills for Agile Teams- Killing story points
Data skills for Agile Teams- Killing story points
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024
 
Project Brief & Information Architecture Report
Project Brief & Information Architecture ReportProject Brief & Information Architecture Report
Project Brief & Information Architecture Report
 
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for Business
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for BusinessQ2 2024 APCO Geopolitical Radar - The Global Operating Environment for Business
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for Business
 
Chapter_Five_The_Rural_Development_Policies_and_Strategy_of_Ethiopia.pptx
Chapter_Five_The_Rural_Development_Policies_and_Strategy_of_Ethiopia.pptxChapter_Five_The_Rural_Development_Policies_and_Strategy_of_Ethiopia.pptx
Chapter_Five_The_Rural_Development_Policies_and_Strategy_of_Ethiopia.pptx
 
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
 
Upgrade Your Banking Experience with Advanced Core Banking Applications
Upgrade Your Banking Experience with Advanced Core Banking ApplicationsUpgrade Your Banking Experience with Advanced Core Banking Applications
Upgrade Your Banking Experience with Advanced Core Banking Applications
 
Intellectual Property Licensing Examples
Intellectual Property Licensing ExamplesIntellectual Property Licensing Examples
Intellectual Property Licensing Examples
 
PDT 88 - 4 million seed - Seed - Protecto.pdf
PDT 88 - 4 million seed - Seed - Protecto.pdfPDT 88 - 4 million seed - Seed - Protecto.pdf
PDT 88 - 4 million seed - Seed - Protecto.pdf
 
Introduction to The overview of GAAP LO 1-5.pptx
Introduction to The overview of GAAP LO 1-5.pptxIntroduction to The overview of GAAP LO 1-5.pptx
Introduction to The overview of GAAP LO 1-5.pptx
 
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
 
Team B Mind Map for Organizational Chg..
Team B Mind Map for Organizational Chg..Team B Mind Map for Organizational Chg..
Team B Mind Map for Organizational Chg..
 
Investment Opportunity for Thailand's Automotive & EV Industries
Investment Opportunity for Thailand's Automotive & EV IndustriesInvestment Opportunity for Thailand's Automotive & EV Industries
Investment Opportunity for Thailand's Automotive & EV Industries
 

Module 10 Physical Security

  • 1. MODULE 4MODULE 4 PHYSICAL SECURITYPHYSICAL SECURITY
  • 2. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 2/40 What Is the Need for Physical Security?What Is the Need for Physical Security?  To prevent any unauthorized access to computer systems  To prevent tampering/stealing of data from computer systems  To protect the integrity of the data stored in the computer  To prevent the loss of data/damage to systems against any natural calamities
  • 3. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 3/40 Physical Security Checklist  Company surroundings  Premises  Reception  Server  Workstation area  Wireless access points  Other equipment, such as fax, and removable media  Access control  Computer equipment maintenance  Wiretapping  Remote access
  • 4. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 4/40 Physical Security Checklist: Company Surroundings  The entrance to the company premises should be restricted to only authorized access  The following is the checklist for securing the company surroundings:  Fences  Gates  Walls  Guards  Alarms
  • 5. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 5/40 Gates
  • 6. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 6/40 Security Guards
  • 7. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 7/40 Physical Security Checklist: Premises  Premises can be protected by the following:  Checking for roof/ceiling access through AC ducts  Use of CCTV cameras with monitored screens and video recorders  Installing intruder systems  Installing panic buttons  Installing burglar alarms  Windows and door bars  Deadlocks
  • 8. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 8/40 CCTV CamerasCCTV Cameras
  • 9. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 9/40 Physical Security Checklist: Reception  The reception area is supposed to be a busier area than other areas of the firm with the number of people entering and exiting  The reception area can be protected by the following:  Files and documents, removable media, etc. should not be kept on the reception desk  Reception desks should be designed to discourage inappropriate access to the administrative area by non-staff members  Computer screens should be positioned in such a way that people cannot observe the screen near the reception desk  Computer monitors, keyboards, and other equipment at the reception desk should be locked whenever the receptionist is away from the desk and they should be logged off after office hours
  • 10. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 10/40 Reception
  • 11. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 11/40 Physical Security Checklist: Server  The server, which is the most important factor of any network, should be given a high level of security  The server room should be well-lit  The server can be secured by the following means:  Server should not be used to perform day-to- day activities  It should be enclosed and locked to prevent any physical movement  DOS should be removed from Windows Servers as an intruder can boot the server remotely by DOS  Disable booting from the floppy disk and CD- ROM drives on the server or, if possible, avoid having these drives onthe server
  • 12. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 12/40 Server RoomServer Room
  • 13. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 13/40 Physical Security Checklist:Workstation Area  This is the area where a majority of employees work  Employees should be educated about physical security  The workstation area can be physically secured by taking the following steps:  Use CCTV  Screens and PCs should be locked  Workstation layout design  Avoid removable media drives
  • 14. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 14/40 Physical Security Checklist: Wireless Access Points  If an intruder successfully connects to the firm’s wireless access points, then he is virtually inside the LAN like any other employee of the firm  To prevent such unauthorized access, the wireless access points should be secured  The following guidelines should be followed:  WEP encryption should be followed  SSID should not be revealed  Access points should be password protected to gain entry  Passwords should be strong enough so that they cannot be easily cracked
  • 15. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 15/40 Physical Security Checklist: OtherPhysical Security Checklist: Other EquipmentEquipment  Other equipment, such as fax, and removable media should be secured by following these steps:  Fax machines near the reception area should be locked when the receptionist is not at the desk  Faxes obtained should be filed properly  Modems should not have auto answer mode enabled  Removable media should not be placed in public places, and corrupted removable media should be physically destroyed
  • 16. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 16/40 Physical Security Checklist: Access Control  Access control is used to prevent unauthorized access to any highly sensitive operational areas  The types of access controls are:  Separation of work areas  Biometric access control  Entry cards  Man traps  Faculty sign-in procedures  Identification badges
  • 17. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 17/40 Physical Security Checklist: Biometric Devices  According to www.whatis.com “Biometrics is the science and technology of measuring and statistically analyzing biological data”  Biometric devices consist of a reader or scanning device, software that converts the scanned information into digital form, and a location for the data to be analyzed; for instance a database that stores the biometric data for comparison with previous records  The following methods are used by biometric devices for access control:  Fingerprints  Face scan  Iris scan  Voice recognition
  • 18. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 18/40 Biometric Identification TechniquesBiometric Identification Techniques Physiological Biometric Techniques  Fingerprinting  Ridges and furrows on the surface of a finger are used to identify a person, which are unique  Iris Scanning  Analyzes the colored part of the eye suspended behind the cornea
  • 19. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 19/40 Biometric Identification TechniquesBiometric Identification Techniques  Retinal scanning  Identifies a person by analyzing the layer of blood vessels at the back of the eye  Vein Structure  Thickness and location of veins are analyzed to identify person
  • 20. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 20/40 Physical Security Checklist: Smart Cards  A smart card is a plastic card about the size of a credit card, with an embedded microchip that can be loaded with data. This data can be used for telephone calling, electronic cash payments, and other applications, and then periodically refreshed for additional use  A smart card contains more information than a magnetic strip card, and can be programmed for different applications
  • 21. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 21/40 Physical Security Checklist: Computer Equipment Maintenance  Appoint a person who will be responsible for looking after the computer equipment maintenance  Computer equipment in a warehouse should also be accounted for  The AMC company personnel should not be left alone when they come for the maintenance of the computer equipment  The toolboxes and the bags of the AMC company personnel should be thoroughly scanned for any suspicious materials that could compromise the security of the firm
  • 22. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 22/40 Physical Security Checklist: Wiretapping  According to www.freesearch.com wiretapping is the action of secretly listening to other people’s conversations by connecting a listening device to their telephone  According to www.howstuffworks.com, “wiretap is a device that can interpret these patterns as sound”  You can do few things to make sure that no one is wiretapping:  Inspect all the data carrying wires routinely  Protect the wires using shielded cables  Never leave any wire exposed
  • 23. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 23/40 Physical Security Checklist: Remote Access  Remote access is an easy way for an employee of a firm to work from any place outside the company’s physical boundaries  Remote access to the company’s networks should be avoided as much as possible  It is easy for an attacker to remotely access the company’s network by compromising the employee’s connection  The data being transferred during the remote access should be encrypted to prevent eavesdropping  Remote access is more dangerous than physical access as the attacker is not in the vicinity, and the probability of catching him is less
  • 24. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 24/40 Locks  Locks are used to restrict physical access to an asset  They are used on any physical asset that needs to be protected from unauthorized access, including doors, windows, vehicles, cabinets, and equipment  Different levels of security can be provided by locks depending on how they are designed and implemented
  • 25. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 25/40 Locks  Locks are either mechanical or electrical:  Mechanical Locks – Mechanical locks have moving parts that operate without electricity  Electric Locks - Electric locks are comprised of electronic devices with scanners that identify users and computers that process codes  Electric locks consist of the following types:  card access systems  electronic combination locks  electromagnetic locks  biometric entry systems
  • 26. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 26/40 Locks
  • 27. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 27/40 Lock Picking  The art of unlocking a lock without the use of its key  Preventing lock picking:  Use a better quality of lock  Do not give the keys to anyone, as key imprints can be taken for making a duplicate key  Do not reveal the lock codes
  • 28. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 28/40 Lock Picking Tools
  • 29. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 29/40 Information Security  Hierarchical view to secure information:  Password protection / Complex passwords  Encrypted File System  Anti virus software  Firewalls  Intrusion detection systems  Patches and Updates  Lock down unwanted ports / devices
  • 30. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 30/40 EPS (Electronic Physical Security)  An integrated application of a number of electronic security systems  EPS includes:  Addressable fire detection systems  Automatic gas suppression systems  CCTV systems (IP Networks, Matrix Switchers, DVR camera specifications, etc.)  RFID-Biometric- Smart Card Access Control Systems  Intrusion Detection Systems  Scanners, Xray/ Gamma Scanners, Sniffers  Guarding Equipment and Guarding Plan
  • 31. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 31/40 Wireless Security  Wireless Security Measures  Checking the wireless traffic  Enabling WEP/WPA on the wireless network  MAC address control  End-to-end encryption  VPN (Virtual Private Network)  Access points evaluation
  • 32. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 32/40 Spyware Technologies  Hidden cameras, voice recorders and spy cameras carried by your employees can defeat your physical security policy  Categories:  Video Recorders  Audio Devices  Bug Detectors  Home Security  Spy Gear
  • 33. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 33/40 Spying Devices
  • 34. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 34/40 Spying Devices
  • 35. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 35/40 Spying Devices
  • 36. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 36/40 Spying Devices
  • 37. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 37/40 Physical Security: Lock Down USB Ports  Administrators secure their networks behind firewalls by  installing email filters on their SMTP servers  installing anti-virus software on all client workstations  Sometimes, it may not assure guaranteed protection against the stealing of data  What if the intruder carries his own USB memory sticks and connects them to the computers at their office?  In a fraction of a second, an intruder can steal all the business information needed for establishing his own company where he can get the customer database  USB stick can be used to:  Hold an entire company's vital data  Compromise the network with an infected stick  To prevent the above situations, there is a need for the administrator to lock down the USB ports
  • 38. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 38/40 Tool: DeviceLock (www.devicelock.com)  Device Lock is a device control solution to safeguard network computers against internal and external attacks  Using Device Lock:  Network administrators can lock out unauthorized users from USB  Administrators can control access to any device like floppies, serial and parallel ports, Magneto-Optical disks, CD-ROMs, ZIPs, USB  Generate a report concerning the permissions that have been set  Provide a level of precision control over device resources unavailable  Grant users temporary access to USB devices when there is no network connection  Control the system remotely using the centralized management console  Generate a report displaying the USB, FireWire and PCMCIA devices
  • 39. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 39/40 Blocking the Use of USB Storage Devices
  • 40. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 40/40 Track Stick GPS Tracking Device  Track Stick records its own location, time, date, speed, heading, and altitude at preset intervals  It can store months of travel information  It receives signals from 24 satellites orbiting the Earth, where it can calculate its own position anywhere to within 15 meters  Advantages:  If the laptop is stolen, this device is able to keep track of its location, so that it is found easily  Tells you how long the “target” has stayed in one place