SlideShare a Scribd company logo

Information Systems Security 365/765 UW-Madison

Download as PPT, PDF
Nicholas Davis
Nicholas Davis

I was very fortunate to be offered an opportunity to teach a semester long undergraduate and graduate student class, at the University of Wisconsin-Madison. The class has 50 students and every one of them is so friendly, outgoing and kind. The UW should be proud of the quality of the students it admits. I am lucky to be an employee of this massive and fantastic university. Here is the lecture I gave today. This module of the course is entitled Physical Security, which is an integral part of Information Security. It isn't all about hackers and spies. A lot of Information Security is derived from having solid documented and tested business processes.

1 of 63
Information Security 365/765, Fall Semester, 2014 Course Instructor, Nicholas Davis Lecture 7, Physical Security
TTooddaayy’’ss CCaannddyy TTwwiizzzzlleerrss Twizzlers is a brand of candy in the United States and Canada. Twizzlers is the product of Y&S Candies, Inc., of Lancaster, Pennsylvania, now a subsidiary of The Hershey Company. In 1908 a plant was opened in Montreal and in 1929 the Twizzler brand was established 10/02/14 UNIVERSITY OF WISCONSIN 2
PPhhyyssiiccaall SSeeccuurriittyy It used to be easy, way back in the 1960s Today, with IT assets on every desk, we have: Theft Fraud Vandalism Sabotage Accidents 10/02/14 UNIVERSITY OF WISCONSIN 3
LLeett’’ss WWaattcchh aann IInntteerreessttiinngg VViiddeeoo AAbboouutt tthhee HHiissttoorryy ooff PPhhyyssiiccaall SSeeccuurriittyy https://www.youtube.com/watch?v=- eVSR9tder0 20 Minutes 10/02/14 UNIVERSITY OF WISCONSIN 4
FFuunnnnyy CCaarrttoooonn VViiddeeoo BBuutt,, iitt MMaakkeess aa GGoooodd PPooiinntt https:// www.youtube.com/watch?v=tmOGJVDvJaQ 2 minutes 10/02/14 UNIVERSITY OF WISCONSIN 5
FFoouurr MMaajjoorr PPhhyyssiiccaall SSeeccuurriittyy TThhrreeaattss Natural environmental Supply system Human made Politically motivated Good security program protects against all of these, in layers 10/02/14 UNIVERSITY OF WISCONSIN 6
PPhhyyssiiccaall TThhrreeaattss NNaattuurraall // EEnnvviirroonnmmeennttaall Floods, earthquakes, storms, volcanoes 10/02/14 UNIVERSITY OF WISCONSIN 7
PPhhyyssiiccaall TThhrreeaattss SSuuppppllyy SSyysstteemm Power, communications, supply of water, etc. 10/02/14 UNIVERSITY OF WISCONSIN 8
PPhhyyssiiccaall TThhrreeaattss HHuummaann MMaaddee Unauthorized access, damage by angry employees, employee errors and accidents, vandalism, fraud, theft 10/02/14 UNIVERSITY OF WISCONSIN 9
PPhhyyssiiccaall TThhrreeaattss PPoolliittiiccaallllyy MMoottiivvaatteedd TThhrreeaattss Strikes, riots, civil disobedience, terrorist attacks, bombings 10/02/14 UNIVERSITY OF WISCONSIN 10
WWhhaatt CCoonnssttiittuutteess aa GGoooodd SSeeccuurriittyy PPllaann Crime and disruption through deterrence Fences, security guards, warning signs, etc. 10/02/14 UNIVERSITY OF WISCONSIN 11
WWhhaatt CCoonnssttiittuutteess aa GGoooodd SSeeccuurriittyy PPllaann Reduction of damage through use of delaying mechanisms Layers of defenses that slow down the adversary, such as locks, security personnel, barriers 10/02/14 UNIVERSITY OF WISCONSIN 12
WWhhaatt CCoonnssttiittuutteess aa GGoooodd SSeeccuurriittyy PPllaann Crime or disruption detection Smoke detectors, motion detectors, surveillance cameras, etc 10/02/14 UNIVERSITY OF WISCONSIN 13
WWhhaatt CCoonnssttiittuutteess aa GGoooodd SSeeccuurriittyy PPllaann Incident assessment Response of personnel to quickly evaluate situation and damage level 10/02/14 UNIVERSITY OF WISCONSIN 14
WWhhaatt CCoonnssttiittuutteess aa GGoooodd SSeeccuurriittyy PPllaann Rapid response procedures Fire suppression systems, emergency response systems, law enforcement notification 10/02/14 UNIVERSITY OF WISCONSIN 15
55 CCoorree SStteeppss iinn aa PPhhyyssiiccaall SSeeccuurriittyy SSyysstteemm Deter Delay Detect Assess Respond 10/02/14 UNIVERSITY OF WISCONSIN 16
SSiiddeewwaallkk,, LLiigghhttss aanndd LLaannddssccaappiinngg FFoorr PPrrootteeccttiioonn 10/02/14 UNIVERSITY OF WISCONSIN 17
PPhhyyssiiccaall AAcccceessss CCoonnttrrooll FFoorr VViissiittoorrss Limit the number of entry points Force all guests to sign-in at a common location Reduce entry points even more, after hours and on weekends Validate a government issued picture ID before allowing entry Require all guests to be escorted by a full time employee Encourage employees to question strangers 10/02/14 UNIVERSITY OF WISCONSIN 18
NNaattuurraall SSuurrvveeiillllaannccee Natural Surveillance is the intentional and visible surveillance, to make potential criminals aware that they are being watch and make all others feel safe 10/02/14 UNIVERSITY OF WISCONSIN 19
TTeerrrriittoorriiaall RReeiinnffoorrcceemmeenntt Building facilities in such a way as you make people feel secure, open, visible, strong, etc. 10/02/14 UNIVERSITY OF WISCONSIN 20
SSeelleeccttiinngg aa FFaacciilliittyy SSiittee Visibility – Terrain, neighbors, population Surrounding area – Crime, riots, police, medical, fire, other hazzards Accessibility – Road access, traffic, airport access, etc Natural Disasters – floods, tornadoes, earthquakes, rain, etc 10/02/14 UNIVERSITY OF WISCONSIN 21
EEnnttrryy PPooiinnttss Windows and doors are the standard access points. They should be secure, strong, foolproof Walls should be at least as strong as the doors and windows 10/02/14 UNIVERSITY OF WISCONSIN 22
AA HHuummaann TTrraapp Only allows one person into a secure area at a time Open first door, enter Wait for first door to close Enter second door to secure area Only enough space for one person at a time 10/02/14 UNIVERSITY OF WISCONSIN 23
DDoonn’’tt FFoorrggeett AAbboouutt tthhee CCeeiilliinngg 10/02/14 UNIVERSITY OF WISCONSIN 24
IInn CCoommppuutteerr FFaacciilliittiieess WWaatteerr DDeetteeccttoorrss AArree IImmppoorrttaanntt Water detectors should be placed under raised floors and on ceilings 10/02/14 UNIVERSITY OF WISCONSIN 25
LLaappttooppss AArree OOnnee ooff tthhee MMoosstt FFrreeqquueennttllyy SSttoolleenn PPhhyyssiiccaall AAsssseettss Inventory the laptops Harden the Operating system Password protect BIOS Register laptops with vendor Don’t check laptop as baggage! Don’t leave laptop unattended Engrave the laptop visibly Use a physical cable and lock Backup data Encrypt hard disk Store in secure place when not in use 10/02/14 UNIVERSITY OF WISCONSIN 26
EElleeccttrriicc PPoowweerr Electricity is the lifeline of the company Use multiple supply circuits coming into the facility Filter power for a clean electrical signal, important for computers Have a backup generator, test it regularly Have an appropriately sized battery backup power supply (UPS) Test EVERYTHING, test OFTEN 10/02/14 UNIVERSITY OF WISCONSIN 27
KKeeeepp AAllll WWiirriinngg OOrrggaanniizzeedd OOnn CCoommppuutteerr EEqquuiippmmeenntt Reduces confusion Makes troubleshooting easier Lower risk of fire hazard Lower risk of electrical interference Looks professional and trustworthy, in case visitors come through Use shielded cabling to stop electrical interference Don’t run electrical wiring close to fluorescent lighting 10/02/14 UNIVERSITY OF WISCONSIN 28
AAnn EExxaammppllee ooff WWhhaatt NNoott ttoo DDoo 10/02/14 UNIVERSITY OF WISCONSIN 29
MMaakkee SSuurree AAllll UUttiilliittyy LLiinneess HHaavvee EEmmeerrggeennccyy SShhuuttooffff VVaallvveess 10/02/14 UNIVERSITY OF WISCONSIN 30
SSttaattiicc EElleeccttrriicciittyy,, tthhee IInnvviissiibbllee EEnneemmyy Protect against static electricity, which can destroy computer equipment: Antistatic flooring Humidity levels should be kept moderate Use proper electrical grounding No carpeting, ever!!! Use anti-static bands on wrist when working on a computer server 10/02/14 UNIVERSITY OF WISCONSIN 31
HHVVAACC –– HHeeaattiinngg,, VVeennttiillaattiioonn,, AAiirr CCoonnddiittiioonniinngg Important to have commercial grade systems to keep temperature are proper level, and keep air filtered and circulating 10/02/14 UNIVERSITY OF WISCONSIN 32
EEvveerryy GGoooodd CCoommppaannyy IIss FFuullll ooff LLiieebbeerrtt 10/02/14 UNIVERSITY OF WISCONSIN 33
WWaatteerr SSpprriinnkklleerr SSyysstteemmss There are two types: Wet Pipe – always contains water Advantage – always ready for use Disadvantage – most costly, possibility of accidental release of water Dry Pipe – has to be connected to a tank Advantage – no risk of accidental water release Disadvantage – not ready immediately 10/02/14 UNIVERSITY OF WISCONSIN 34
OOtthheerr SSeeccuurriittyy CCoonnttrroollss Fences – different heights, strengths Bollards – those odd looking posts in front of Best Buy Lighting – one of the best deterrents around, cheap and effective Locks – usually easy to defeat, but good as once layer of security for defense in depth strategy CCTV – Efficient for monitoring 10/02/14 UNIVERSITY OF WISCONSIN 35
AAuuddiittiinngg PPhhyyssiiccaall AAcccceessss CCrriittiiccaall PPiieecceess ooff IInnffoorrmmaattiioonn The date and time of the access attempt The entry point at which access was attempted The user ID associated with the access attempt Any unsuccessful attempts, especially if done during unauthorized hours 10/02/14 UNIVERSITY OF WISCONSIN 36
TTeessttss aanndd DDrriillllss Need to be developed Must be put into action, at least once per year, generally speaking Must be documented Must be put in easily accessible places People must be assigned specific tasks People should be taught and informed on how to fulfill specific tasks Determine in advance what will determine success 10/02/14 UNIVERSITY OF WISCONSIN 37
AA NNoottee AAbboouutt CCrreeddiitt CCaarrdd RReeaaddeerr PPhhyyssiiccaall SSeeccuurriittyy https:// www.youtube.com/watch?v=XipjYIbBj7k Physical access to credit card transaction equipment is one of the greatest physical security threats facing most small businesses in the United States, but most people never give it a second thought 10/02/14 UNIVERSITY OF WISCONSIN 38
10/02/14 UNIVERSITY OF WISCONSIN 39
10/02/14 UNIVERSITY OF WISCONSIN 40
10/02/14 UNIVERSITY OF WISCONSIN 41
10/02/14 UNIVERSITY OF WISCONSIN 42
10/02/14 UNIVERSITY OF WISCONSIN 43
10/02/14 UNIVERSITY OF WISCONSIN 44
10/02/14 UNIVERSITY OF WISCONSIN 45
10/02/14 UNIVERSITY OF WISCONSIN 46
10/02/14 UNIVERSITY OF WISCONSIN 47
10/02/14 UNIVERSITY OF WISCONSIN 48
10/02/14 UNIVERSITY OF WISCONSIN 49
10/02/14 UNIVERSITY OF WISCONSIN 50
10/02/14 UNIVERSITY OF WISCONSIN 51
10/02/14 UNIVERSITY OF WISCONSIN 52
10/02/14 UNIVERSITY OF WISCONSIN 53
10/02/14 UNIVERSITY OF WISCONSIN 54
10/02/14 UNIVERSITY OF WISCONSIN 55
10/02/14 UNIVERSITY OF WISCONSIN 56
10/02/14 UNIVERSITY OF WISCONSIN 57
10/02/14 UNIVERSITY OF WISCONSIN 58
10/02/14 UNIVERSITY OF WISCONSIN 59
10/02/14 UNIVERSITY OF WISCONSIN 60
10/02/14 UNIVERSITY OF WISCONSIN 61
10/02/14 UNIVERSITY OF WISCONSIN 62
10/02/14 UNIVERSITY OF WISCONSIN 63

Recommended

UW-Madison Information Systems 365 -- Physical Security -- Lecture 9
UW-Madison Information Systems 365 -- Physical Security -- Lecture 9 UW-Madison Information Systems 365 -- Physical Security -- Lecture 9
UW-Madison Information Systems 365 -- Physical Security -- Lecture 9
Nicholas Davis
 
DESARROLLAR FLEXIBILIDAD MENTAL
DESARROLLAR FLEXIBILIDAD MENTALDESARROLLAR FLEXIBILIDAD MENTAL
DESARROLLAR FLEXIBILIDAD MENTAL
Carlos Cagna Vallino
 
Materiales para trabajar flexibilidad de pensamiento
Materiales para trabajar flexibilidad de pensamientoMateriales para trabajar flexibilidad de pensamiento
Materiales para trabajar flexibilidad de pensamiento
AprenentABA
 
Tablero actividades o actividades programadas
Tablero actividades o actividades programadasTablero actividades o actividades programadas
Tablero actividades o actividades programadas
AprenentABA
 
Hojitas delly2
Hojitas delly2Hojitas delly2
Hojitas delly2flavia8
 
Rutina mañanas: apoyo visual
Rutina mañanas: apoyo visualRutina mañanas: apoyo visual
Rutina mañanas: apoyo visual
AprenentABA
 
Motricidad-fina-hojas-de-trabajo-preescolar
Motricidad-fina-hojas-de-trabajo-preescolarMotricidad-fina-hojas-de-trabajo-preescolar
Motricidad-fina-hojas-de-trabajo-preescolarJuan Antonio Cruz Fonseca
 
Flexibilidad 2
Flexibilidad 2Flexibilidad 2
Flexibilidad 2Anabel Cornago
 

Recommended

UW-Madison Information Systems 365 -- Physical Security -- Lecture 9
UW-Madison Information Systems 365 -- Physical Security -- Lecture 9 UW-Madison Information Systems 365 -- Physical Security -- Lecture 9
UW-Madison Information Systems 365 -- Physical Security -- Lecture 9
Nicholas Davis
 
DESARROLLAR FLEXIBILIDAD MENTAL
DESARROLLAR FLEXIBILIDAD MENTALDESARROLLAR FLEXIBILIDAD MENTAL
DESARROLLAR FLEXIBILIDAD MENTAL
Carlos Cagna Vallino
 
Materiales para trabajar flexibilidad de pensamiento
Materiales para trabajar flexibilidad de pensamientoMateriales para trabajar flexibilidad de pensamiento
Materiales para trabajar flexibilidad de pensamiento
AprenentABA
 
Tablero actividades o actividades programadas
Tablero actividades o actividades programadasTablero actividades o actividades programadas
Tablero actividades o actividades programadas
AprenentABA
 
Hojitas delly2
Hojitas delly2Hojitas delly2
Hojitas delly2flavia8
 
Rutina mañanas: apoyo visual
Rutina mañanas: apoyo visualRutina mañanas: apoyo visual
Rutina mañanas: apoyo visual
AprenentABA
 
Motricidad-fina-hojas-de-trabajo-preescolar
Motricidad-fina-hojas-de-trabajo-preescolarMotricidad-fina-hojas-de-trabajo-preescolar
Motricidad-fina-hojas-de-trabajo-preescolarJuan Antonio Cruz Fonseca
 
Flexibilidad 2
Flexibilidad 2Flexibilidad 2
Flexibilidad 2Anabel Cornago
 
Flexibilidad 1 qué es ser flexible
Flexibilidad 1 qué es ser flexibleFlexibilidad 1 qué es ser flexible
Flexibilidad 1 qué es ser flexibleAnabel Cornago
 
Pensamiento rigido e inflexible
Pensamiento rigido e inflexiblePensamiento rigido e inflexible
Pensamiento rigido e inflexible
Juanma Cano
 
Tarjetas caja herramientas antiansiedad 2 doc
Tarjetas caja herramientas antiansiedad 2 docTarjetas caja herramientas antiansiedad 2 doc
Tarjetas caja herramientas antiansiedad 2 docAnabel Cornago
 
Actividades para estimular el lenguaje oral
Actividades para estimular el lenguaje oralActividades para estimular el lenguaje oral
Actividades para estimular el lenguaje oralMa. Guadalupe I. Rojas Vázquez
 
Estrategias para el desarrollo del lenguaje
Estrategias para el desarrollo del lenguajeEstrategias para el desarrollo del lenguaje
Estrategias para el desarrollo del lenguaje
RedParaCrecer
 
Bits Banderas de Europa 4º parte
Bits Banderas de Europa 4º parteBits Banderas de Europa 4º parte
Bits Banderas de Europa 4º parte
Lourdes Giraldo Vargas
 
Bits Banderas de Europa 2º parte
Bits Banderas de Europa 2º parteBits Banderas de Europa 2º parte
Bits Banderas de Europa 2º parte
Lourdes Giraldo Vargas
 
Bits Inteligencia: Banderas Europa Lourdes Giraldo
Bits Inteligencia: Banderas Europa Lourdes GiraldoBits Inteligencia: Banderas Europa Lourdes Giraldo
Bits Inteligencia: Banderas Europa Lourdes Giraldo
Lourdes Giraldo Vargas
 
Bits Inteligencia Banderas Europa 3º parte Lourdes Giraldo
Bits Inteligencia Banderas Europa 3º parte Lourdes GiraldoBits Inteligencia Banderas Europa 3º parte Lourdes Giraldo
Bits Inteligencia Banderas Europa 3º parte Lourdes Giraldo
Lourdes Giraldo Vargas
 
Information systems 365 lecture three - Performing an IT Security Risk Analysis
Information systems 365 lecture three - Performing an IT Security Risk AnalysisInformation systems 365 lecture three - Performing an IT Security Risk Analysis
Information systems 365 lecture three - Performing an IT Security Risk Analysis
Nicholas Davis
 
Port & maritime security 2013 agenda
Port & maritime security 2013 agendaPort & maritime security 2013 agenda
Port & maritime security 2013 agendaTina_Karas
 
Riley Payne BYU Directory 2014-15
Riley Payne BYU Directory 2014-15Riley Payne BYU Directory 2014-15
Riley Payne BYU Directory 2014-15Riley Payne
 
Bridge Monitoring for Floods Importance and Solutions
Bridge Monitoring for Floods Importance and SolutionsBridge Monitoring for Floods Importance and Solutions
Bridge Monitoring for Floods Importance and Solutions
Encardio Rite Electronics Private Limited
 
aqua3S EU H2020 project
aqua3S EU H2020 projectaqua3S EU H2020 project
aqua3S EU H2020 project
Centre for Research and Technology Hellas
 
Bridge Monitoring for Floods: Importance and Solutions
Bridge Monitoring for Floods: Importance and SolutionsBridge Monitoring for Floods: Importance and Solutions
Bridge Monitoring for Floods: Importance and Solutions
Encardio Rite Electronics Private Limited
 
Conducting a NIST Cybersecurity Framework (CSF) Assessment
Conducting a NIST Cybersecurity Framework (CSF) AssessmentConducting a NIST Cybersecurity Framework (CSF) Assessment
Conducting a NIST Cybersecurity Framework (CSF) Assessment
Nicholas Davis
 
Top Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessTop Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your Business
Nicholas Davis
 
UW-Madison, Information Systems 371 - Decision Support Systems
UW-Madison, Information Systems 371 - Decision Support SystemsUW-Madison, Information Systems 371 - Decision Support Systems
UW-Madison, Information Systems 371 - Decision Support Systems
Nicholas Davis
 
Lecture blockchain
Lecture blockchainLecture blockchain
Lecture blockchain
Nicholas Davis
 
Software Development Methodologies
Software Development MethodologiesSoftware Development Methodologies
Software Development Methodologies
Nicholas Davis
 
Information systems 365 - Cloud and BYOD Security
Information systems 365 - Cloud and BYOD SecurityInformation systems 365 - Cloud and BYOD Security
Information systems 365 - Cloud and BYOD Security
Nicholas Davis
 
Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids
Nicholas Davis
 

More Related Content

Viewers also liked

Flexibilidad 1 qué es ser flexible
Flexibilidad 1 qué es ser flexibleFlexibilidad 1 qué es ser flexible
Flexibilidad 1 qué es ser flexibleAnabel Cornago
 
Pensamiento rigido e inflexible
Pensamiento rigido e inflexiblePensamiento rigido e inflexible
Pensamiento rigido e inflexible
Juanma Cano
 
Tarjetas caja herramientas antiansiedad 2 doc
Tarjetas caja herramientas antiansiedad 2 docTarjetas caja herramientas antiansiedad 2 doc
Tarjetas caja herramientas antiansiedad 2 docAnabel Cornago
 
Estrategias para el desarrollo del lenguaje
Estrategias para el desarrollo del lenguajeEstrategias para el desarrollo del lenguaje
Estrategias para el desarrollo del lenguaje
RedParaCrecer
 
Bits Banderas de Europa 4º parte
Bits Banderas de Europa 4º parteBits Banderas de Europa 4º parte
Bits Banderas de Europa 4º parte
Lourdes Giraldo Vargas
 
Bits Banderas de Europa 2º parte
Bits Banderas de Europa 2º parteBits Banderas de Europa 2º parte
Bits Banderas de Europa 2º parte
Lourdes Giraldo Vargas
 
Bits Inteligencia: Banderas Europa Lourdes Giraldo
Bits Inteligencia: Banderas Europa Lourdes GiraldoBits Inteligencia: Banderas Europa Lourdes Giraldo
Bits Inteligencia: Banderas Europa Lourdes Giraldo
Lourdes Giraldo Vargas
 
Bits Inteligencia Banderas Europa 3º parte Lourdes Giraldo
Bits Inteligencia Banderas Europa 3º parte Lourdes GiraldoBits Inteligencia Banderas Europa 3º parte Lourdes Giraldo
Bits Inteligencia Banderas Europa 3º parte Lourdes Giraldo
Lourdes Giraldo Vargas
 

Viewers also liked (9)

Flexibilidad 1 qué es ser flexible
Flexibilidad 1 qué es ser flexibleFlexibilidad 1 qué es ser flexible
Flexibilidad 1 qué es ser flexible
 
Pensamiento rigido e inflexible
Pensamiento rigido e inflexiblePensamiento rigido e inflexible
Pensamiento rigido e inflexible
 
Tarjetas caja herramientas antiansiedad 2 doc
Tarjetas caja herramientas antiansiedad 2 docTarjetas caja herramientas antiansiedad 2 doc
Tarjetas caja herramientas antiansiedad 2 doc
 
Actividades para estimular el lenguaje oral
Actividades para estimular el lenguaje oralActividades para estimular el lenguaje oral
Actividades para estimular el lenguaje oral
 
Estrategias para el desarrollo del lenguaje
Estrategias para el desarrollo del lenguajeEstrategias para el desarrollo del lenguaje
Estrategias para el desarrollo del lenguaje
 
Bits Banderas de Europa 4º parte
Bits Banderas de Europa 4º parteBits Banderas de Europa 4º parte
Bits Banderas de Europa 4º parte
 
Bits Banderas de Europa 2º parte
Bits Banderas de Europa 2º parteBits Banderas de Europa 2º parte
Bits Banderas de Europa 2º parte
 
Bits Inteligencia: Banderas Europa Lourdes Giraldo
Bits Inteligencia: Banderas Europa Lourdes GiraldoBits Inteligencia: Banderas Europa Lourdes Giraldo
Bits Inteligencia: Banderas Europa Lourdes Giraldo
 
Bits Inteligencia Banderas Europa 3º parte Lourdes Giraldo
Bits Inteligencia Banderas Europa 3º parte Lourdes GiraldoBits Inteligencia Banderas Europa 3º parte Lourdes Giraldo
Bits Inteligencia Banderas Europa 3º parte Lourdes Giraldo
 

Similar to Information Systems Security 365/765 UW-Madison

Information systems 365 lecture three - Performing an IT Security Risk Analysis
Information systems 365 lecture three - Performing an IT Security Risk AnalysisInformation systems 365 lecture three - Performing an IT Security Risk Analysis
Information systems 365 lecture three - Performing an IT Security Risk Analysis
Nicholas Davis
 
Port & maritime security 2013 agenda
Port & maritime security 2013 agendaPort & maritime security 2013 agenda
Port & maritime security 2013 agendaTina_Karas
 
Riley Payne BYU Directory 2014-15
Riley Payne BYU Directory 2014-15Riley Payne BYU Directory 2014-15
Riley Payne BYU Directory 2014-15Riley Payne
 
Bridge Monitoring for Floods Importance and Solutions
Bridge Monitoring for Floods Importance and SolutionsBridge Monitoring for Floods Importance and Solutions
Bridge Monitoring for Floods Importance and Solutions
Encardio Rite Electronics Private Limited
 
aqua3S EU H2020 project
aqua3S EU H2020 projectaqua3S EU H2020 project
aqua3S EU H2020 project
Centre for Research and Technology Hellas
 
Bridge Monitoring for Floods: Importance and Solutions
Bridge Monitoring for Floods: Importance and SolutionsBridge Monitoring for Floods: Importance and Solutions
Bridge Monitoring for Floods: Importance and Solutions
Encardio Rite Electronics Private Limited
 

Similar to Information Systems Security 365/765 UW-Madison (6)

Information systems 365 lecture three - Performing an IT Security Risk Analysis
Information systems 365 lecture three - Performing an IT Security Risk AnalysisInformation systems 365 lecture three - Performing an IT Security Risk Analysis
Information systems 365 lecture three - Performing an IT Security Risk Analysis
 
Port & maritime security 2013 agenda
Port & maritime security 2013 agendaPort & maritime security 2013 agenda
Port & maritime security 2013 agenda
 
Riley Payne BYU Directory 2014-15
Riley Payne BYU Directory 2014-15Riley Payne BYU Directory 2014-15
Riley Payne BYU Directory 2014-15
 
Bridge Monitoring for Floods Importance and Solutions
Bridge Monitoring for Floods Importance and SolutionsBridge Monitoring for Floods Importance and Solutions
Bridge Monitoring for Floods Importance and Solutions
 
aqua3S EU H2020 project
aqua3S EU H2020 projectaqua3S EU H2020 project
aqua3S EU H2020 project
 
Bridge Monitoring for Floods: Importance and Solutions
Bridge Monitoring for Floods: Importance and SolutionsBridge Monitoring for Floods: Importance and Solutions
Bridge Monitoring for Floods: Importance and Solutions
 

More from Nicholas Davis

Conducting a NIST Cybersecurity Framework (CSF) Assessment
Conducting a NIST Cybersecurity Framework (CSF) AssessmentConducting a NIST Cybersecurity Framework (CSF) Assessment
Conducting a NIST Cybersecurity Framework (CSF) Assessment
Nicholas Davis
 
Top Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessTop Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your Business
Nicholas Davis
 
UW-Madison, Information Systems 371 - Decision Support Systems
UW-Madison, Information Systems 371 - Decision Support SystemsUW-Madison, Information Systems 371 - Decision Support Systems
UW-Madison, Information Systems 371 - Decision Support Systems
Nicholas Davis
 
Lecture blockchain
Lecture blockchainLecture blockchain
Lecture blockchain
Nicholas Davis
 
Software Development Methodologies
Software Development MethodologiesSoftware Development Methodologies
Software Development Methodologies
Nicholas Davis
 
Information systems 365 - Cloud and BYOD Security
Information systems 365 - Cloud and BYOD SecurityInformation systems 365 - Cloud and BYOD Security
Information systems 365 - Cloud and BYOD Security
Nicholas Davis
 
Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids
Nicholas Davis
 
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
Nicholas Davis
 
Information Systems 371 -The Internet of Things Overview
Information Systems 371 -The Internet of Things OverviewInformation Systems 371 -The Internet of Things Overview
Information Systems 371 -The Internet of Things Overview
Nicholas Davis
 
Cyberwar Gets Personal
Cyberwar Gets PersonalCyberwar Gets Personal
Cyberwar Gets Personal
Nicholas Davis
 
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
Nicholas Davis
 
Bringing the Entire Information Security Semester Together With a Team Project
Bringing the Entire Information Security Semester Together With a Team ProjectBringing the Entire Information Security Semester Together With a Team Project
Bringing the Entire Information Security Semester Together With a Team Project
Nicholas Davis
 
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
Nicholas Davis
 
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
Nicholas Davis
 
Information Security Fall Semester 2016 - Course Wrap Up Summary
Information Security Fall Semester 2016 - Course Wrap Up SummaryInformation Security Fall Semester 2016 - Course Wrap Up Summary
Information Security Fall Semester 2016 - Course Wrap Up Summary
Nicholas Davis
 
Organizational Phishing Education
Organizational Phishing EducationOrganizational Phishing Education
Organizational Phishing Education
Nicholas Davis
 
Security Operations -- An Overview
Security Operations -- An OverviewSecurity Operations -- An Overview
Security Operations -- An Overview
Nicholas Davis
 
Network Design, Common Network Terminology and Security Implications
Network Design, Common Network Terminology and Security ImplicationsNetwork Design, Common Network Terminology and Security Implications
Network Design, Common Network Terminology and Security Implications
Nicholas Davis
 
Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application Security
Nicholas Davis
 
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
Nicholas Davis
 

More from Nicholas Davis (20)

Conducting a NIST Cybersecurity Framework (CSF) Assessment
Conducting a NIST Cybersecurity Framework (CSF) AssessmentConducting a NIST Cybersecurity Framework (CSF) Assessment
Conducting a NIST Cybersecurity Framework (CSF) Assessment
 
Top Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessTop Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your Business
 
UW-Madison, Information Systems 371 - Decision Support Systems
UW-Madison, Information Systems 371 - Decision Support SystemsUW-Madison, Information Systems 371 - Decision Support Systems
UW-Madison, Information Systems 371 - Decision Support Systems
 
Lecture blockchain
Lecture blockchainLecture blockchain
Lecture blockchain
 
Software Development Methodologies
Software Development MethodologiesSoftware Development Methodologies
Software Development Methodologies
 
Information systems 365 - Cloud and BYOD Security
Information systems 365 - Cloud and BYOD SecurityInformation systems 365 - Cloud and BYOD Security
Information systems 365 - Cloud and BYOD Security
 
Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids
 
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
 
Information Systems 371 -The Internet of Things Overview
Information Systems 371 -The Internet of Things OverviewInformation Systems 371 -The Internet of Things Overview
Information Systems 371 -The Internet of Things Overview
 
Cyberwar Gets Personal
Cyberwar Gets PersonalCyberwar Gets Personal
Cyberwar Gets Personal
 
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
 
Bringing the Entire Information Security Semester Together With a Team Project
Bringing the Entire Information Security Semester Together With a Team ProjectBringing the Entire Information Security Semester Together With a Team Project
Bringing the Entire Information Security Semester Together With a Team Project
 
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
 
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
 
Information Security Fall Semester 2016 - Course Wrap Up Summary
Information Security Fall Semester 2016 - Course Wrap Up SummaryInformation Security Fall Semester 2016 - Course Wrap Up Summary
Information Security Fall Semester 2016 - Course Wrap Up Summary
 
Organizational Phishing Education
Organizational Phishing EducationOrganizational Phishing Education
Organizational Phishing Education
 
Security Operations -- An Overview
Security Operations -- An OverviewSecurity Operations -- An Overview
Security Operations -- An Overview
 
Network Design, Common Network Terminology and Security Implications
Network Design, Common Network Terminology and Security ImplicationsNetwork Design, Common Network Terminology and Security Implications
Network Design, Common Network Terminology and Security Implications
 
Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application Security
 
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
 

Information Systems Security 365/765 UW-Madison

  • 1. Information Security 365/765, Fall Semester, 2014 Course Instructor, Nicholas Davis Lecture 7, Physical Security
  • 2. TTooddaayy’’ss CCaannddyy TTwwiizzzzlleerrss Twizzlers is a brand of candy in the United States and Canada. Twizzlers is the product of Y&S Candies, Inc., of Lancaster, Pennsylvania, now a subsidiary of The Hershey Company. In 1908 a plant was opened in Montreal and in 1929 the Twizzler brand was established 10/02/14 UNIVERSITY OF WISCONSIN 2
  • 3. PPhhyyssiiccaall SSeeccuurriittyy It used to be easy, way back in the 1960s Today, with IT assets on every desk, we have: Theft Fraud Vandalism Sabotage Accidents 10/02/14 UNIVERSITY OF WISCONSIN 3
  • 4. LLeett’’ss WWaattcchh aann IInntteerreessttiinngg VViiddeeoo AAbboouutt tthhee HHiissttoorryy ooff PPhhyyssiiccaall SSeeccuurriittyy https://www.youtube.com/watch?v=- eVSR9tder0 20 Minutes 10/02/14 UNIVERSITY OF WISCONSIN 4
  • 5. FFuunnnnyy CCaarrttoooonn VViiddeeoo BBuutt,, iitt MMaakkeess aa GGoooodd PPooiinntt https:// www.youtube.com/watch?v=tmOGJVDvJaQ 2 minutes 10/02/14 UNIVERSITY OF WISCONSIN 5
  • 6. FFoouurr MMaajjoorr PPhhyyssiiccaall SSeeccuurriittyy TThhrreeaattss Natural environmental Supply system Human made Politically motivated Good security program protects against all of these, in layers 10/02/14 UNIVERSITY OF WISCONSIN 6
  • 7. PPhhyyssiiccaall TThhrreeaattss NNaattuurraall // EEnnvviirroonnmmeennttaall Floods, earthquakes, storms, volcanoes 10/02/14 UNIVERSITY OF WISCONSIN 7
  • 8. PPhhyyssiiccaall TThhrreeaattss SSuuppppllyy SSyysstteemm Power, communications, supply of water, etc. 10/02/14 UNIVERSITY OF WISCONSIN 8
  • 9. PPhhyyssiiccaall TThhrreeaattss HHuummaann MMaaddee Unauthorized access, damage by angry employees, employee errors and accidents, vandalism, fraud, theft 10/02/14 UNIVERSITY OF WISCONSIN 9
  • 10. PPhhyyssiiccaall TThhrreeaattss PPoolliittiiccaallllyy MMoottiivvaatteedd TThhrreeaattss Strikes, riots, civil disobedience, terrorist attacks, bombings 10/02/14 UNIVERSITY OF WISCONSIN 10
  • 11. WWhhaatt CCoonnssttiittuutteess aa GGoooodd SSeeccuurriittyy PPllaann Crime and disruption through deterrence Fences, security guards, warning signs, etc. 10/02/14 UNIVERSITY OF WISCONSIN 11
  • 12. WWhhaatt CCoonnssttiittuutteess aa GGoooodd SSeeccuurriittyy PPllaann Reduction of damage through use of delaying mechanisms Layers of defenses that slow down the adversary, such as locks, security personnel, barriers 10/02/14 UNIVERSITY OF WISCONSIN 12
  • 13. WWhhaatt CCoonnssttiittuutteess aa GGoooodd SSeeccuurriittyy PPllaann Crime or disruption detection Smoke detectors, motion detectors, surveillance cameras, etc 10/02/14 UNIVERSITY OF WISCONSIN 13
  • 14. WWhhaatt CCoonnssttiittuutteess aa GGoooodd SSeeccuurriittyy PPllaann Incident assessment Response of personnel to quickly evaluate situation and damage level 10/02/14 UNIVERSITY OF WISCONSIN 14
  • 15. WWhhaatt CCoonnssttiittuutteess aa GGoooodd SSeeccuurriittyy PPllaann Rapid response procedures Fire suppression systems, emergency response systems, law enforcement notification 10/02/14 UNIVERSITY OF WISCONSIN 15
  • 16. 55 CCoorree SStteeppss iinn aa PPhhyyssiiccaall SSeeccuurriittyy SSyysstteemm Deter Delay Detect Assess Respond 10/02/14 UNIVERSITY OF WISCONSIN 16
  • 17. SSiiddeewwaallkk,, LLiigghhttss aanndd LLaannddssccaappiinngg FFoorr PPrrootteeccttiioonn 10/02/14 UNIVERSITY OF WISCONSIN 17
  • 18. PPhhyyssiiccaall AAcccceessss CCoonnttrrooll FFoorr VViissiittoorrss Limit the number of entry points Force all guests to sign-in at a common location Reduce entry points even more, after hours and on weekends Validate a government issued picture ID before allowing entry Require all guests to be escorted by a full time employee Encourage employees to question strangers 10/02/14 UNIVERSITY OF WISCONSIN 18
  • 19. NNaattuurraall SSuurrvveeiillllaannccee Natural Surveillance is the intentional and visible surveillance, to make potential criminals aware that they are being watch and make all others feel safe 10/02/14 UNIVERSITY OF WISCONSIN 19
  • 20. TTeerrrriittoorriiaall RReeiinnffoorrcceemmeenntt Building facilities in such a way as you make people feel secure, open, visible, strong, etc. 10/02/14 UNIVERSITY OF WISCONSIN 20
  • 21. SSeelleeccttiinngg aa FFaacciilliittyy SSiittee Visibility – Terrain, neighbors, population Surrounding area – Crime, riots, police, medical, fire, other hazzards Accessibility – Road access, traffic, airport access, etc Natural Disasters – floods, tornadoes, earthquakes, rain, etc 10/02/14 UNIVERSITY OF WISCONSIN 21
  • 22. EEnnttrryy PPooiinnttss Windows and doors are the standard access points. They should be secure, strong, foolproof Walls should be at least as strong as the doors and windows 10/02/14 UNIVERSITY OF WISCONSIN 22
  • 23. AA HHuummaann TTrraapp Only allows one person into a secure area at a time Open first door, enter Wait for first door to close Enter second door to secure area Only enough space for one person at a time 10/02/14 UNIVERSITY OF WISCONSIN 23
  • 24. DDoonn’’tt FFoorrggeett AAbboouutt tthhee CCeeiilliinngg 10/02/14 UNIVERSITY OF WISCONSIN 24
  • 25. IInn CCoommppuutteerr FFaacciilliittiieess WWaatteerr DDeetteeccttoorrss AArree IImmppoorrttaanntt Water detectors should be placed under raised floors and on ceilings 10/02/14 UNIVERSITY OF WISCONSIN 25
  • 26. LLaappttooppss AArree OOnnee ooff tthhee MMoosstt FFrreeqquueennttllyy SSttoolleenn PPhhyyssiiccaall AAsssseettss Inventory the laptops Harden the Operating system Password protect BIOS Register laptops with vendor Don’t check laptop as baggage! Don’t leave laptop unattended Engrave the laptop visibly Use a physical cable and lock Backup data Encrypt hard disk Store in secure place when not in use 10/02/14 UNIVERSITY OF WISCONSIN 26
  • 27. EElleeccttrriicc PPoowweerr Electricity is the lifeline of the company Use multiple supply circuits coming into the facility Filter power for a clean electrical signal, important for computers Have a backup generator, test it regularly Have an appropriately sized battery backup power supply (UPS) Test EVERYTHING, test OFTEN 10/02/14 UNIVERSITY OF WISCONSIN 27
  • 28. KKeeeepp AAllll WWiirriinngg OOrrggaanniizzeedd OOnn CCoommppuutteerr EEqquuiippmmeenntt Reduces confusion Makes troubleshooting easier Lower risk of fire hazard Lower risk of electrical interference Looks professional and trustworthy, in case visitors come through Use shielded cabling to stop electrical interference Don’t run electrical wiring close to fluorescent lighting 10/02/14 UNIVERSITY OF WISCONSIN 28
  • 29. AAnn EExxaammppllee ooff WWhhaatt NNoott ttoo DDoo 10/02/14 UNIVERSITY OF WISCONSIN 29
  • 30. MMaakkee SSuurree AAllll UUttiilliittyy LLiinneess HHaavvee EEmmeerrggeennccyy SShhuuttooffff VVaallvveess 10/02/14 UNIVERSITY OF WISCONSIN 30
  • 31. SSttaattiicc EElleeccttrriicciittyy,, tthhee IInnvviissiibbllee EEnneemmyy Protect against static electricity, which can destroy computer equipment: Antistatic flooring Humidity levels should be kept moderate Use proper electrical grounding No carpeting, ever!!! Use anti-static bands on wrist when working on a computer server 10/02/14 UNIVERSITY OF WISCONSIN 31
  • 32. HHVVAACC –– HHeeaattiinngg,, VVeennttiillaattiioonn,, AAiirr CCoonnddiittiioonniinngg Important to have commercial grade systems to keep temperature are proper level, and keep air filtered and circulating 10/02/14 UNIVERSITY OF WISCONSIN 32
  • 33. EEvveerryy GGoooodd CCoommppaannyy IIss FFuullll ooff LLiieebbeerrtt 10/02/14 UNIVERSITY OF WISCONSIN 33
  • 34. WWaatteerr SSpprriinnkklleerr SSyysstteemmss There are two types: Wet Pipe – always contains water Advantage – always ready for use Disadvantage – most costly, possibility of accidental release of water Dry Pipe – has to be connected to a tank Advantage – no risk of accidental water release Disadvantage – not ready immediately 10/02/14 UNIVERSITY OF WISCONSIN 34
  • 35. OOtthheerr SSeeccuurriittyy CCoonnttrroollss Fences – different heights, strengths Bollards – those odd looking posts in front of Best Buy Lighting – one of the best deterrents around, cheap and effective Locks – usually easy to defeat, but good as once layer of security for defense in depth strategy CCTV – Efficient for monitoring 10/02/14 UNIVERSITY OF WISCONSIN 35
  • 36. AAuuddiittiinngg PPhhyyssiiccaall AAcccceessss CCrriittiiccaall PPiieecceess ooff IInnffoorrmmaattiioonn The date and time of the access attempt The entry point at which access was attempted The user ID associated with the access attempt Any unsuccessful attempts, especially if done during unauthorized hours 10/02/14 UNIVERSITY OF WISCONSIN 36
  • 37. TTeessttss aanndd DDrriillllss Need to be developed Must be put into action, at least once per year, generally speaking Must be documented Must be put in easily accessible places People must be assigned specific tasks People should be taught and informed on how to fulfill specific tasks Determine in advance what will determine success 10/02/14 UNIVERSITY OF WISCONSIN 37
  • 38. AA NNoottee AAbboouutt CCrreeddiitt CCaarrdd RReeaaddeerr PPhhyyssiiccaall SSeeccuurriittyy https:// www.youtube.com/watch?v=XipjYIbBj7k Physical access to credit card transaction equipment is one of the greatest physical security threats facing most small businesses in the United States, but most people never give it a second thought 10/02/14 UNIVERSITY OF WISCONSIN 38
  • 39. 10/02/14 UNIVERSITY OF WISCONSIN 39
  • 40. 10/02/14 UNIVERSITY OF WISCONSIN 40
  • 41. 10/02/14 UNIVERSITY OF WISCONSIN 41
  • 42. 10/02/14 UNIVERSITY OF WISCONSIN 42
  • 43. 10/02/14 UNIVERSITY OF WISCONSIN 43
  • 44. 10/02/14 UNIVERSITY OF WISCONSIN 44
  • 45. 10/02/14 UNIVERSITY OF WISCONSIN 45
  • 46. 10/02/14 UNIVERSITY OF WISCONSIN 46
  • 47. 10/02/14 UNIVERSITY OF WISCONSIN 47
  • 48. 10/02/14 UNIVERSITY OF WISCONSIN 48
  • 49. 10/02/14 UNIVERSITY OF WISCONSIN 49
  • 50. 10/02/14 UNIVERSITY OF WISCONSIN 50
  • 51. 10/02/14 UNIVERSITY OF WISCONSIN 51
  • 52. 10/02/14 UNIVERSITY OF WISCONSIN 52
  • 53. 10/02/14 UNIVERSITY OF WISCONSIN 53
  • 54. 10/02/14 UNIVERSITY OF WISCONSIN 54
  • 55. 10/02/14 UNIVERSITY OF WISCONSIN 55
  • 56. 10/02/14 UNIVERSITY OF WISCONSIN 56
  • 57. 10/02/14 UNIVERSITY OF WISCONSIN 57
  • 58. 10/02/14 UNIVERSITY OF WISCONSIN 58
  • 59. 10/02/14 UNIVERSITY OF WISCONSIN 59
  • 60. 10/02/14 UNIVERSITY OF WISCONSIN 60
  • 61. 10/02/14 UNIVERSITY OF WISCONSIN 61
  • 62. 10/02/14 UNIVERSITY OF WISCONSIN 62
  • 63. 10/02/14 UNIVERSITY OF WISCONSIN 63