Physical security involves preventing unauthorized access to computer systems and protecting data. It includes securing the company surroundings with fences, gates, and guards. Within premises, CCTV cameras, intruder alarms, and window/door bars provide security. Servers should be locked in enclosed rooms, and workstations in open areas need locks and CCTV monitoring. Access controls like smart cards, biometrics, and entry logs restrict access to sensitive areas. Wireless networks and other equipment also require security measures like encryption and locked storage to protect physical integrity of systems and data.
In the fields of physical security and information security, access control (AC) is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization. It is all about the physical security of the of the organization using the information technology and for the purpose of the restricting the access of unauthorized people and unauthorized employees. Saving your organization physically.
In the fields of physical security and information security, access control (AC) is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization. It is all about the physical security of the of the organization using the information technology and for the purpose of the restricting the access of unauthorized people and unauthorized employees. Saving your organization physically.
Operational technology (OT) and information technology (IT) security protect devices, networks, systems, and users. Cybersecurity has long been critical in IT and helps organizations keep sensitive data safe, ensure users connect to the internet securely, and detect and prevent potential cyberattacks.
Mobile Phone Basics, Inside Mobile Devices, Digital Networks, Mobile Phone Seizure, Mobile Phone Examination, Mobile Forensics Equipment, Cell Seizure Tool, SIMIS, XRY,
Physical security is the protection of personnel, hardware, software, networks and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution. This includes protection from fire, flood, natural disasters, burglary, theft, vandalism and terrorism.
Cyber Threat Intelligence (CTI) primarily focuses on analysing raw data gathered from recent and past events to monitor, detect and prevent threats to an organisation, shifting the focus from reactive to preventive intelligent security measures.
Cybersecurity Awareness Training Presentation v2021.08DallasHaselhorst
This free cybersecurity awareness training slide deck is meant to be used by organizations and end users to help them better understand ways they can avoid scams, cyber attacks, and become more security aware. This slide deck is based on version 2021.08 of our wildly popular slide deck we originally released as open-source in September 2019. In just over 6 months, version 1.0 was downloaded thousands of times and in over 150 countries!
On our website, you will also find several other related goodies. For example, we have free and downloadable worksheets referenced in the training. These worksheets provide material that attendees can take back home with them to try out and continue the security conversation. We also have free cybersecurity quizzes that are based directly off of this material so anyone can test their awareness knowledge. We even have a downloadable 'certificate of completion' for this training, which allows attendees to fill-in their name and date so they can then print it out to show others (or even their employer) that they are now more cyber aware.
https://www.treetopsecurity.com/cat
On our website, we also have a video/webinar presentation of this material if you would like to share it with others.
https://www.treetopsecurity.com/cat#video
Do you want to take this content and present it in your own community or business? Fantastic! You may download this slide deck as editable content. This allows you to make changes and present it at your local library, business events, co-working spaces, schools, etc. The latest version is always available on our website as a Microsoft PowerPoint presentation (.pptx) or Google Slides using ‘Make a Copy’. Those downloadable versions from our website also include speaker notes to provide talking points or tips for anyone delivering the content.
https://www.treetopsecurity.com/slides
Operational technology (OT) and information technology (IT) security protect devices, networks, systems, and users. Cybersecurity has long been critical in IT and helps organizations keep sensitive data safe, ensure users connect to the internet securely, and detect and prevent potential cyberattacks.
Mobile Phone Basics, Inside Mobile Devices, Digital Networks, Mobile Phone Seizure, Mobile Phone Examination, Mobile Forensics Equipment, Cell Seizure Tool, SIMIS, XRY,
Physical security is the protection of personnel, hardware, software, networks and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution. This includes protection from fire, flood, natural disasters, burglary, theft, vandalism and terrorism.
Cyber Threat Intelligence (CTI) primarily focuses on analysing raw data gathered from recent and past events to monitor, detect and prevent threats to an organisation, shifting the focus from reactive to preventive intelligent security measures.
Cybersecurity Awareness Training Presentation v2021.08DallasHaselhorst
This free cybersecurity awareness training slide deck is meant to be used by organizations and end users to help them better understand ways they can avoid scams, cyber attacks, and become more security aware. This slide deck is based on version 2021.08 of our wildly popular slide deck we originally released as open-source in September 2019. In just over 6 months, version 1.0 was downloaded thousands of times and in over 150 countries!
On our website, you will also find several other related goodies. For example, we have free and downloadable worksheets referenced in the training. These worksheets provide material that attendees can take back home with them to try out and continue the security conversation. We also have free cybersecurity quizzes that are based directly off of this material so anyone can test their awareness knowledge. We even have a downloadable 'certificate of completion' for this training, which allows attendees to fill-in their name and date so they can then print it out to show others (or even their employer) that they are now more cyber aware.
https://www.treetopsecurity.com/cat
On our website, we also have a video/webinar presentation of this material if you would like to share it with others.
https://www.treetopsecurity.com/cat#video
Do you want to take this content and present it in your own community or business? Fantastic! You may download this slide deck as editable content. This allows you to make changes and present it at your local library, business events, co-working spaces, schools, etc. The latest version is always available on our website as a Microsoft PowerPoint presentation (.pptx) or Google Slides using ‘Make a Copy’. Those downloadable versions from our website also include speaker notes to provide talking points or tips for anyone delivering the content.
https://www.treetopsecurity.com/slides
In addition to the usual Editor’s rants about security, this issue (March 2015) has papers about a nuclear security (physical) training model, attack-tree analysis for nuclear cyber security, security sensor testing, security of sealed radiological sources, adversary-based security engineering, airport and marina watch programs, and an essay on why security fails.
Previous issues can be viewed and downloaded at http://jps.rbsekurity.com
Access Control: Principles and PracticeNabeel Yoosuf
Slides prepared based on the paper Access Control: Principles and Practice by Ravi S. Sandhu and Pierangela Samarati, IEEE Communications Magazine, 1994
This was a presentation I did on PLONS "Physical Layer Optical Network Security" for the Central New York ISSA Chapter which was derived from my Masters Thesis
2009 Security Mega Trends & Emerging ThreatsLumension
To help define what the biggest security threats will be to an organization’s sensitive and confidential data over the next 12 to 24 months, Lumension has teamed up with the Ponemon Institute, a leading research firm, to charter our first annual 2009 Security Mega Trends Survey. The survey also outlines key alignments and gaps between two traditionally disparate groups - IT Security and IT Operations when it comes to these new and emerging threats.
The physical infrastructure is the foundation on which all enterprise systems operate – power, communication, computing, control, and security. Research shows that faults within the physical infrastructure cause a majority of system downtime.
What is PROFIsafe and how does it work? What do we mean by “Safety”?
“The condition of being safe; freedom from danger, risk, or injury.”
In the UK (and Europe) this can cover many areas and industries, for example:
Supply of Machinery (Safety) Regulations
Electromagnetic Compatibility Regulations
Electrical Equipment (Safety) Regulations
Pressure Equipment Regulations
Simple Pressure Vessels (Safety) Regulations
Equipment and Protective Systems Intended for Use in Potentially
Explosive Atmospheres Regulations
Lifts Regulations
Medical Devices Regulations
Gas Appliances (Safety) Regulations
Therefore:
Coexistence of standard and failsafe communication
Chapter 18 vital records recoveryVital assetsIn.docxketurahhazelhurst
Chapter 18:
vital records recovery
Vital assets
Information stored on any media
Personal data
Important business data
Contracts
Customer lists
Personnel files
Vital records inventory
Records, Media, Originating department, location
Locate your Records
Where and how are they stored?
Prioritize your records
Ranking to determine which records need to be restored first
Records transportation
Just as important as storing, we need to think about how we transport our vital records.
Security – security during and after transportation
Magnetic recordings – take care as many factors can effect this medium
Records retention
Establish records retention requirements
Eliminate obsolete documents
Identify critical records
End of life plan – destruction of documents
Media storage
Each media storage type will require different storage parameters:
Paper document storage
Microfilm storage
Magnetic media storage
Risk assessment
Storage risks include:
Water
Smoke
Structural problems
Fire
Humidity
High heat and deep cold
Wide temperature swings
Theft
Sabotage
Insects and rodents
Magnetic fields
Fire control systems mitigation
Fire control systems
smoke alarms and fire detection
sprinklers
gas fire suppression
fire extinguishers
fireproof containers
fire drills
good housekeeping
electrical equipment
Environmental issues mitigation
Environmental Issues:
moisture sensors and alarms
humidifier/dehumidifier
temperature control
magnetic check
Other issues mitigation
Other Issues:
secured access
off-site duplication of key records
pest extermination
proper storage
Security mitigation actions
Controlling access is important to prevent:
Reading your records
Stealing records
Damaging your records
Action steps for your plan
Materials needed for an emergency fall in several categories:
General items
Portable equipment
Individual equipment
Drying and cleaning materials
Containment materials
Maintenance activities
Plan as part of your normal routine:
Daily actions task
Every week task
Quarterly action task
Immediate action team
Damage containment team
Assessment team
Shuttle team
Triage team
Recovery techniques
Water damage to paper records
Air drying
Freeze drying
Determine what documents are unrecoverable
Fire damage of paper records
Microfilm
Optical and magnetic media
summary
Vital records protection is not difficult but necessary
Have a good retention policy in place
Monitor all storage media
.MsftOfcThm_Accent1_Fill {
fill:#4472C4;
}
.MsftOfcThm_Accent1_Stroke {
stroke:#4472C4;
}
1. Describe best practices to develop and prepare to lead risk management mitigation exercises related to illegal border activity.
2. Using IS-120.A: An Introduction to Exercises from EMI/FEMA as a process guide, develop a border activity desktop risk management mitigation exercise to be submitted to your instructor for review.
Chapter 17: t ...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Jiunn-Jer Sun
Agenda
- The unknown truth of cyber threats
- The myths of network security
- Attack and defense analysis
- IEC 62443 standard and how it impacts on you
- IT vs. OT security and the golden rule of defense
- A foundation where technology meets humanity
This presentation talks about the physical security. Physical security is also useful in our today's lives especially when we are working at a corporate company.
These are the slides from the physical security presentation at the Cincinnati Networking Professionals Association Security Special Interest Group (CiNPA Security SIG) meeting on 08/16/2018. Topics covered include physical security control types and methods.
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...PaulBryant58
This article provides a comprehensive guide on how to
effectively manage the convert Accpac to QuickBooks , with a particular focus on utilizing online accounting services to streamline the process.
Enterprise Excellence is Inclusive Excellence.pdfKaiNexus
Enterprise excellence and inclusive excellence are closely linked, and real-world challenges have shown that both are essential to the success of any organization. To achieve enterprise excellence, organizations must focus on improving their operations and processes while creating an inclusive environment that engages everyone. In this interactive session, the facilitator will highlight commonly established business practices and how they limit our ability to engage everyone every day. More importantly, though, participants will likely gain increased awareness of what we can do differently to maximize enterprise excellence through deliberate inclusion.
What is Enterprise Excellence?
Enterprise Excellence is a holistic approach that's aimed at achieving world-class performance across all aspects of the organization.
What might I learn?
A way to engage all in creating Inclusive Excellence. Lessons from the US military and their parallels to the story of Harry Potter. How belt systems and CI teams can destroy inclusive practices. How leadership language invites people to the party. There are three things leaders can do to engage everyone every day: maximizing psychological safety to create environments where folks learn, contribute, and challenge the status quo.
Who might benefit? Anyone and everyone leading folks from the shop floor to top floor.
Dr. William Harvey is a seasoned Operations Leader with extensive experience in chemical processing, manufacturing, and operations management. At Michelman, he currently oversees multiple sites, leading teams in strategic planning and coaching/practicing continuous improvement. William is set to start his eighth year of teaching at the University of Cincinnati where he teaches marketing, finance, and management. William holds various certifications in change management, quality, leadership, operational excellence, team building, and DiSC, among others.
Premium MEAN Stack Development Solutions for Modern BusinessesSynapseIndia
Stay ahead of the curve with our premium MEAN Stack Development Solutions. Our expert developers utilize MongoDB, Express.js, AngularJS, and Node.js to create modern and responsive web applications. Trust us for cutting-edge solutions that drive your business growth and success.
Know more: https://www.synapseindia.com/technology/mean-stack-development-company.html
3.0 Project 2_ Developing My Brand Identity Kit.pptxtanyjahb
A personal brand exploration presentation summarizes an individual's unique qualities and goals, covering strengths, values, passions, and target audience. It helps individuals understand what makes them stand out, their desired image, and how they aim to achieve it.
Business Valuation Principles for EntrepreneursBen Wann
This insightful presentation is designed to equip entrepreneurs with the essential knowledge and tools needed to accurately value their businesses. Understanding business valuation is crucial for making informed decisions, whether you're seeking investment, planning to sell, or simply want to gauge your company's worth.
Falcon stands out as a top-tier P2P Invoice Discounting platform in India, bridging esteemed blue-chip companies and eager investors. Our goal is to transform the investment landscape in India by establishing a comprehensive destination for borrowers and investors with diverse profiles and needs, all while minimizing risk. What sets Falcon apart is the elimination of intermediaries such as commercial banks and depository institutions, allowing investors to enjoy higher yields.
Affordable Stationery Printing Services in Jaipur | Navpack n PrintNavpack & Print
Looking for professional printing services in Jaipur? Navpack n Print offers high-quality and affordable stationery printing for all your business needs. Stand out with custom stationery designs and fast turnaround times. Contact us today for a quote!
The world of search engine optimization (SEO) is buzzing with discussions after Google confirmed that around 2,500 leaked internal documents related to its Search feature are indeed authentic. The revelation has sparked significant concerns within the SEO community. The leaked documents were initially reported by SEO experts Rand Fishkin and Mike King, igniting widespread analysis and discourse. For More Info:- https://news.arihantwebtech.com/search-disrupted-googles-leaked-documents-rock-the-seo-world/
Improving profitability for small businessBen Wann
In this comprehensive presentation, we will explore strategies and practical tips for enhancing profitability in small businesses. Tailored to meet the unique challenges faced by small enterprises, this session covers various aspects that directly impact the bottom line. Attendees will learn how to optimize operational efficiency, manage expenses, and increase revenue through innovative marketing and customer engagement techniques.
Remote sensing and monitoring are changing the mining industry for the better. These are providing innovative solutions to long-standing challenges. Those related to exploration, extraction, and overall environmental management by mining technology companies Odisha. These technologies make use of satellite imaging, aerial photography and sensors to collect data that might be inaccessible or from hazardous locations. With the use of this technology, mining operations are becoming increasingly efficient. Let us gain more insight into the key aspects associated with remote sensing and monitoring when it comes to mining.
Attending a job Interview for B1 and B2 Englsih learnersErika906060
It is a sample of an interview for a business english class for pre-intermediate and intermediate english students with emphasis on the speking ability.
2. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 2/40
What Is the Need for Physical Security?What Is the Need for Physical Security?
To prevent any unauthorized
access to computer systems
To prevent tampering/stealing
of data from computer systems
To protect the integrity of the
data stored in the computer
To prevent the loss of
data/damage to systems
against any natural calamities
3. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 3/40
Physical Security Checklist
Company surroundings
Premises
Reception
Server
Workstation area
Wireless access points
Other equipment, such as fax, and
removable media
Access control
Computer equipment maintenance
Wiretapping
Remote access
4. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 4/40
Physical Security Checklist: Company
Surroundings
The entrance to the company
premises should be restricted to
only authorized access
The following is the checklist for
securing the company
surroundings:
Fences
Gates
Walls
Guards
Alarms
7. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 7/40
Physical Security Checklist: Premises
Premises can be protected by the
following:
Checking for roof/ceiling access through
AC ducts
Use of CCTV cameras with monitored
screens and video recorders
Installing intruder systems
Installing panic buttons
Installing burglar alarms
Windows and door bars
Deadlocks
9. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 9/40
Physical Security Checklist: Reception
The reception area is supposed to be a busier area
than other areas of the firm with the number of
people entering and exiting
The reception area can be protected by the
following:
Files and documents, removable media, etc. should
not be kept on the reception desk
Reception desks should be designed to discourage
inappropriate access to the administrative area by
non-staff members
Computer screens should be positioned in such a way
that people cannot observe the screen near the
reception desk
Computer monitors, keyboards, and other equipment
at the reception desk should be locked whenever the
receptionist is away from the desk and they should be
logged off after office hours
11. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 11/40
Physical Security Checklist: Server
The server, which is the most important
factor of any network, should be given a high
level of security
The server room should be well-lit
The server can be secured by the following
means:
Server should not be used to perform day-to-
day activities
It should be enclosed and locked to prevent
any physical movement
DOS should be removed from Windows
Servers as an intruder can boot the server
remotely by DOS
Disable booting from the floppy disk and CD-
ROM drives on the server or, if possible,
avoid having these drives onthe server
13. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 13/40
Physical Security Checklist:Workstation
Area
This is the area where a majority of
employees work
Employees should be educated
about physical security
The workstation area can be
physically secured by taking the
following steps:
Use CCTV
Screens and PCs should be
locked
Workstation layout design
Avoid removable media drives
14. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 14/40
Physical Security Checklist: Wireless Access
Points
If an intruder successfully connects to the
firm’s wireless access points, then he is
virtually inside the LAN like any other
employee of the firm
To prevent such unauthorized access, the
wireless access points should be secured
The following guidelines should be
followed:
WEP encryption should be followed
SSID should not be revealed
Access points should be password protected
to gain entry
Passwords should be strong enough so that
they cannot be easily cracked
15. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 15/40
Physical Security Checklist: OtherPhysical Security Checklist: Other
EquipmentEquipment
Other equipment, such as fax, and
removable media should be secured
by following these steps:
Fax machines near the reception area
should be locked when the receptionist
is not at the desk
Faxes obtained should be filed properly
Modems should not have auto answer
mode enabled
Removable media should not be
placed in public places, and corrupted
removable media should be physically
destroyed
16. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 16/40
Physical Security Checklist: Access
Control
Access control is used to prevent
unauthorized access to any highly
sensitive operational areas
The types of access controls are:
Separation of work areas
Biometric access control
Entry cards
Man traps
Faculty sign-in procedures
Identification badges
17. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 17/40
Physical Security Checklist: Biometric
Devices
According to www.whatis.com “Biometrics is the science and
technology of measuring and statistically analyzing biological
data”
Biometric devices consist of a reader or scanning device,
software that converts the scanned information into digital form,
and a location for the data to be analyzed; for instance a
database that stores the biometric data for comparison with
previous records
The following methods are used by biometric devices for
access control:
Fingerprints
Face scan
Iris scan
Voice recognition
18. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 18/40
Biometric Identification TechniquesBiometric Identification Techniques
Physiological Biometric Techniques
Fingerprinting
Ridges and furrows on the surface
of a finger are used to identify a
person, which are unique
Iris Scanning
Analyzes the colored part of the eye
suspended behind the cornea
19. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 19/40
Biometric Identification TechniquesBiometric Identification Techniques
Retinal scanning
Identifies a person by analyzing the
layer of blood vessels at the back of
the eye
Vein Structure
Thickness and location of veins are
analyzed to identify person
20. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 20/40
Physical Security Checklist: Smart Cards
A smart card is a plastic card about
the size of a credit card, with an
embedded microchip that can be
loaded with data. This data can be
used for telephone calling, electronic
cash payments, and other
applications, and then periodically
refreshed for additional use
A smart card contains more
information than a magnetic strip
card, and can be programmed for
different applications
21. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 21/40
Physical Security Checklist: Computer
Equipment Maintenance
Appoint a person who will be responsible for looking
after the computer equipment maintenance
Computer equipment in a warehouse should also be
accounted for
The AMC company personnel should not be left alone
when they come for the maintenance of the computer
equipment
The toolboxes and the bags of the AMC company
personnel should be thoroughly scanned for any
suspicious materials that could compromise the
security of the firm
22. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 22/40
Physical Security Checklist: Wiretapping
According to www.freesearch.com
wiretapping is the action of secretly
listening to other people’s
conversations by connecting a
listening device to their telephone
According to www.howstuffworks.com,
“wiretap is a device that can interpret
these patterns as sound”
You can do few things to make sure
that no one is wiretapping:
Inspect all the data carrying wires
routinely
Protect the wires using shielded cables
Never leave any wire exposed
23. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 23/40
Physical Security Checklist: Remote
Access
Remote access is an easy way for an employee of a
firm to work from any place outside the company’s
physical boundaries
Remote access to the company’s networks should be
avoided as much as possible
It is easy for an attacker to remotely access the
company’s network by compromising the employee’s
connection
The data being transferred during the remote access
should be encrypted to prevent eavesdropping
Remote access is more dangerous than physical
access as the attacker is not in the vicinity, and the
probability of catching him is less
24. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 24/40
Locks
Locks are used to restrict physical access to an asset
They are used on any physical asset that needs to be
protected from unauthorized access, including doors,
windows, vehicles, cabinets, and equipment
Different levels of security can be provided by locks
depending on how they are designed and
implemented
25. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 25/40
Locks
Locks are either mechanical or electrical:
Mechanical Locks – Mechanical locks have moving
parts that operate without electricity
Electric Locks - Electric locks are comprised of
electronic devices with scanners that identify users and
computers that process codes
Electric locks consist of the following types:
card access systems
electronic combination locks
electromagnetic locks
biometric entry systems
27. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 27/40
Lock Picking
The art of unlocking a lock
without the use of its key
Preventing lock picking:
Use a better quality of lock
Do not give the keys to
anyone, as key imprints
can be taken for making a
duplicate key
Do not reveal the lock
codes
29. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 29/40
Information Security
Hierarchical view to secure
information:
Password protection / Complex
passwords
Encrypted File System
Anti virus software
Firewalls
Intrusion detection systems
Patches and Updates
Lock down unwanted ports /
devices
30. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 30/40
EPS (Electronic Physical Security)
An integrated application of a number of electronic
security systems
EPS includes:
Addressable fire detection systems
Automatic gas suppression systems
CCTV systems (IP Networks, Matrix Switchers, DVR
camera specifications, etc.)
RFID-Biometric- Smart Card Access Control Systems
Intrusion Detection Systems
Scanners, Xray/ Gamma Scanners, Sniffers
Guarding Equipment and Guarding Plan
31. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 31/40
Wireless Security
Wireless Security Measures
Checking the wireless traffic
Enabling WEP/WPA on the
wireless network
MAC address control
End-to-end encryption
VPN (Virtual Private Network)
Access points evaluation
32. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 32/40
Spyware Technologies
Hidden cameras, voice recorders
and spy cameras carried by your
employees can defeat your
physical security policy
Categories:
Video Recorders
Audio Devices
Bug Detectors
Home Security
Spy Gear
37. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 37/40
Physical Security: Lock Down USB Ports
Administrators secure their networks behind firewalls by
installing email filters on their SMTP servers
installing anti-virus software on all client workstations
Sometimes, it may not assure guaranteed protection against
the stealing of data
What if the intruder carries his own USB memory sticks and
connects them to the computers at their office?
In a fraction of a second, an intruder can steal all the business
information needed for establishing his own company where he
can get the customer database
USB stick can be used to:
Hold an entire company's vital data
Compromise the network with an infected stick
To prevent the above situations, there is a need for the
administrator to lock down the USB ports
38. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 38/40
Tool: DeviceLock (www.devicelock.com)
Device Lock is a device control solution to
safeguard network computers against internal
and external attacks
Using Device Lock:
Network administrators can lock out
unauthorized users from USB
Administrators can control access to any
device like floppies, serial and parallel ports,
Magneto-Optical disks, CD-ROMs, ZIPs, USB
Generate a report concerning the permissions
that have been set
Provide a level of precision control over device
resources unavailable
Grant users temporary access to USB devices
when there is no network connection
Control the system remotely using the
centralized management console
Generate a report displaying the USB,
FireWire and PCMCIA devices
39. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 39/40
Blocking the Use of USB Storage Devices
40. Khoa CNTT – ĐH Nông Lâm TP. HCM 2008 40/40
Track Stick GPS Tracking Device
Track Stick records its own location, time,
date, speed, heading, and altitude at
preset intervals
It can store months of travel information
It receives signals from 24 satellites
orbiting the Earth, where it can calculate
its own position anywhere to within 15
meters
Advantages:
If the laptop is stolen, this device is able to
keep track of its location, so that it is
found easily
Tells you how long the “target” has stayed
in one place