1 / 12

Lesson 8-The Impact of Physical Security on Network Security

Lesson 8-The Impact of Physical Security on Network Security. Background. Businesses have the responsibility of attempting to secure their profitability. They need to secure: Employees Product inventory Trade secrets Strategy information

ojal
Download Presentation

Lesson 8-The Impact of Physical Security on Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Lesson 8-The Impact of Physical Security on Network Security

  2. Background • Businesses have the responsibility of attempting to secure their profitability. • They need to secure: • Employees • Product inventory • Trade secrets • Strategy information • ChoicePoint identity theft - One other interesting item to note in the ChoicePoint breach is the company's position that this was not a network security breach, or a "hack."

  3. Physical Access • Physical access negates all other security measures. • Physical access allows an attacker to plug into an open Ethernet port with a wireless device and bypass internally based firewalls and IDS. • A simple attack that can be used with physical access is by using a boot disk: floppy, CDROM or USB drive. • Information can recorded from keyloggers and keyboard activity • Changes to the operating system gives control to others • Password file can be cracked.

  4. Boot Disk and Imaging • Bootable CD-ROMs may contain a bootable version of an entire operating system complete with drivers (knoppix and auditor). • Drive imaging - it doesn’t change the hard drive and leaves no trace of the crime. Used in forensic work. • A simpler version of the drive imaging attack is outright theft of computers. • The theft of computers; a boot disk to erase all data; or unplugging computers is more effective for a physical DoS attacks rather than a network DoS attack.

  5. Policy and Procedures • Policy and procedures for both computers and users must be in place to mitigate the risk. • Computers • Remove or disable floppy drives on all desktops that do not require them. • Remove or disable the CD-ROM/DVD-ROM as it can boot or auto-run. • Password the BIOS • Disable USB devices if possible. If not, educate users regarding the dangers. USB ports expand the ability for users to connect devices and have them auto-recognize and work without additional drivers or software. • Physically secure the computer - Special access to server rooms should be considered. There should be minimal distribution of sensitive data.

  6. Policy and Procedures • Users – weakest link in security chain • Need to be aware of security issues • Need to be involved in security enforcement • Need to know who to contact • Secure their computers when they walk away • Security guards need to be educated about proper network security as well as physical security. For example: • Multiple extensions ringing in sequence in the middle of the night • Strange people in the parking lot with laptops • Computers rebooting frequently

  7. Access Controls • Access controls means physical barriers. • Layered access provides several perimeters around assets. • Servers placed in a secure area with separate authentication method • Access to servers by authorized personnel only • Server room should be limited to IT staff • Electronic access systems need to be secured and not part of the corporate network.

  8. Closed Circuit TV and Authentication • CCTVs can be very effective, but should be implemented carefully. • IP-based CCTVs and IP-based cameras: • Have access to the internet and are a security risk • Should be placedc on their own network and accessed by security personnel only. • Access controls, network or physical, do not work without some form of authentication. • Access tokens (keys) are the traditional form of physical access authentication. Some of the limitations of keys are: • They are difficult to change. • They are easy to copy. • They are difficult to invalidate.

  9. Smart Cards and Biometrics • Smart cards • Advantage - can enable cryptographic type of authentication, • Disadvantage - primary drawback is that the token is actually being authenticated. • Biometrics is the measurement of biological factors for identifying a specific person. • These factors are based upon parts of the human body that are unique. A computer takes the image of the factor (analog) and reduces it to a numeric value (digitizes it). • When users enter an area, they get re-scanned by the reader, and the computer compares the numeric value being read to the one stored in the database. • Since these factors are unique, then theoretically only the authorized persons can open the door.

  10. Biometric Errors • Biometric Problems – Analog may not encode (digitize) the same way twice. Therefore systems allow some error in the scan while not allowing too much. • This introduces the concept of false positives and false negatives. • A false positive biometric allows access to an unauthorized individual. • A false negative biometric system denies access to someone who is authorized. • Stolen Factors (fingerprint from glass). • There is a chance of attackers stealing the uniqueness factor the machine scans and reproducing it to fool the scanner. • Parts of the human body can change forcing the biometric system to allow a higher tolerance for variance in the biometric being read.

  11. Multiple Factor Authentication • Authentication can be separated into three broad categories: • What you are (for example, biometrics) • What you have (for example, tokens) • What you know (for example, passwords) • Multiple factor authentication is simply the combination of two or more types of authentication. • Multiple factor authentication makes it very difficult for an attacker to have the correct materials for authentication. • This method of authentication reduces risk of stolen tokens. • It also enhances biometric security.

  12. Radio Frequency Cards • When contactless radio frequency cards (rfid) are passed near a card reader, the card sends out a code via radio. The reader picks up this code and transmits it to the control panel. The control panel checks the code against the reader it is being read from and the type of access the card has in its database. • Advantages of Radio Frequency Cards • Any card can be deleted from the system. • Some people think they are going to be used by the government to track humans. http://www.wired.com/news/technology/0,70308-0.html?tw=rss.index

More Related