Analysis of Laptop Security Incident at Los Alamos Laboratory
Download
1 / 17

Analysis of Laptop Security Incident at Los Alamos Laboratory -Ciscop Consulting- - PowerPoint PPT Presentation


  • 75 Views
  • Uploaded on

Analysis of Laptop Security Incident at Los Alamos Laboratory -Ciscop Consulting-. Incident. 80 Laptops lost 67 were stolen 13 Found missing when audited All Laptops lost offsite. How it Happened. No audits No Check-in or check-out procedures There were, but were not followed

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Analysis of Laptop Security Incident at Los Alamos Laboratory -Ciscop Consulting-' - gus


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Incident Laboratory

  • 80 Laptops lost

    • 67 were stolen

    • 13 Found missing when audited

  • All Laptops lost offsite


How it Happened Laboratory

  • No audits

  • No Check-in or check-out procedures

    • There were, but were not followed

    • Failure to know where laptops were


Recommendation Laboratory

  • Establish two security levels

  • Low Risk Classification

    • Desktop or on-campus devices

    • Non classified data

  • High Risk Classification

    • Mobile or laptop devices

    • Sensitive or classified data


Low Risk Classification Laboratory

  • Spiceworks

  • Check-in and out procedures

  • Physically locking machines down

  • More regularly scheduled and formal audits


SpiceWorks Laboratory

  • Separate Spiceworks servers high risk/low risk

    • Additional servers

  • Spiceworks audits daily electronically

    • Only if computer doesn’t check in for the day Monday-Friday


Lock Down Machines Laboratory

  • Non mobile devices locked down

  • Laptop Lockdowns

    • $10

  • Desktop lockdowns

    • $10/15ft of cable

      • Covers 3 computers

    • $3 per lock


High Risk Classification Laboratory

  • Beacons

  • RFID

  • Encrypted hard drives


Beacons Laboratory

  • Constantly sends a location packet to the server

  • Wipes the hard dive upon server request

  • Built into the BIOS

  • Can be used as an auditing tool


RFID’s Laboratory

  • Passive tags

  • Creates a log of when and

  • where a device leaves

  • High implementation costs

  • Low recurring costs


RFID’s Laboratory

  • Estimated prices

    • Readers $500 - $2,000

    • Tags 7-15 cents each

    • Support software


Encrypted Hard drives Laboratory

  • All Mobile devices

  • Full Disc Encryption (FDE)

    • Uses AES requires authentication before boot up will occur

      • Password

      • Biometrics

      • Smart cards

    • Hard ware encryption

    • Seagate Monentus 7200 rpm FDE.2 ST9250411AS 89.99


Check in out procedures
Check-in/out Procedures Laboratory

  • RFID’s help to denote high and low risk

  • Low risk laptops

    • Basic Check-out procedures

      • Once weekly

      • Monitored by SpiceWorks

        • SpiceWorks audits once weekly

  • High risk laptops

    • Check-out Daily

    • Check-in Daily

    • Constantly Monitored by SpiceWorks


References Laboratory


Questions? Laboratory



ad