We all have to be concerned with security these days, especially with our computer systems or servers. When thinking security, most first concern themselves with preventing viruses, ransomware, hacking, or phishing. Physical security is the most overlooked vulnerability. Physical layer security is just as important as data layer security and should complement each other. Create a risk assessment for your equipment and peripherals.
Obviously a secure, locked down room hosting your equipment is the first security concern, and the most common. But it won’t always prevent theft or illegal access to the system. The vulnerability can be as easy as the cables running to the system. Obviously, quality product and source with cabling your system are the first steps in protecting them.
Cable Vulnerabilities
There is an enormous amount of data flowing across the cable grids around the world, all of it vulnerable to tapping, theft, and illegal access. Fiber cables are known to be as easy to tap as is copper wiring. All the thief requires is a laptop, optical tap, packet-sniffing software, and an electrical-optical converter to bypass firewalls and data security protocols.
Determine risk assessment even before laying out the cable. Even cables should be low profile, not placed in public spaces where there is ease of access, and one shouldn’t post the fiber optic communication infrastructure online. Integration of data encryption will also help.
Physical micro-bends from clamping or bending cable can allow intruders to capture viable data. Intruders can also access the data with non-touching active taps making it impossible to detect. Implementation of intrusion alert, tampering alert, integrity sensing cables with real-time monitoring can sense a physical disturbance.
Securing Hardware
Ultimately your secure building or room should have full height walls, fireproof ceilings, limited access (minimal doors and no windows), locks, surge protection, reliable power, temperature control, and guards if the budget allows. Policy protocols and enforcement is also a good step to prevent catastrophe, accidents, theft, vandalism, or intrusion. Surveillance systems, log books, access restrictions, and alarms will also help. Low profile placement of equipment is best.
Locked rooms and guards can be compromised by thieves or misguided staff. Cable locks can tie-down equipment to the floor or other anchors. Servers can be mounted to racks bolted to the floor. Cable locks loop around a fixed anchor to the hardware that often comes with a lock plate. Unfortunately, these are able to easily be cut and serve only as a deterrent. Never leave equipment – especially laptops, tablets, or peripherals unattended or connected while not being used. USB drives can also be encrypted to prevent data theft.
If you have to leave portables unattended, use cable locks, lock the doors, or secure the items best way possible. If left in the car, store locked and bagged in the trunk. Don’t set down your laptop on the floor as its easiest to forget that way. If you have to set it down, place it between your legs or feet. Low profile laptop bags not broadcasting the contents are best. The STOP program and/or computerize is good to register with which places a serialized security plate on your equipment making it less of a target and can trace your items if stolen. To prevent data leaving your premises, disable drives and bolt down printers if possible, as they can contain data in their memories that might be vulnerable.
Passwords
Password protect everything and encrypt if necessary. Complicated combinations of upper/lower case, numbers, and special symbols in password construction will be the safest. Enable password measures anytime the hardware is not being used, even if for a minute with system login locks, standby, and screen savers. Avoid web browser auto-fill features.
Backing up Data
Always run backups and have numerous copies of your data. After all, the data is the most valuable property that would be lost if something happens to the hardware. Regardless of physical theft, the data can be damaged by natural causes, computer failures, or accidents. Having backups located in separate physical locations is the best practice as well in case something happens to the original location that could compromise the backup device.
These steps can help prevent losses substantially and preserve the integrity of your data.
Thanks for reading this article. If you're new here, why don't you subscribe for regular updates via RSS feed or via email. You can also subscribe by following @techsling on Twitter or becoming our fan on Facebook. Thanks for visiting!
