Protecting the Physical
As we go on with our lives, we keep thinking of secure passwords, usernames, and logins- but we forget the physical part of it all. In this course, I will go through the different violations and countermeasures to strengthen our physical security in both enterprise and private.
Vulnerabilities and Countermeasures
There are many things we do that we don’t pay attention to when dealing with vulnerabilities in the physical world. It’s important to always ask yourself if something can be breached by the actions you do- or even forgetting to do. Below are my top violations of security in both personal and corporate environment and what to do about it:
• Physical destruction: The goal of the attacker may be to disrupt operations through physical destruction. If the equipment you’re using is easily accessible and prone to damage, you may result in loss of data and ruined equipment.
What to do: Make sure to lock doors to rooms and lock up eventual devices that are vulnerable when you’re gone. If you have hard disks laying around, it could be a good idea to hide these away.
• Not locking our Computer or equipment: When a computer or device is left unlocked, whether physically or virtually, we are leaving it susceptible to attack of any kind. It could be physical theft, or information security vulnerabilities (even if things are password protected).
What to do:Don’t trust the people around you too easily and lock your computer virtually and physically when you’re gone. Use Windows button + L. for virtually locking your computer. Physical computer locks can come in the form of cable locks, docking stations which lock, or padlocks which prevent a computer from being opened. If your office space is open to the public or if you consistently have to leave your computer or laptop unattended, computer locks can prevent an attacker from stealing them as well as stealing your information.
• Local Attacks from USBs: Our computers may be more susceptible to an attack from a physically connected USB than an attack done over the network. Anyone can come and connect a USB whenever and wherever.
What to do: Keep an eye out for foreign flash drives that are connected and make sure that the devices connected to your computer are your own.
• Bypassing security entries without ID: Often people get into buildings that they shouldn’t have access to. A propped open door (which is normally locked) present a huge threat to physical security. Likewise, holding open secure doors, even if it is a polite gesture, bypasses security features to prevent unauthorized entry.
What to do: Do not hold the door open for anyone. Each person must swipe their own card to enter the building. Politeness should also be carefully used as attackers may utilize this for their own good. Stay neutral to strangers.
Building security officers work primarily to identify and deter intruders from gaining access to the building. If you encounter an individual who is trying to tailgate to get into the building, direct them to the security station to badge in. Additionally, if you encounter an unknown individual without their badge displayed or someone who refuses to show you their identification, be sure to inform building security.
ID badges are implemented so that we can easily verify if someone has the authorization to be in a particular area. Badges should never be left unattended for any reason, and should only ever be handed over to security personnel. Keep in mind that attackers can create fake badges that at a glance look legitimate. If in doubt, inform security of suspicious individuals.
• Posting passwords/using default lock combinations: Passwords, pin numbers, and door combination locks should all be kept private. Posting this information, or leaving it set to the default password that can be found in the instruction manual, makes this information available and easily accessible to anyone. It’s a guide 101 on how to fail security.
What to do: Always change private credentials to something hard to guess and keep it private.
• Shredding Credential files: Dumpster diving and finding important information in the trash is incredibly common. If you throw files, hardware or other data you may make yourself exploitable for finding personal information and other things that can be used against you.
What to do: it’s important to shred information and destroy anything that can be recovered easily. If you’re removing information on a hard disk, wipe it instead of formatting it.
• Evacuation or disabling Fire Alarms: Fire alarms that evacuate the building may give a golden opportunity for attackers to enter the building without surveillance or a staff group that is focusing on the security cameras and security policies. In addition, the alarms can as well be turned off like any other malicious virus but as a real-life attack.
What to do: Be aware of your surroundings and make sure that all fire alarms and systems for protection work as they should. If a building is evacuated, then it’s important to have full control about who enters the building and who leaves it.
• Having things on-site, not off-site: Having physical access makes gaining control of our computers and networks much easier. In case of emergencies or breaches, we have full control and access to our system and don’t have to worry about connection or accessibility problems. If you have a lot of things off-site, it’s important to figure out what main processes or information that should be there and what shouldn’t.
• Suspicious Activity: Report suspicious activity and do not take anything for granted. If some applications or services are running slower than before and something isn’t right, don’t take too long before it’s too late. Everything starts with a question of why something is different, and it can end in damage.
• Remembering Security Policy: Regulations/laws apply even in the event of an emergency. Sensitive data must be protected even when fire alarms are escalated.