Categories

Recent Comments

Office layout and usage

Written by admin on 27 December 2008

Office design and usage can either help or hinder physical security.

Hackers may exploit some office vulnerabilities. Consider these attack points:

  •  Does a receptionist or security guard monitor traffic in and out?
  •  Do employees have confidential information on their desks? What about mail and other packages — do they lie around outside someone’s door or, even worse, outside the building, waiting for pickup?
  •  Where are trash cans and dumpsters located? Are they easily accessible by anyone? Are recycling bins or shredders used? Open recycling bins and other careless handling of trash are open invitations for dumpster diving — in which hackers search for confidential company information in phone lists and memos in the trash. Dumpster diving can lead to many security exposures.
  •  How secure are mail and copy rooms? If hackers can access these rooms, they can steal mail or company letterhead to use against you.
  •  Are closed-circuit television (CCTV) cameras used and monitored?  
  •  What access controls are on doors and windows? Are regular keys, card keys, combination locks, or biometrics used? Who can access these keys, and where are they stored? Keys and programmable keypad combinations are often shared among users, making accountability difficult to determine.

Find out how many people share these combinations and keys.

 

Countermeasures

 

Simple measures can reduce your exposure to office vulnerabilities:

  •  A receptionist or a security guard who monitors people coming and going.

This is the most critical countermeasure. This person can ensure that

every visitor signs in and that all new or untrusted visitors are always

escorted.

 

Make it policy and procedure for all employees to question strangers

and report strange behavior in the building.

Employees Only or Authorized Personnel Only signs show the bad guys

where they should go instead of deterring them from entering.

  •  CCTV cameras.
  •  Single entry/exit points to a building or computer room.
  •  Secure areas for dumpsters.
  •  Cross-cut shredders or secure recycling bins for hard-copy documents.
  •  Limited numbers of keys and pass-code combinations.

 

Make keys and pass codes unique for each person, whenever possible.

  •  Biometrics identification systems can be very effective, but they can also be expensive and difficult to manage.

Tags: , , , ,
Posted in Physical Security | No Comments »

Previous Topic
Next Topic

Leave a Reply

Creative Commons License
This work by Ashutosh Jha is licensed under a Creative Commons Attribution-Share Alike 2.5 India License.
Custom Search
SponsoredTweets referral badge

Enter your email address:

Delivered by FeedBurner

Chat Box


Loading

WP Shoutbox
Name
Website
Message
Smile
:mrgreen::neutral::twisted::arrow::shock::smile::???::cool::evil::grin::idea::oops::razz::roll::wink::cry::eek::lol::mad::sad:8-)8-O:-(:-):-?:-D:-P:-o:-x:-|;-)8)8O:(:):?:D:P:o:x:|;):!::?:

Recent Posts

Archives

Improve the web with Nofollow Reciprocity.