Ashutosh Jha's Page

Utilities

Written by admin on 27 December 2008

WP Greet Box icon

Hello there! If you are new here, you might want to subscribe to the RSS feed for updates on this topic.

You must consider building and computer-room utilities, such as power,

water, and fire suppression, when accessing physical security. These utilities

can help fight off such incidents as fire and keep other access controls running

during a power loss. They can also be used against you if an intruder

enters the building.

Attack points

Hackers often exploit utility-related vulnerabilities. Consider the following

attack points, which are commonly overlooked:

Is power-protection equipment (surge protectors, UPSs, and generators)

in place? How easily accessible are the on/off switches on these devices?

Can an intruder walk in and flip a switch?

When the power fails, what happens to physical-security mechanisms?

Do they fail open, allowing anyone through, or fail closed, keeping everyone

in or out until the power is restored?

Where are fire-detection and -suppression devices — including alarm

sensors, extinguishers, and sprinkler systems — located? Determine

how a malicious intruder can abuse them. Are these devices placed

where they can harm electronic equipment during a false alarm?

Where are water and gas shutoff valves located? Can you access them,

or would you have to call maintenance personnel about an incident?

Are local telecom wires (both copper and fiber) that run outside of the

building located aboveground, where someone can tap into them with

telecom tools? Can digging in the area cut them easily? Are they located

on telephone poles that are vulnerable to traffic accidents?

Countermeasures

You may need to involve other experts during the design, assessment, or

retrofitting stages. The key is placement:

Where are the major utility controls placed?
Can a hacker or other miscreant walking through the building access the controls to turn them on and off?

Covers for on/off switches and thermostat controls and locks for server

power buttons and PCI expansion slots are effective defenses.

Related Posts:

Tags: attack, countermeasures, hacker, power, utilities, water
Posted in Physical Security | No Comments »

Previous Topic
Building infrastructure

Next Topic
Office layout and usage

Leave a Reply

Improve the web with Nofollow Reciprocity.

Log in

Copyright © 2010 Ashutosh Jha's Page All rights reserved Designed by - Mind Bird Solutions

Disclaimer: The views and opinions expressed on this website are strictly those of the author.These may be right or wrong.They have been provided to benefit the public in general.The author has made considerable efforts to present accurate and reliable information on this web site. However, the author does not take any legal responsibility for the accuracy, completeness, or usefulness of the information herein.