Physical Access Flashcards
What are some issues with physical or digital access?
Vulnerabilities in physical security can arise from weak access controls, lack of surveillance, or inadequate security measures. While a cyber hacker will attempt to access company data by circumventing digital safeguards.
What can be done about physical or digital access?
-Physical/Digital locks on
premises or on comp
access
-Firmware security
-Server restriction
What are some issues with Bring Your Own Device (BYOD)?
The security specifications for a personal device may not be on the same stringent standard as those found on company devices. Organizations must also establish clear guidelines for BYOD usage, including device registration, security software requirements, and data encryption protocols. Additionally, it is paramount that the device is shown to be up-to-date about patches and software updates. A company engaging in this practice might consider extending specific antivirus software licenses to the employee’s device.
Devices registered as personal devices can be further safeguarded by restricting the access they are granted on the company network. This can be accomplished using network segmentation techniques like VLANs (Virtual Local Area Networks) or firewalls to isolate personal devices. VLANs logically divide a network into smaller, isolated segments, preventing BYOD devices from directly communicating with sensitive company systems. Firewalls further enforce this separation, allowing strict control over the types of traffic permitted between BYOD devices and company resources. It can be beneficial to implement strict access controls, limiting which systems and data BYOD devices can access based on user roles and job functions.
Additional concerns:
-Shadow IT
-Device authorization
What is Radio Frequency Indentification (RFID)?
It is a radio-based technology that originated as a means of tracking goods, but has grown to be a useful tool prevalent in many industries. RFID technology uses radio waves to identify and track objects with RFID tags. These tags contain electronically stored information that RFID readers can read. Operating on radio frequency, RFID technology is comprised of two parts, the RFID tag and the RFID reader. The tag emits a signal that the reader can track. The signal can indicate location, but can also contain information relating to the tag.
An RFID tag can either be active or passive. An active tag will perform tasks like sending
out tracking information and requires a battery. A passive tag does not require a battery. The tag instead uses an electromagnetic coupling to draw sufficient power from the reader to transmit a message.
What of are the key benfits of RFID?
-Enhance physical security
-Real time tracking assets
-Accurate readings
-Versatile across
industries
-Quality control
What are some physical deterrents?
-Obstacles: placed in the
way of; actual physical
barriers inc key card
entry
-Polices: fining, etc.; can
be reviewed or updated
-Detectors:
surveillance/alarms
-Preventative: vetting
employees
-Security:
audits/inspections
