Peter Wood of First Base Technologies gave a remarkably useful, informative and funny talk on the subject. (and left me totally paranoid as I said before).
Some interesting points and some thoughts
- Physical intrusion is very likely
- Physically entering a building and stealing data is often easier than getting past network security and cracking a network.
- Social engineering is a serious concern
- It is relatively easy to get people to give access information away
- Have a plan to deal with physical intrusion.
- In one case the receptionists realised that the intruder was present but didn’t have any instructions on what to do in that situation – result: failure. Have obvious guidelines on who to call and what to do if an intruder is spotted.
- Look at logs
- Log files are often the first sign of unexpected happenings
- Encrypt valuable data
- The machine doesn’t have to be secure for your data to be secure
- Firewall all access and especially firewall dialup accounts
- One of the examples should how an apparently secured network was compromised by a dial up access point within the network
- People with clipboards and pens are always accepted as genuine, even when they are actually intruders
- Suggestion: Have anyone holding a clipboard and pen removed from the building immediately. Or at least don’t assume that they are genuine, just because they look busy
Overall fascinating and really interesting.