Preventing security threats from cleaning staff


Do you know who's in your building at night? Can you positively vouch for all those here-today, gone-tomorrow contract staff who clean and maintain your offices? Physical access is a worryingly simple vector for data-stealing malware, as we'll see in this edition of The Long View...

It's a truism in computer security that all the software in the world won't help you, if you don't have physical security. If you can't stop a Bad Guy walking up to your server in the middle of the night, you can't stop him from stealing your data or injecting malware into your system. In other words, physical access trumps many software defenses. Erecting a secure boundary around your server rooms obviously makes sense. Keeping your crown jewels under lock and key is always a good strategy. But what about your PCs? They're usually physically vulnerable to, say, office cleaning staff; and Bad Guys can use some powerful techniques to inject unwanted code into your machines.

Read on...

Physical threats can be grouped into two main types:   1. Keyloggers often spring to mind when people think of the threat posed by unauthorized physical access to PCs. These are small dongles, introduced between the keyboard plug and the socket in the back of the PC. They record all keyboard activity -- either on internal storage, or by wirelessly sending it to a nearby attacker. Bad Guys can easily introduce such a device to your PCs while cleaning a desk area. It doesn't take much sleight of hand to fool even the sharpest-eyed CCTV operator. If you're not careful, your users' credentials are at risk, which could give the wrong people access to your critical systems. The best defense against such devices is to ensure that authentication is done using some kind of one-time codes -- say with a challenge/response authentication, where the user has to look up response codes on a wallet-sized card, or the more high-tech approach of a two-factor authentication setup. Of course, physical security threats can be mitigated by physical means. Consider gluing your keyboard cables in-place, and preventing the keyboard and PC cases from being opened. Although this will cause some inconvenience when there's a genuine need to unplug a user's keyboard!   2. Malware injection, as I briefly mentioned earlier, is the other main threat. Bad Guys can cause a PC to boot from an nefariously-inserted CD or USB stick. This boot environment then has complete access to the hard drive, and could introduce malware.

To continue reading this article register now

Shop Tech Products at Amazon