Today there are numerous threats to the Information Technology Infrastructure that many companies rely on in order to remain in business. We hear words like “cyber terrorism” and “hacking” on a daily basis. Most people assume that these are always threats performed remotely, possibly even from across the globe. We’ve all heard the stories or known someone who has downloaded a virus or a Trojan that was sent in a seemingly inconspicuous e-mail. Most corporations today operate with plenty of firewall and anti-viral technology in place. However, Physical Security is often overlooked. This article will explain how best to secure an IT room.
The best firewall with the most stringent filtering rules is no match for someone who can physically get into your network room. Once someone gains entry into your datacenter or IT room, they can very easily start dismantling equipment which may be critical to your business. They could also potentially perform “Man in the Middle” attacks by installing rogue devices on your network. Devices such as the “Pwnie Plug” line of products can be easily hidden in an IT room, plugged into the network, and left to transmit sensitive data over 4G to unintended recipients that could use this information for nefarious purposes.
These type of attacks would most likely be performed by someone who has easy access to the IT area. This tends to be an employee, but could even include outside vendors that are permitted near the network. Perhaps a cleaning person or an electrical contractor. Would you know if someone was performing one of these types of attacks against your company? If you found such a device, would you be able to determine who installed it? How much damage could have happened before you realized it was there?
There are some relatively simple things you can do to reduce the risk of suffering from Physical attacks against your IT department. The obvious ideas of locking the room, and limiting who has keys/cards to access the room will definitely help. However, an NVR/DVR and a camera could provide you with not only additional security, but could also provide you with accountability for the activities in this area.
A standard setup includes one or more cameras to cover the entry area as well as an additional camera to view the sensitive equipment in and around the area. A properly configured DVR/NVR is capable of recording and alerting key personnel in the event they see motion.
This can be taken even further by installing a simple and relatively cheap door contact to trigger an event every time a door is opened. A simple normally closed contact is usually less than five us dollars, and very easy to wire into the inputs on a NVR/DVR.
Once this is attached to an appropriate input (preferably for a camera aimed at the door in question), you can configure an alarm event to occur which can perform several actions. Most commonly it can be configured to take a picture of the event and send it in an e-mail or text message to someone who can decide if it is routine access or if security or law enforcement should be notified. You can also take it a step further and connect an audible siren to the NVR/DVR outputs so that if the door contact is broken after hours the alarm will sound to deter any would-be criminal activity.
Securing the IT closet with these measures will greatly reduce the chances of becoming victim to the types of physical attacks I have described. However, they should also be extended to any other sensitive areas of your facility. It is even recommended that you place a camera at every point of entry (even the unused or less frequently used entry/exit doors). This will give you an accurate idea of who is or was in your facility at the time of an event.
These simple steps can greatly augment any existing burglary/intrusion detection system you may have in place. They can also be used to make decisions as to whether or not dispatch law enforcement in the event that an alarm is tripped. This can be a huge cost savings in false alarm fees and fines.
In addition to security and alarming the doors, it is also a good idea to install a microphone in these areas. This can be used periodically to remotely listen for possible problems that could be cheap if detected early, but very costly if not. For example if a fan bearing goes out it usually makes loud noises. However, if left unfixed it could cause expensive and sensitive equipment to fail. Another example would be if an uninterruptable power supply battery fails and starts beeping continuously. If no one is around to hear it, it could go unnoticed until such time as it is needed during a power event.
This type of system will also provide proof of work being completed if needed. For example if you hire a contractor to install equipment and there is a dispute as to what work was performed, a quick review of the video during the installation could provide clear proof of what was actually done or not done as well as how much time was involved in performing the work. It would also provide evidence if any unintended devices or software was installed without prior consent.
In conclusion, Protecting a corporations infrastructure with the most state of the art firewalls, virus scanners, intrusion detection servers, and even cryptographic equipment still falls short if physical security is left wide open to anyone who can get close enough. Protecting such sensitive equipment with very basic camera coverage and door contacts is a very cost effective solution that could save your company its very existence one day. A good NVR/DVR, a few cameras, a cheap door contact, and some configuration time is definitely cheaper than the potential losses due to a physical security breach. Such breaches are becoming more and more common in the news. Don’t be the next victim.