1 / 12

Protecting IT systems

Protecting IT systems. Level 2 Diploma Unit 11 IT Security. Physical security. Options What physical security exists ? What access control exists ? How is visibility of data minimised?. Physical security. In teams: Conduct a security audit of the college

aysel
Download Presentation

Protecting IT systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Protecting IT systems Level 2 Diploma Unit 11 IT Security

  2. Physical security Options • What physical security exists? • What access control exists? • How is visibility of data minimised?

  3. Physical security • In teams: • Conduct a security audit of the college • What physical security exists? • Locks • Biometric controls • CCTV • What access control exists? • Passwords • How is visibility of data minimised? • Positioning of monitors, locking of screens • Passwords on data • DO NOT ATTEMPT TO OVERCOME ANY SECURITY MEASURES.

  4. Audit results (29/3/2011) • Buildings • CCTV • Key card readers • Staff rooms • Computer rooms • Sensitive areas • Workshops • Motion sensors • Window locks • Detectors on LRC exits • IT equipment not visible • Data • Passwords on photocopiers • Passwords on user IDs • Issue • Can read screens in reception by standing behind them • No ID required for students

  5. Physical security • Hardware and peripheral security • Kensington locks • Biometric controls • CCTV • Wireless interception • Faraday cage • Screened cable • IT • Firewalls • Secure mail and web servers • Media-less workstations

  6. Kensington lock • Loop the cable through a hole in a piece of furniture, or around a table leg support, a pipe, etc. • Lock the other end into the Kensington Lock slot on the laptop • Deters theft

  7. Biometric controls • Fingerprint scanners • Access to laptops • Access to memory sticks • Iris recognition • Access to secure areas

  8. CCTV • CCTV helps deter thieves and documents suspicious activities • Can automatically trigger alerts based on motion detection by programmable cameras

  9. Faraday cage and screening • It is a metal enclosure • The shield of a cable protects the internal conductors from electrical noise and prevents signals being intercepted • High security meetings are conducted in Faraday cages to prevent any wireless interference

  10. Firewalls • permits or denies network transmissions based upon a set of rules • protects networks from unauthorized access

  11. Secure servers/DMZ • Dual firewalls give additional protection to the internet facing servers • These servers are in the “demilitarised zone” • The internal network is protected from the untrusted internet

  12. Media less workstations • No USB ports • No hard disk • No optical disk • Boots from the network • All data and applications stored on the network • Cannot be used to copy and remove data

More Related