170 likes | 261 Views
Analysis of Laptop Security Incident at Los Alamos Laboratory -Ciscop Consulting-. Incident. Initially 3 laptops were stolen BlackBerry also stolen Triggered Internal Audit 80 Laptops lost or missing 67 were stolen 13 Found missing All Laptops lost offsite. How it Happened. No audits
E N D
Analysis of Laptop Security Incident at Los Alamos Laboratory-Ciscop Consulting-
Incident • Initially 3 laptops were stolen • BlackBerry also stolen • Triggered Internal Audit • 80 Laptops lost or missing • 67 were stolen • 13 Found missing • All Laptops lost offsite
How it Happened • No audits • No Check-in or check-out procedures • There were, but were not followed • Failure to know where laptops were
Recommendation • Establish two security levels • Low Risk Classification • Desktop or on-campus devices • Non classified data • High Risk Classification • Mobile or laptop devices • Sensitive or classified data
Low Risk Classification • Spiceworks • Check-in and out procedures • Physically locking machines down • More regularly scheduled and formal audits
SpiceWorks • Separate Spiceworks servers high risk/low risk • Additional servers • Spiceworks audits daily electronically • Only if computer doesn’t check in for the day Monday-Friday
Lock Down Machines • Non mobile devices locked down • Desktop lockdowns • $10/15ft of cable • Covers 4-5 computers • $3 per lock • Laptop Lockdowns • $10
High Risk Classification • Beacons • RFID • Encrypted hard drives
Beacons • Constantly sends a location packet to the server • Wipes the hard dive upon server request • Built into the BIOS • Can be used as an auditing tool
RFID’s • Passive tags • Creates a log of when and • where a device leaves • High implementation costs • Low recurring costs
RFID’s • Estimated prices • Readers $500 - $2,000 • Tags 7-15 cents each • Support software
Encrypted Hard drives • All Mobile devices • Full Disc Encryption (FDE) • Uses AES requires authentication before boot up will occur • Password • Biometrics • Smart cards • Hard ware encryption • Seagate Monentus 7200 rpm FDE.2 ST9250411AS 89.99
Check-in/out Procedures • RFID’s help to denote high and low risk • Low risk laptops • Basic Check-out procedures • Once weekly • Monitored by SpiceWorks • SpiceWorks audits once weekly • High risk laptops • Check-out Daily • Check-in Daily • Constantly Monitored by SpiceWorks
References • Merritt, C. M. (n.d.). lessons from lanl laptop loss. Retrieved from http://blog.lumension.com/?p=573 • Jackson, J. J. (2009, Febuary 13). Los alamos stung by loss of scores of laptops. Retrieved from http://www.gcn.com/Articles/2009/02/13/LANL-Laptop-Loss.aspx?Page=1 • Moscaritolo, A. M. (2009, Febuary 12). Los alamos computers go missing. Retrieved from http://www.scmagazineus.com/los-alamos-computers-go-missing/article/127281/ • Mellor, A. M. (2007, August 7). los alamos nuclear lab loses more data . Retrieved from http://www.networkworld.com/news/2007/080707-los-alamos-nuclear-lab-loses.html • Los Alamos National Security, LLC, Initials. (2009). Los Alamos National Laboratory - Nuclear Weapons. Retrieved from http://www.lanl.gov/natlsecurity/nuclear/index.shtml • Files • Loveless, B. (2009, February 16). Missing los alamos lab computers prompt nnsa call for more control. Inside Energy, 12. Missing_Los_Alamos_lab_computers_prompt_NNSA.PDF • Associated Press. (2009, February 12). US nuke lab loses 67 computers. The New Zealand Herald, • US_nuke_lab_loses_67_computers_The_New_Zeala.PDF • Cobit Student Book. (2004). Cobit in academia. Rolling Meadows, IL: IT Governance Institute. Cobit_Student.pdf