Unit 10 Assignment 1: Controls
Unit 10 Assignment 1:
Controls
IS 4560
Hacking and Countermeasures
Thursday, December 19, 2013
Unit 10 Assignment 1: Controls
Aim Higher College needs to ensure the safety of all its information. Recently we have seen suspicious and careless activity in the research data center. Data center technicians have reported lights left on, doors left open, successful logins to the research database, as well as login attempts in the backup business database after normal hours of operation. Because this is also the backup for our business information we need to keep this area as secure as possible.
In order maintain control over who has access to what in the center we need first ensure that only those that need access to the center are granted the appropriate permissions to the areas that they need. The revolving door should only allow one person through at a time, this will help to prevent someone without access from slipping by with some one that does have access or allow a person with access giving access to some that is not authorized in the build. This will be done with a using simple radio frequency identification (RFID) cards for the initial access to the building’s lobby. Both entry and exit will require that the card be read so that a log of who enters and leaves the building can be kept. Entry to the staff offices will simply be with a RFID card reader. With these cards, we can select what areas they have access to according to their needs . The front double doors and access to the receiving area can only be opened from the inside of the building. By allowing one-way access we ensure that hacking of the reader is not possible.
Biometric scanners should be used for all sensitive areas as a second method to prevent card cloning . Those that have access to sensitive areas or doors that can allow more than one person through such as the shipping area and front double doors will be issued a Personal Identity Verification
Controls
IS 4560
Hacking and Countermeasures
Thursday, December 19, 2013
Unit 10 Assignment 1: Controls
Aim Higher College needs to ensure the safety of all its information. Recently we have seen suspicious and careless activity in the research data center. Data center technicians have reported lights left on, doors left open, successful logins to the research database, as well as login attempts in the backup business database after normal hours of operation. Because this is also the backup for our business information we need to keep this area as secure as possible.
In order maintain control over who has access to what in the center we need first ensure that only those that need access to the center are granted the appropriate permissions to the areas that they need. The revolving door should only allow one person through at a time, this will help to prevent someone without access from slipping by with some one that does have access or allow a person with access giving access to some that is not authorized in the build. This will be done with a using simple radio frequency identification (RFID) cards for the initial access to the building’s lobby. Both entry and exit will require that the card be read so that a log of who enters and leaves the building can be kept. Entry to the staff offices will simply be with a RFID card reader. With these cards, we can select what areas they have access to according to their needs . The front double doors and access to the receiving area can only be opened from the inside of the building. By allowing one-way access we ensure that hacking of the reader is not possible.
Biometric scanners should be used for all sensitive areas as a second method to prevent card cloning . Those that have access to sensitive areas or doors that can allow more than one person through such as the shipping area and front double doors will be issued a Personal Identity Verification
References: DuPont. (2013, n.d n.d). DuPont™ FM-200® Waterless Fire Suppression Systems. Retrieved November 29, 2013, from A Dupont Website: http://www2.dupont.com/FE/en_US/products/FM200.html#.UpmIz8RDt8E Olzak, T. (2010, July 5). The future of iris scanning. Retrieved November 2013, 2013, from A Tech Republic Website: http://www.techrepublic.com/blog/it-security/the-future-of-iris-scanning/ Oriyano, S.-P., & Gregg, M. (2011). Hacking Techniques, Tools, and Incident Handeling . Burlington: Jones & Bartelle Learning . Planet Biometrics. (2013, July 15). NIST provides new options for PIV cards. Retrieved November 29, 2013, from A Creo Website: http://www.planetbiometrics.com/article-details/i/1651/ SRI International. (2013, n.d n.d). Iris on the Move® Biometric Identification Systems. Retrieved Novmenber 29, 2013, from A SRI Website: http://www.sri.com/engage/products-solutions/iris-move-biometric-identification-systems Tipton, H. F., & Krause, M. (n.d, n.d n.d). Access Control Principles and Objectives. Retrieved November 29, 2013, from cccure.org: https://www.cccure.org/Documents/HISM/003-006.html Wilson , T. V. (2005, November 11). How Biometrics Works. Retrieved November 29, 2013, from HowStuffWorks.com: http://science.howstuffworks.com/biometrics.htm Wise Geek. (2013, n.d n.d). What Are the Different Types of Key Card Systems? Retrieved November 29, 2013, from wisegeek.com: http://www.wisegeek.com/what-are-the-different-types-of-key-card-systems.htm