Most of us who go to an office every day have gotten used to having to wear our ID badges and using them to access buildings, specific facilities, and sometimes even as part of the login process. Securing the physical facility is the most direct, and often the most obvious way of protecting the physical layer. But challenges abound, especially due to our problems in the meatspace layer (as we discussed in
this post.) How many people in your office will challenge someone who may be wandering around without a badge? How well protected is your network closet, even from employees?
Some other questions to consider:
- Do you regularly check for rogue wireless access points?
- Can your employees identify when they might be subject to a keystroke logger?
- Is everyone required to use an anti-virus application to connect to the network?
- What's your policy on removable media (CD's, thumb drives, etc?)
- How often do you audit your username and password databases?
No comments:
Post a Comment
I look forward to your thoughts and open debate. Please share appropriate and professional comments. Inappropriate comments are subject to removal.