Network Security: Physical Security
The first level of security in any computer network is physical security. Physical security is important for workstations but vital for servers. Any hacker worth his or her salt can quickly defeat all but the most paranoid security measures if he or she can gain physical access to a server. To protect the server, follow these guidelines:
- Lock the computer room.
- Give the keys only to people you trust.
- Keep track of who has the keys.
- Mount the servers on cases or racks that have locks.
- Disable the floppy drive on the server. (A common hacking technique is to boot the server from a floppy, thus bypassing the carefully crafted security features of the network operating system.)
Client computers should be physically secure as well. You should instruct users to not leave their computers unattended while they’re logged on. In high-traffic areas (such as the receptionist’s desk), users should secure their computers with the keylock. Additionally, users should lock their office doors when they leave.
Here are some other potential threats to physical security that you may not have considered:
- The nightly cleaning crew probably has complete access to your facility. How do you know that the person who vacuums your office every night doesn’t really work for your chief competitor or doesn’t consider computer hacking to be a sideline hobby? You don’t, so you’d better consider the cleaning crew a threat.
- What about your trash? Paper shredders aren’t just for Enron accountants. Your trash can contain all sorts of useful information: sales reports, security logs, printed copies of the company’s security policy, even handwritten passwords. For the best security, every piece of paper that leaves your building via the trash bin should first go through a shredder.
- Where do you store your backup tapes? Don’t just stack them up next to the server. Not only does that make them easy to steal, it also defeats one of the main purposes of backing up your data in the first place: securing your server from physical threats, such as fires.
- If a fire burns down your computer room and the backup tapes are sitting unprotected next to the server, your company may go out of business — and you’ll certainly be out of a job. Store the backup tapes securely in a fireproof safe and keep a copy off-site, too.
- Some networks have the servers are in a locked computer room, but the hubs or switches are in an unsecured closet. Remember that every unused port on a hub or a switch represents an open door to your network. The hubs and switches should be secured just like the servers.
Proper Physical Environment For Computers
Temperature and Humidity
We should keep the air temperature between 70 and 74 degrees Fahrenheit (21 to 24 degrees Celsius), and keep the humidity level between 40 and 60 percent. Too much humidity results in condensation which can cause damage to sensitive components. On the other hand, too little humidity can cause electrostatic discharge which can then destroy computer circuitry, gradually or suddenly. In professional environments we have to ensure that computer rooms have separate and redundant cooling systems and ensure a supply of clean filtered air. We can accomplish this by using a positive pressure systems. Positive pressure systems protect the air quality in the facility by causing air to be forced out through doors, windows, and other openings. Negative pressure systems draw air in, potentially bringing in airborne particles such as dust or smoke. Positive pressure systems are more energy effective. We can implement network management software which will allow us to monitor computer temperature and to send an alert if the temperature rises above a certain level. To calculate the amount of heat generated by computers we can use the following formula: Wattage x 3.4 = BTUs generated. If our systems need to operate in a dirty, dusty or smoky environment, we have to frequently clean those.
Dust
The computer power supply and other cooling fans draw air to keep our computer cool. Without proper cooling our computer components will eventually fail from excessive heat buildup. All computer components are electrical in nature, and because of that they can generate magnetic fields around them. Because of the magnetic field, dust particles from the air, which have electrical charge in them, will be attracted to our system components, and they will stick to them. This can be a big problem. Dust can clog up the air vents inside our system which will restrict the airflow through the case. That way our components don’t cool properly. If that happens our components will eventually fail. Dust also acts as a thermal insulator. As the dust sticks to the components such as processor, memory chips, hard disks, expansion boards, etc., it actually acts as a blanket. Dust reduces the amount of heat that components can dissipate. Components that can’t dissipate heat properly will degrade. The hotter the components get, the sooner they will fail.
We have to keep in mind that we have to remove that accumulated dust from time to time. When talking about servers, we have to be prepared to bring our servers down. Think of it as a scheduled downtime. To clean the dust we have to open the system case and use an antistatic vacuum to remove the dust. If we are in indoors, we shouldn’t use the compressed air to blow the dust out of the computer. Compressed air will make the dust go back into the air in the room, and that dust will go back to our computer when we power it on again. Also, if we have other systems in the room, they will draw that dust into them. Multi-processor systems require more fans because they generate more heat. Because of that we should clean those systems more frequently.
EMI and RFI
Interference is a signal that corrupts or destroys regular signals. Interference affects signals used by two devices which communicate on a network. We should try and protect our systems and network cabling from Electromagnetic Interference (EMI). EMI is generated, for example, by electric motors or florescent lights. To protect network cabling from EMI we can use shielded cables or run cables trough leads to protect signals sent on Ethernet twisted pair cabling. Also, fiber optic cable is not susceptible to EMI so we can use that type of cable if we can not get rid of EMI. RFI or Radio Frequency Interference can disrupt wireless network traffic. RFI can be generated by cordless phones, microwaves and other home appliances. Wireless networks that operate within the 2.4 gigahertz range are particularly susceptible to RFI.
Magnetic Fields
Magnetic fields located close to the computer can cause undesired effects or even data loss. Data that is stored on magnetic media is at risk from any source of a magnetic field. Floppy drives, hard drives, and tape storage devices use magnetic charges on a disk or a tape for storing data. While hard disks are shielded and protected from all but the strongest magnets, be careful with floppy disks and tapes. Getting a magnet too close to these components could erase data. Those can be speakers, motors and fans, space heaters and even CRT monitors. Magnets near a CRT monitor can distort the images on the screen. On the other hand solid state and flash storage devices are not susceptible to this kind of data loss.
Network Cables
When it comes to network cables we should always avoid putting them on the floor where people can step on them and get tripped on. Also, in server rooms the cabling can become a big mess in a short amount of time. To cope with the cable mess we should standardize the colors of our cables. We can choose which color will we use in which case. For example, for cross-over cable we can always use red cable, etc. We should use cable ties to keep our cables organized. Cables shouldn’t be too short nor too long.
Cleaning
Dust and dirt will insulate PC components, trap heat and shorten the life of our computer. Some common cleaning supplies include a lint free cloth, compressed air, an anti static and micro filtering vacuum cleaner, denatured alcohol or Isopropyl alcohol. Keep in mind that we should always power down a system before cleaning and use caution with liquid based cleaners. We should never apply a liquid directly to a PC component. To clean electrical contacts we can use denatured alcohol. CRT monitor screens can be cleaned with a household glass cleaner. To clean LCD screens we can simply use a dry, lint free cloth or a special LCD cleaning solution. If we have a mouse with a roller ball we can clean it with household soap and warm water, and clean the rollers inside the mouse with warm water or denatured alcohol. Keyboards should be cleaned with a small PC vacuum cleaner or compressed air. Inkjet print heads should be cleaned with a manufacture’s supplied utility. Excess toner should be removed from a laser printer with an anti static and micro filtering vacuum cleaning. To clean floppy disk drives and CD or DVD drives we should use a special cleaning disk and its related software. CD and DVD disks can be cleaned with a soft, dry cloth.
Another thing we should do is allow the new commponents that came from outside to sit for few hours in a room temperature before we use it. This will dissipate any condensation that may have been caused by a rapid change in temperature or humidity. We should also use covers and cases to protect equipment when it’s not in use.
Remember
We should keep the air temperature between 70 and 74 degrees Fahrenheit (21 to 24 degrees Celsius), and keep the humidity level between 40 and 70 percent (to prevent Electrostatic Discharge (ESD)). We should try and protect our systems and network cabling from Electromagnetic Interference (EMI). Magnetic fields located close to the computer can cause undesired effects or even data loss. Dust and dirt will insulate PC components, trap heat and shorten the life of our computer. Components which came from outside shouldn’t be used right away.
0 Comments