By Bob Stockwell · January 23, 2017
Many security components now function on a campus network, so it is important to add comprehensive safeguards to defend against cyberattacks and data breaches. It is also critical that we include the core points of vulnerability that potentially exist within the system architecture.
Let’s review the basics and focus on the essential issues that make security systems vulnerable to points of failure, which are usually avoidable and can be easily alleviated with foresight and expertise. Basic redundant reporting of critical systems or providing a method to audit access to an area or appliance is at the core.
Beware of Network Services or Upgrades
As a reminder, the security enterprise itself consists of basic components typically spread out over a vast network of remote locations. Sometimes, these areas are shared or provide common space for other systems that may be left unsecure, or simply accessed by other vendors servicing their network-based devices, such as life-safety or environmental systems, for example.
Left unattended, these situations can become critical points of failure and lead to tampering or disconnecting of systems often leading to a host of other issues.
Many times, the problem is simply a missing form ‘C’ tamper switch on a critical control device that may not be programmed or tied into the security enterprise, thus, not able to provide a security alert if the IP device is accessed.
Another example is securing the power supplies with a tamper switch and adding simple locking devices to ensure the power transformers are secure, helping to safeguard against accidental power loss.
Other points of failure may result when someone is accessing a remote junction box or conduit trough when trying to trace a cable or locate a splice point.
In this scenario, because the device accidentally becomes disabled, the security function fails to signal or report the event and, unfortunately, no record will exist documenting when it was accessed or serviced.
Oftentimes, other third-party vendors or the customer’s own IT support staff accidentally disconnects network security devices in the process of making network changes or upgrades. If access points are tampered with, log events can be created each time there is an access breach.
This establishes awareness for often-used points and generates hard information that can be reviewed on a regular basis, ensuring only authorized personnel are gaining admittance.
More Monitoring Solutions & Redundant Reporting Strategies
In addition to basic tamper reporting of the security platform, campuses should learn about what more can be monitored by the security enterprise, as well as the benefits gained by adding redundant reporting of other critical systems.
Major systems such as HVAC or other plant operations, for example, have robust reporting capabilities and can bring value by notifying a campus personnel of a potential system failure or simple service requirements. Having some basic core functions in place, such as temperature or humidity sensors — either independent or simply as an auxiliary output — can “save the day” should the primary system fail.
In an office setting, other monitoring solutions may include securing basic equipment such as copy or fax machines, which in most office environments have a regular pattern of work flow that, over time, generate a normal level of access operation.
Traditionally, in a 9-5 working environment, there is no reason for certain office devices to be functioning beyond a normal window of time when the campus business office is closed or dormant. These devices can be monitored with the data being used to determine if an illicit activity is occurring.
With the rise in identity theft, many HR and legal departments now install tamper switches on filing cabinets and other equipment to determine who and when files and sensitive information are being accessed. By installing basic tamper-resistant solutions, the customer no longer needs to review lengthy video files following an event.
Tying a plunger switch into the security enterprise will notify campus personnel of unusual activity in real-time. Dormant area detection is another application that was developed for end users who never officially close.
By installing a motion detector or other device for those organizations storing hazardous chemicals or with high value areas, for example, campuses can determine suspicious activity by reviewing the access report or log. They can then decide if authorities need to be notified or the situation can be dealt with internally.
At the very least, every point of access to the security enterprise needs to be accounted for and secured, which, in most cases, can be accomplished within a campus budget.
Bob Stockwell writes for CS’ sister company Security Sales & Integration. He is Chief Technology Officer for Stanley Security.