Posted by: Ken Harthun
Physical security, Security, Security best practice, Security management
Last Friday, a trouble ticket came in saying someone from our satellite campus could not access our database application. I immediately attempted to log in remotely and was unable to do so. The next check revealed that our NLAN link was down and had been since approximately 7 p.m. the night before. Our service provider checked the circuit and found no problems, but did not see a link to our router. An on-site investigation was in order.
Upon arrival, I checked the router and there was no link on the WAN port. Our closet is on the third floor and the connection runs to the phone/data closet on the second floor. The key to the closet is locked in a key vault with (supposedly) limited access to the code. The key opens all doors on all electrical and phone/data closets in the building. When I opened the door, the problem was obvious — someone had unplugged both cables to our third floor closet. I replaced them in the demarcation box and the network link was back.
Yesterday, while attempting to log into the remote server for user account maintenance, I discovered that the link was down again. This time, I had someone on site go to the closet and verify that the cables had not been unplugged again. I was told they were in place. I made another trip to the site.
Again, no link light on the router. I checked the closet and, sure enough, the cables were in place, but they had been moved to different (inactive) ports. I won’t print here the string of choice expletives that reverberated down the hallway! Once again, I corrected the problem. Then I placed a sign on the demarcation point that informs whoever is responsible for this that I will report further incidents to Federal authorities.
Several outpoints are present in this physical security failure:
- Anyone who has the key vault code can access critical infrastructure equipment;
- There is no list of who has been given access to the code;
- There is no way to log who accesses the key vault;
- There are no security cameras in the building, and;
- In both instances, the network went down on a Thursday evening.
It’s not likely that I will discover who did this (or who continues to do it, if it happens again) without cooperation of the building management. They don’t seem to be too concerned, but if it happens again, you can bet I will be making their lives miserable and withholding some lease payments until they put tighter security measures in place. For my part, I will be installing patchcord locks as soon as I can get them (see photo below).