Jeff Cutler's Keys to Security

Jun 25 2014   12:51PM GMT

The Importance of IDs and Provisioning

Jeff Cutler Jeff Cutler Profile: Jeff Cutler

Tags:
Data
Facilities
provisioning
Security

One of my regular soapbox topics is the ease with which facilities can be breached. And if you can get in the door of an organization, it’s relatively easy to get into doors within the building and wreak havoc with systems, data, physical and intellectual property and the livelihood of the business.

It’s also pretty simple these days to set up a first line of defense to keep interlopers at bay. Once caveat is that security staff and IT should work in concert to maintain high levels of security when it comes to access to facilities and systems.

Why am I thinking of this on a gorgeous summer day? The Fake ID season is upon us. That’s right, fake IDs are a huge business all over the nation. This time of year, with students graduating high school and headed away to college, buckets of money are made in the sale of fake IDs. And if crooks in towns from Albuquerque to Zion can create IDs that fool police departments, what’s to keep this technology for opening the doors to your company?

Here’s the story of the burgeoning – and highly sophisticated – fake ID trade in a town just south of Boston, MA. In this case, the IDs are so well made that police came up with a key to assist bars and liquor stores in detecting the fakes. Take a look at the minute details that are incorporated in the IDs to make them so effective. (Screenshot of the ID image on the Canton, MA Police FB page)

Screen Shot 2014-06-25 at 8.34.16 AM

What’s the solution? There are a few routes you can go to lock down your data and building.

First, take provisioning seriously. Maintain a database that accurately documents who is allowed on your campus and in your buildings. Make sure that HR and all relevant departments keep this list updated so your security team can keep unwanted people out of your facilities.

Next, make sure only the people who require access to systems have it. Don’t allow individual staffers to be administrators on their own workstations as that opens security holes all over the place. While it might be time-intensive to send an IT person to install software and change passwords for each employee, it is the best way to keep all employees on the same access level. It also keeps your internal machines safe.

Do a full vetting of your IT staff – perhaps this should be step one. This way you know who you can trust and who’s working for you before you give them keys to the city. Once cleared, this is the security force that keeps your critical information safe.

Finally, never let your guard down. Just as the IDs have gotten better for underage drinkers, so too have the ways in which criminals are trying to tear down your walls. Breaches are going to occur. Make sure they don’t happen because of something or someone you overlooked and unwittingly let into your business.

Be safe out there. Talk to you next week!

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: