Security Corner

Jul 10 2009   8:30PM GMT

“I guess I forgot to lock the door.”

Ken Harthun Ken Harthun Profile: Ken Harthun

Physical security is something we often take for granted, but it can be just as important as cyber security. One of my clients recently called to say that some suspicious files had suddenly appeared on one of their servers. Naturally, I investigated, but I couldn’t find any breach in the firewall or any indication in the IDS logs that the network had been hacked from outside.

After spending a couple of hours digging around in the server logs, I finally dug into the registry and found that the files had apparently come from a USB device that had been plugged into the server around 9:30 pm on the day in question. Since only three people have access to the servers–myself, the IT Manager and the Controller–and none of us were guilty, I had to suspect that someone had gained unauthorized access to the server room.

Sure enough, the IT Manager recalled leaving early on an emergency the day of the incident and with a sheepish grin told me, “I guess I forgot to lock the door.”

We now have an electronic combination lock on the door and only the three of us have the code. The door automatically locks itself three seconds after it’s opened, so “forgetting” isn’t an option.

Lesson learned. Fortunately, the files were benign.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: