Understanding the Basic Security Concepts of MediaIf an attack is launched against the signal on the wire, hackers may be able to copy information as the bits flow across the wire. This may not be as dangerous if the data is encrypted, but depending on the communication medium, it may be possible for hackers to at least steal the service. Being familiar with the basic security concepts of media will help you recognize attacks and how to keep them from happening. CoaxCoaxial cable was the first type of cable used to network computers and was instrumental in forming the basis of the Ethernet standard. Coaxial cables are made of a thick copper core with an outer metallic shield used to reduce interference. Often, the shield is made of woven cooper mesh or aluminum. The cable is then surrounded by a plastic covering, called a sheath . Although coaxial cables are no longer deployed, they may still be found in legacy environments. Here are the two main types of coax cables used:
Coax cables have no physical transmission security and are very simple to tap without interrupting regular transmissions or being noticed. The electric signal, conducted by a single core wire, can easily be tapped by piercing the sheath. It would then be possible to eavesdrop on the conversations of all hosts attached to the segment because coax cabling implements broadband transmission technology and assumes many hosts connected to the same wire. Another security concern of coax cable is reliability. Because no focal point is involved, a faulty cable can bring the whole network down. Missing terminators or improperly functioning transceivers can cause poor network performance and transmission errors. If you are using coax cable, be sure to have proper cable testing equipment available and periodically scan the network for unfamiliar devices. UTP/STPTwisted-pair cable is used in most of today's network topologies. Twisted-pair cabling is either unshielded (UTP) or shielded (STP). Plenum cable is also available; this is a grade that complies with fire codes. The outer casing is more fire resistant than regular twisted pair cable. Ethernet networks have typically used UTP, and STP is mostly used for AppleTalk and Token Ring networks. UTP is popular because it is inexpensive and easy to install. There are seven types of UTP cable, the most popular being Category 5 (or Cat5). Before Cat5, Cat3-type cable was used on Ethernet networks, and some networks may still have it in place. Cat3 is the lowest category that meets standards for a 10BaseT network. Here are the speeds and cable lengths for both:
UTP is eight wires twisted into four pairs. The design cancels much of the overflow and interference from one wire to the next , but UTP is subject to interference from outside electromagnetic sources and is prone to radio frequency interference (RFI) and electromagnetic interference (EMI) as well as crosstalk. STP is different from UTP in that it has shielding surrounding the cable's wires. Some STP has shielding around the individual wires, which helps prevent crosstalk. STP is more resistant to EMI and is considered a bit more secure because the shielding makes wire tapping more difficult. Both UTP and STP are possible to tap, although it is physically a little trickier than tapping coax cable because of the physical structure of STP and UTP cable. With UTP and STP, a more inherent danger lies in the fact that it is easy to add devices to the network via open ports on unsecured hubs and switches. These devices should be secured from unauthorized access, and cables should be clearly marked so a visual inspection can let you know whether something is awry. Also, software programs are available that can help detect unauthorized devices. FiberFiber was designed for transmissions at higher speeds over longer distances. It uses light pulses for signal transmission, making it immune to RFI, EMI, and eavesdropping. Fiber optic has a plastic or glass center, surrounded by another layer of plastic or glass with a protective outer coating. Data-transmission speed ranges from 100Mbps to 2Gbps and can be sent a distance of 2 kilometers per segment. On the downside, fiber is still quite expensive compared to more traditional cabling, it is more difficult to install, and fixing breaks can be costly. As far as security is concerned , fiber cabling eliminates the signal tapping that is possible with coax. It is impossible to tap fiber without interrupting the service and using specially constructed equipment. This makes it more difficult to eavesdrop or steal service. Removable MediaRemovable media poses a security risk to a company for the following reasons:
The most likely reason for a company to have removable media is for offsite storage of backups . The data should be protected by at least a password and possibly encryption. It is also common in military environments to have removable storage media that is locked in a proper safe or container at the end of the day. TapeTape devices use magnetic storage media and are extremely popular backup technologies because of the amount of data that can fit on a small amount of space. Tape backups are widely used to back up system configurations, mission-critical systems, and system account information, which means they often may contain system Registry information, network user account databases, sensitive customer information, and files. Several types of magnetic media can be used to back up important data, including the following:
When using any of these types of tape, be sure it fits the storage requirements of your company and check the specifications of the drive before ordering tapes. Many come in different variations; for example, not all QIC and Travan tapes can be used in all QIC and Travan drives . They may fit into the drive, but if the tape isn't designed for the drive, the drive won't record on the media. Another consideration is shelf life. If a DLT has a shelf life of 40 years, and 25 years from now you have to retrieve data, will there be equipment that can still read that type of data? With technology advancing rapidly , chance are that unless accommodations are made to be sure that the equipment is available to read the media, you will be out of luck. To minimize chances of theft, tapes must be stored in a secure environment, and employees who are not responsible for doing backups should not know where the tapes are stored. In smaller companies, fireproof safes can be used to store the tapes. In larger environments, tape libraries can be implemented for remote tape rotation and backup device administration. Tapes that are going out of rotation and into an archive should be stored offsite, in safety deposit boxes or similar secure environments. Offsite storage ensures business continuity in unforeseeable or unfortunate situations. Backup Strategies and Security Concerns for Tape MediaSeveral backup methods can be employed in disaster-recovery strategies, and they are not specific to tape devices. The most popular backup strategies are as follows :
In addition to these backup strategies, companies employ tape rotation and retention policies. The various methods of tape rotation include the grandfather, Tower of Hanoi, and 10-tape rotation. Backup tapes should be tested regularly. Many companies think they are backing up their data, and find out that the tapes are blank, or the tape heads have become worn or dirty and now they can't restore their data. After the backups are complete, they must be clearly marked or labeled so they can be properly safeguarded.
Every company should determine its own backup policy, depending on the needs and the nature of information to be protected. The policy should be determined by the amount and type of data to be backed up, how far back data might be needed, and whether the back up type can be offline or online storage. Remember, proper planning and testing can help divert potential disaster. CDRRecordable or rewritable compact discs (CD-Rs or CD-RWs) have become relatively inexpensive and, as a result, can be used as an alternative to magnetic media for backups. A writable CD (CD-R) is a solid disk of clear plastic that has etching within it to act as a guide for the laser. Then comes the reflective layer, made of aluminum or gold foil. This is followed by a layer of organic dye. Listed here are the common dyes used today:
If a CD is no longer useful or is not working correctly, it must be made safe to discard. Formal as well as physical processes can be used to do this. The formal processes will be discussed after the section on diskettes. CDs can be destroyed by breaking or scratching them. Some companies now make CD shredders, which would also serve the purpose. The destruction should be done by authorized personnel and the remains disposed of as per company policy. Hard DrivesThe cost of hard drives has come down considerably in the last few years. Besides being cheaper, hard drives can now store over 100GB of data, making them an easy choice for backup or redundant data. Removable hard drives should be handled carefully ; if dropped, they may not work correctly. Proper storage is also a consideration. Be sure they are placed in a secure environment where they are safe from Electro Magnetic Field (EMF), high temperatures , and theft. If you choose to overwrite the data, pay particular attention to the section on proper sanitization . DiskettesFloppy disks are still used in many environments. They are magnetic media that store 1.44MB of data. They are sensitive to heat, EMF, and can be easily stolen due to their small size. If they are to be stored, be sure they are in an environment similar to that described for hard drives. Discarding Information on Removable MediaBefore we discuss flashcards and smartcards, let's go over some concepts in regard to the proper way to handle removable media when either the data should be overwritten or is no longer useful or pertinent to the company. The following choices apply to all removable media units:
Because CDs and CD-Rs are optical media, sanitization is not applicable to them, so either declassification or destruction should be used. Hard drives and diskettes are magnetic media, and any of the methods can be used. FlashcardsFlashcards are most often used in digital cameras , MP3 players, and PDAs. These cards store a good amount of information in a relatively small space. Data transferred via flashcards many times is stored unencrypted. If the device used supports encryption, it would be wise to use it, because these devices are small and easy to steal. Because flashcards may contain traces of classified or confidential information, such as customer data, companies should consider sanitizing or destroying these components when upgrading or discarding the outdated equipment. SmartcardsSmartcards are devices that contain memory and sometimes embedded chips. They are used in cell phones and mobile devices to store customer ID information, personal data, and employee credentials. They are inserted into a smartcard reader that reads the data embedded on them. There are two basic types of smartcards:
These cards are not easy to tamper with, but because they are small, they can be easily lost or stolen. Companies must institute and enforce strict smartcard policies because theft is a big risk associated with the use of this type of device. They should be guarded , and lost or stolen cards should be reported immediately. On the upside, administrators can revoke issued certificates or disable user accounts, making the smartcard basically a piece of useless plastic. So far, we have covered the basic security concepts of media, which should help you recognize some of the vulnerabilities they present. The area we will cover next is security topology, which deals with how devices are arranged on the network and how they communicate with each other. |