11/01/2010

Facility Network Security

Network security is a duty of facilities departments, not only of IT departments

By Kylie Wroblaski

 
Two Departments: One Goal

Looking for unsecured equipment and visibly posted passwords during routine facility inspections can help keep your networks secure.

The key to keeping the people, property, and information inside your building safe and secure is to have proper security and surveillance plans in place. But how do you keep safe the information and data that is electronically flowing in and out of your building? Keeping your network secure is just as important as keeping the building secure – and protecting the network is not only up to the IT department, but also up to you as a facility manager.

Intersecting with IT
"The line between facility and IT is blurring," explains Bill McGee, product manager at Cisco. "Things like physical access, HVAC, and elevators are coming online. Just like with network security, physical security needs to focus on two critical design elements: increased visibility and granular control."

This is where the duties of the IT department and facilities department intersect. "Facilities managers need to coordinate with IT as business functions become IP-enabled," he says. "Being able to turn on the lights or the security system remotely via the network may seem cool, but if these things aren’t properly secured it can be a real problem. You don’t want a hacker to be able to strand people on an elevator, you don’t want someone to open access to a secured door, and you don’t want a hacker to spoof themselves as an IP camera in order to gain access to the network." With these facility system components on the line, facilities departments should have a vested interest in network security.

IT departments are responsible for keeping secure the information flowing through the network – they set firewalls and remote access, among other duties. Facilities departments are responsible for protecting the physical components of the network – such as the servers, wiring closets, and data centers. "From a physical point of view, the facility manager doesn’t have an obligation to protect the data on the wires – that’s the duty of the IT staff. But the facility manager has to make sure that someone doesn’t get access to equipment or wires that he or she shouldn’t have access to," explains Marty Linder, principal engineer with Carnegie Mellon’s Software Engineering Institute CERT program

Even taking steps during routine building inspections can ensure that the network remains secure. Look for unsecured equipment, visible posting of passwords, and check stored media, wiring closets, and data centers.

"Physical access to critical systems, like wiring closets, phone systems, or data centers, needs to be secured and monitored," explains McGee. "Physical barriers need to be implemented and routinely inspected. Emergency equipment, such as appropriate fire extinguishers for electrical equipment, emergency lighting, and alarms, needs to be distributed and maintained based on policy. Additionally, facilities teams need to request the ability to stream CCTV video to a handheld device or have remote access to security tools for 24/7 security review and enforcement."

Collaborating After a Compromise
Even when both departments are fulfilling their respective duties, the network can be infiltrated and compromised. In this case, like protecting the network, it is up to both IT departments and facilities departments to fix the problem. "For a remote attack, the facilities manager, in a penultimate act of defense, needs to be able to physically disconnect Internet access to the building," explains McGee. "For some attacks, law enforcement will require that the network be locked down and quarantined so that the affected and collateral devices can be inspected. The facilities manager will need to be able to secure physical access to computers and other network devices as required by investigators. Physical access to these devices will need to be limited to authorized personnel, so the facilities manager will need to coordinate with IT and investigators to enable access to appropriate individuals and not to others."

Not all attacks are remote, though. Network security breaches can also happen from the inside – whether an employee initiates the attack or the building is broken into. "For a local break-in or an insider attack, the facility manager needs to be able to lock down a building or campus segment and enforce some sort of personnel verification and inspection in the event of certain types of issues – such as missing hardware or stored data, McGee says. "They need to be able to override network-controlled physical access and they need to be able to review physical access records – like video capture and access logs."

Kylie Wroblaski is associate editor of BUILDINGS

 


Visit our website today to learn about the design flexibility of a Morton building and the endless possibilities of partnering with our designBUILD team.


Wood construction is both cost and energy efficient. Check out Morton Buildings and our designBUILD team online today to discover all the benefits of post-frame construction.


When choosing a metal-clad building for your next construction project, consider Morton Buildings, Inc., and their designBUILD team, we’ll make your dream a reality.

We Can Help You Reduce Energy by 30%

Our mission is to help our customers manage their buildings' energy costs, improve reliability, and enhance performance while having a positive impact on the environment.
CLICK HERE to find out how.

 

Add highly responsive multi-zone comfort to any building project, in any climate. Our CITY MULTI H2i R2- and Y-Series VRF systems give you flexibility to fit the needs of any building. Enjoy 100% heating capacity at 0°F outdoor ambient, and 85% heating capacity at -13°F outdoor ambient.  For more information, log on to www.mitsubishipro.com


Tennant Company is a recognized leader in designing, manufacturing and marketing solutions that help create a cleaner, safer, healthier world. With thousands of satisfied customers already using award winning ec-H2O technology, why not see what you're missing? Test ec-H2O on your soils in your facility. Get a free demo.


Tennant Company is a recognized leader in designing, manufacturing and marketing solutions that help create a cleaner, safer, healthier world. With thousands of satisfied customers already using award winning ec-H2O technology, why not see what you're missing? Test ec-H2O on your soils in your facility. Get a free demo.

 

Replace core drilling with Connectrac In-Carpet and On-Floor Wireways, the proven connectivity solution in open interior spaces of all kinds. These elegant low-profile wireways are great for AV / telecom connectivity wherever it’s needed.

 


Visit our website today to learn about the design flexibility of a Morton building and the endless possibilities of partnering with our designBUILD team.


Wood construction is both cost and energy efficient. Check out Morton Buildings and our designBUILD team online today to discover all the benefits of post-frame construction.


When choosing a metal-clad building for your next construction project, consider Morton Buildings, Inc., and their designBUILD team, we’ll make your dream a reality.

We Can Help You Reduce Energy by 30%

Our mission is to help our customers manage their buildings' energy costs, improve reliability, and enhance performance while having a positive impact on the environment.
CLICK HERE to find out how.

 

Add highly responsive multi-zone comfort to any building project, in any climate. Our CITY MULTI H2i R2- and Y-Series VRF systems give you flexibility to fit the needs of any building. Enjoy 100% heating capacity at 0°F outdoor ambient, and 85% heating capacity at -13°F outdoor ambient.  For more information, log on to www.mitsubishipro.com


Tennant Company is a recognized leader in designing, manufacturing and marketing solutions that help create a cleaner, safer, healthier world. With thousands of satisfied customers already using award winning ec-H2O technology, why not see what you're missing? Test ec-H2O on your soils in your facility. Get a free demo.


Tennant Company is a recognized leader in designing, manufacturing and marketing solutions that help create a cleaner, safer, healthier world. With thousands of satisfied customers already using award winning ec-H2O technology, why not see what you're missing? Test ec-H2O on your soils in your facility. Get a free demo.

 

Replace core drilling with Connectrac In-Carpet and On-Floor Wireways, the proven connectivity solution in open interior spaces of all kinds. These elegant low-profile wireways are great for AV / telecom connectivity wherever it’s needed.

 


 
comments powered by Disqus

Related Products

Sponsored Links