Slashdot Mirror

← Back to Stories (view on slashdot.org)

Securing Your Facility?

Posted by Cliff on from the doing-more-than-keylocking-your-door dept.

krahd asks: "We, at the CS department of our University, in Uruguay, are evaluating different ways of securing the access to our floor. Until now we have used just a traditional door lock, but its's time to delpoy a new, more geeky solution. So, after reading this Ask Slashdot, I figured I'd pose this question as a follow-up. What would be the best way to do it? We've already evaluated biometric technologies like iris-scanning and fingerprint-scanning, and more traditional ways like intelligent cards but, what others possibilities exist, and which would you choose? Yes, price does matter."

6 of 61 comments (clear)

  1. Armed Guards by missing000 · · Score: 4, Funny

    Are cheap and effective. Keep a list of people allowed in and out, and check ID's religously.

    Not what you were looking for? I suggest implimenting a system involving some kind of 'frikin lasers'

  2. Re:biometric!!! by Hanashi · · Score: 4, Informative
    They also require a 4 digit pin number. Kinda defeats the purpose, huh?

    That does not defeat the purpose at all. The concept of using two different authentication mechanisms together is called two-factor authentication. Not only is it a well-established Information Security principle, it's also considered a Best Practice.

    After all, if someone steals your finger, at least they won't know your PIN!

    --
    Check out my eclectic infosec blog at InfoSecPotpou
  3. Sadly the Solution Is... by Inexile2002 · · Score: 4, Insightful

    Whatever, any security system will do.

    Just manage it properly. I chimed in on the last conversation on securing your network and made basically a related point. You can implement biometrics (I wouldn't recommend), proximity cards (which seem very popular and have some advantages that I'm sure others will discuss), keypad locks etc. But, if you don't manage the access, that is track who has a card, who used to have access but shouldn't now etc everything else is just there for appearance's sake. Security is a process, NOT one time thing.

    Say you go with proximity cards, the real security in those is that you can regularly check who has access to what, who USED their access and so forth. (While also true of a keypad or biometric system, proximity card systems relatively cheap, reliable and ubiquetous on the market.) Regular reviews of access and access privileges are MUCH more important than which technology you choose.

    That said, you should define very clearly who should and shouldn't have access to your secure areas. Once you've defined who should and shouldn't, then define what levels of security will exist for those who should have security privileges. THEN, regularly review security privileges to see if the actually privileges out there jibe with your security definitions. Finally, if possible, design your system based on layers of security, where the most secure areas cannot be reached without first passing through less secure areas.

  4. Depends by Glonoinha · · Score: 4, Insightful

    I would say it probably depends on how important locking down the facility is to him.

    If you only need to keep honest people honest then locks and keys are really the best bang for your buck, and are going to be equally as effective as any high dollar thermal / visual / biometrics system.

    Given that many buildings are built to residential spec's (meaning 18" between studs with drywall) or have glass windows I can circumvent most door locks with a razorblade (cut through the drywall anywhere except where the door is, generally from a neighboring room,) a hammer (break glass, climb in,) or a ladder (false hung ceilings are made of something only slightly more substantial than cardboard, move the ceiling tile in the hallway, climb up, move 6 feet in, move another tile, drop down.

    None of the above are particularly effective vs. an armed guard with an attitude.

    --
    Glonoinha the MebiByte Slayer
  5. Drywall is cheap. Don�t forget the basics� by (H)elix1 · · Score: 4, Funny

    Make sure your walls go all the way to the top. Sounds silly, but way back when I was in college, the company I worked at installed all sorts of card readers and magnetic locks. What they did not do was actually run the wall beyond the suspended ceiling. On the bright side, the doofus's id card triggered the reader on the other side when he hopped the wall.

    --
    +++ UGUCAUCGUAUUUCU
  6. Where I used to work by Judg3 · · Score: 4, Interesting

    We used a combo of Proximity/Smart cards and some biometric stuff.
    All the workstations for the operations department used smart cards that also acted as proximity cards.
    You'd plug in your card to the PC, enter a password, and you have access.
    It also doubled as the proximity card, which we used for all the datacenters we had in the building, as well as for some of the cabinets.
    For the critical NASDAQ stuff we had a seperate room with a mantrap, proximity card and hand scan. Once again all those cabinets in the room also used proximity cards.

    This way, while most of us had access to the datacenters, we could only access the cabinets that we were supposed to. Network guys could only access cabinets that where needed by them, etc etc.

    Worked pretty well, especially the combo smart card/proximity card. This way, you had to grab the card and take it with you when you went anywhere, which locked the workstation and prevented an inhouse people from tampering with anything.

    --
    Looking for hardware (Currently need: Large Etch-a-Sketch) Have one? See my journal!