Look at what universities use. They have thousands of users that need access to various areas, but only to very specific areas around campus. This includes students as well as staff.
They need to control who has access, as well as when access has been gained. Most employers now use some kind of ID system, the 'access keys' could be included in the ID. It could be as simple as RFID to magnetic stripes. You could also combine these with keycodes chosen by the individual users. With this dual level of authentication, the keycodes would not need to be updated regularly because of the dual authentication.
You could use one of your onsite servers to control access and log access. These servers could be updated in real time. The only worry would be that the server could not be updated quickly enough after an employee was fired. This is where HR comes in, if you have your system immediately revoke ID's upon employee termination, terminated employees would not be able to gain access. On the off chance that the servers could not be updated due to communication problems, the server that controls access logs would show that the terminated employee gained access to a facility after their rights had been revoked. Combine this with video surveillance you will have both digital and pictorial proof of the illegal access. In a worst case scenario, one of you security officers would need to physically show up to the site to allow access to someone that has the right to access the facility, but the inability to do so.
What about the various organizations that run honeypots. They specifically set up computers to be infected by these bot-nets in order to investigate how they propogate and eventually get rid of them. I'm not sure if these organizations pursue prosecutions, but disbanding the bot-net is more important than prosecuting a russian hacker.
As an aside: How did you detect the infection?
I would think that ALL of the various A/V companies would be interested in your findings, as well.
I used to live in an apartment building that had a service contract with Comcast. While I lived there, I had to use some special codes that I found on various forums in order to use my fax. I had a 5/1 consumer level contract.
Then I moved into one of the most expensive neighborhoods in the area (boston north shore), my only option for internet service was 3/376k. After my move, my Vonage voice service turned to crap. I even use a WRT54G with Tomato firmware for bandwidth shaping. Eventually I ended up connecting my Vonage box directly to my modem and the voice quality was worse than using sattelite internet. EVERY call I made had drops that lasted as long as 45 seconds. The only change to the setup was that I moved to a different, more lucrative Comcast neighborhood. The only logical conclusion that I could come up with was that Comcast was shaping my traffic. This was evidenced by the fact that my normal internet usage was _never_ interrupted, even when watching video, but especially when using uTorrent!
Every service that I used at my old apartment worked just the same (even though I had lower bandwidth), except for Vonage. I ended up dropping Vonage altogether because it was useless at my new home. I am now a member of the cell phone only family!
I now belong to the Comcast sucks club and am waiting urgently for FIOS to arrive where I live! Whenever it shows up, even if it costs more, I will be switching. Unfortunately, it will be a choice between two evils...Comcast or Verizon.
Slashdot Mirror
Look at what universities use. They have thousands of users that need access to various areas, but only to very specific areas around campus. This includes students as well as staff.
They need to control who has access, as well as when access has been gained. Most employers now use some kind of ID system, the 'access keys' could be included in the ID. It could be as simple as RFID to magnetic stripes. You could also combine these with keycodes chosen by the individual users. With this dual level of authentication, the keycodes would not need to be updated regularly because of the dual authentication.
You could use one of your onsite servers to control access and log access. These servers could be updated in real time. The only worry would be that the server could not be updated quickly enough after an employee was fired. This is where HR comes in, if you have your system immediately revoke ID's upon employee termination, terminated employees would not be able to gain access. On the off chance that the servers could not be updated due to communication problems, the server that controls access logs would show that the terminated employee gained access to a facility after their rights had been revoked. Combine this with video surveillance you will have both digital and pictorial proof of the illegal access. In a worst case scenario, one of you security officers would need to physically show up to the site to allow access to someone that has the right to access the facility, but the inability to do so.
What about the various organizations that run honeypots. They specifically set up computers to be infected by these bot-nets in order to investigate how they propogate and eventually get rid of them. I'm not sure if these organizations pursue prosecutions, but disbanding the bot-net is more important than prosecuting a russian hacker.
As an aside: How did you detect the infection?
I would think that ALL of the various A/V companies would be interested in your findings, as well.
I used to live in an apartment building that had a service contract with Comcast. While I lived there, I had to use some special codes that I found on various forums in order to use my fax. I had a 5/1 consumer level contract.
Then I moved into one of the most expensive neighborhoods in the area (boston north shore), my only option for internet service was 3/376k. After my move, my Vonage voice service turned to crap. I even use a WRT54G with Tomato firmware for bandwidth shaping. Eventually I ended up connecting my Vonage box directly to my modem and the voice quality was worse than using sattelite internet. EVERY call I made had drops that lasted as long as 45 seconds. The only change to the setup was that I moved to a different, more lucrative Comcast neighborhood. The only logical conclusion that I could come up with was that Comcast was shaping my traffic. This was evidenced by the fact that my normal internet usage was _never_ interrupted, even when watching video, but especially when using uTorrent!
Every service that I used at my old apartment worked just the same (even though I had lower bandwidth), except for Vonage. I ended up dropping Vonage altogether because it was useless at my new home. I am now a member of the cell phone only family!
I now belong to the Comcast sucks club and am waiting urgently for FIOS to arrive where I live! Whenever it shows up, even if it costs more, I will be switching. Unfortunately, it will be a choice between two evils...Comcast or Verizon.