Review the video "The Sparks Chronicles: Episode 1" at the end of the Week 2 Lecture. What conditions and vulnerabilities do you see at this facility that could threaten the organization's network and data? What physical security measures and procedures would you implement to enhance the security of the IT room?

Below is the transcript

The Sparks Chronicles Episode1 Transcript

Print

BILL: Hi-- you must be Jack Spark. I'm Bill, the plant manager here at Acme. Corporate feels that we should be proactive about assessing threats to our plants, so we called you to conduct a security survey.

JACK: Great. Why don't you show me around the facility?

BILL: We manufacture auto parts at this facility, and we ship parts across the US and Mexico. We also import supplies from all over the world. As you can see, we already have security measures in place, such as this fence.

JACK: Hmm.

BILL: This is our main entrance. As you can see, everyone is required to wear an ID at all times. This is our financial department, records department, and over there is the executive suite.

JACK: Hmm.

BILL: This is our IT department that basically keeps the whole place running. As you can see, we take a lot of precautions with this area. --and go home, but no. She wanted to go to Blockbuster and pick up something that was going to be $4 and-- and-- [LAUGH] it's going to be a chick flick, we're not going to like it, so we're just going to waste the money and then waste the night. Great. Thanks a lot, honey-- that's all I really want.

JACK: Hmm.

BILL: Well, that's about it. What do you think, Jack?

JACK: I think you've got your work cut out for you. Acme is vulnerable in several different areas. That fence around the perimeter couldn't keep my dog Fluffy out. You need a fence that is least seven feet tall, with a top guard that extends another foot. Plus, there's no proper signage saying that only authorized employees can enter. And your main entrance? A gorilla could walk right in the front door and no one would stop it. You need a real security guard there, checking IDs. Visitors will have to go through the guard, too. He confirms that the visitor is expected, signs them in, and then makes sure they are escorted to where they need to go. As for the interior of the building, a major vulnerability is the executive suite. There is nothing stopping an employee or an intruder from walking right into the CEO's office and accessing sensitive information. There should be a closed entrance to the upper level management, with key-card access control. And finally, the IT department. Let me ask you-- do you leave your front door open when you leave your house? Do you leave valuables in your car? I thought not. You said the IT department keeps this whole place running. So why are unauthorized people hanging out in there? Lots of things could go wrong. The computer room should be secured with card-access control. Signs should clearly state no unauthorized persons are allowed inside. Plus, you should have strategically placed cameras at all key points in the building, not just the IT department.

BILL: Wow. I had no idea we were so vulnerable.

JACK: No problem. It's all in a day's work. [DIGITAL PHONE RING] Gotta go.