Server Compromised "Unauthorised Penetration of a Building"

The Victim - Security Awareness - Assumptions

“He told me he was here from head office to conduct a building survey. I let him have access to our floor, and now I come to think of it, he was not wearing an ID card. He was very well dressed, and had a folder with building plans. I just assumed that if he had passed through security he was one of us. How I am going to tell my boss that we have had our server compromised?”

Lessons Learned:

  • Never ever take a person at face value unless you personally know them.
  • If you don't know someone, challenge them for their ID and, more importantly, check if they have gained access by the formal process through security. Remember adversaries can quite easily formulate and construct false ID cards.
  • Never ever escort persons into restricted areas unless they have the proper approval. Adversaries will quite often say "it will only take a minute", and use any excuse to gain entry to their target i.e. - "Your Asset!"

Authored By:

Alan Smith CPP, PSP, FSyl