These are the Achilles’ Heels of IT data centers. The solution… Conduct periodic IT data center Technical Surveillance Countermeasures (TSCM) inspections.
Let’s look closer at a few of these information security loopholes.
Finding these devices is the primary, but not the only, function of periodic IT data center TSCM inspections.
Wi-Fi Security & Compliance
Just one loophole…
Hackers are in.
Data is out.
&
“You are out of compliance.”
Wi-Fi is used by printers, VoIP phones, security cameras, and a variety of other IoT devices.
A common scenario… The IT department secures the Wi-Fi system when it is first installed. Then, an executive orders a printer from Amazon on their own. It comes with unsecured Wi-Fi turned on by default. Instant Achilles’ Heel. Hackers attack. Once this far in, they gain sensitive data, passwords, and can attempt further pivots into the network.
You probably have an information security policy. Does it include the proper storage of unattended sensitive paperwork, a clear desk policy, and the shredding of sensitive wastepaper? Are employees abiding by the policy? An IT data center TSCM inspection will identify and help you solve these issues.
Security Hardware Fails
Security hardware may have been improperly installed, can break, decay in effectiveness, or be crippled on purpose, like this taped door lock. When the door was closed the compromise was invisible. IT data center TSCM inspections uncover security hardware fails like these.
Office Technology Threats
Advanced office equipment can be very helpful. Networked print centers are a good example. Their Achilles’ Heel, however, is that all print jobs are stored into memory and can be remotely extracted, or have their hard drive swapped out. IT data center TSCM inspections will alert you to office security vulnerabilities, and offer solutions.
If you have any questions, or would like to schedule an IT data center TSCM inspection, just let us know.
###
Kevin D. Murray CPP, CISM, CFE, CDPSE is a business counterespionage consultant and TSCM specialist with over four decades of experience. Murray Associates is an independent security consulting firm, providing eavesdropping detection and counterespionage services to business, government and at-risk individuals.
Headquartered in the New York metropolitan area, a Murray Associates team can assist you quickly, anywhere in the United States, and internationally.