Holistic Security: Best Practices

Although you have to think about security vulnerabilities individually, you should plan your security solutions as a system of complementary techniques and technologies. Each level of the security solution should take into account preceding layers, but never assume that those preceding layers will stop an intruder. The following tips are best practices that most companies can use to significantly enhance their physical security:

  • Your network’s physical cabling is almost impossible to completely secure. Do the best you can by locking up wiring closets, hubs, switches, and so on, and assume that intruders will find a way to access transmitted data anyway.

  • Use technology-based solutions like IPSec to protect network transmissions against eavesdroppers.

  • Buy a laptop chain lock whenever a new laptop is purchased, and instruct the new laptop owner on its proper use. These simple $20 devices deter many thieves. You should also implement policy that requires their use at all times and specifically states that anyone whose laptop is stolen without the cable connected will repay the company for the laptop and the cost of the security administration (i.e., revoking certificates on the laptop).

  • Keep unauthorized computers off your network completely by not issuing IP addresses to unknown MAC addresses. You can also use nonstandard network plugs and jacks, which make it more difficult for outsiders to physically connect to your network (although expensive, this ...

Get Securing Windows Server 2003 now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.