Electronic Data Destruction

WHAT IS DATA DESTRUCTION?

Data Destruction is the process of removing data form an electronic storage device and making it unrecoverable. This vital process protects your private information from being reconstructed and used in a malicious way.

You may be surprised to learn that simply deleting a file does not necessarily remove it from your system. There are several methods to securely delete files and this article discusses the various steps that you can take to protect yourself, your company and your private information.

“simply deleting a file does not necessarily remove it”

WHY DO I NEED DATA DESTRUCTION?

Sensitive data may include bank account details, passwords, personal information, commercial and security information or even information relating to national defence. Whatever the nature of the data, it is important to ensure that it is secure; even after it has been deleted.

Most offices have a paper shredder and it is now common practice to shred anything containing personal information, why then do we not take the same precautions when removing files digitally. If your mobile laptop or tablet computer are lost or stolen it may be possible for someone to recover the deleted files using standard off the shelf file recovery software.

Simply deleting data does not permanently remove that information from the storage device, file information is kept in a directory on the hard disk and when a file is deleted, that file is removed from the directory only and marked as available space leaving the original data in place to be overwritten.

WHAT HOLDS MY DATA?

Your computer’s hard drive isn’t the only device that can hold sensitive Information. Other electronic equipment may hold sensitive data and even though it has been deleted, it may be recoverable.

USB storage devices

CD’s

Mobile phones

Cameras

Printers and plotters

Dictaphones

Media Tablets

Local Servers

Voice mail machines

DVD's

Smart phones can hold as much important information as a computer. They often store bank account details, emails, contact information and social media applications.

Many smart phones have a reset function built in to the system that will remove all data from the phone. However it may not securely format the drive. Much the same as a computer’s hard drive, the deleted files will be marked as available space but are still recoverable. The solution is to use the overwriting method by formatting the phone and repeatedly filling the hard drive with large files such as podcasts and movies. This has to be done manually and can be very time consuming. The more times this is repeated, the harder the data recovery will become.

HOW TO PROTECT YOUR PRIVATE INFORMATION

There are several ways you can permanently remove data depending on the recording medium used:

Overwriting works by replacing your data with random text, it repeats this task many times. Each overwrite is known as a pass. It is a popular and relatively low-cost option; however the more times that the information is overwritten the more secure the deletion but also the more time consuming. A very time consuming technique is “The Gutmann Method”, whichis widely considered to be the most secure method by overwriting the data thirty five times with carefully selected data patterns. However the United States Department of Defence recommends that data should be overwritten only seven times. This has a decreased level of security but is much faster than the Gutmann Method and  therefore more efficient.

Degaussing is a method of removing the magnetic fields from a hard disk or any other magnetic storage device. This method removes all data and often renders the hard disk inoperable. This can become very costly to replace hard disks but it is a good solution for out of date computers that are being discarded. Solid state hard drives and optical media devices such as CDs and DVDs do not rely on magnetic fields to store data so degaussing will not have any effect on these.

Physical destruction is simplydestroying the device that holds information through force. This is the best method for low cost storage devices especially CDs, DVDs and USB memory sticks.

“The Gutmann Method is widely considered to be the most secure method by overwriting the data thirty five times.”

Information stored and deleted on an encrypted disk remains unreadable as data is stored in characters that can only be read by having the correct password to decrypt the hard drive making the information readable again. Without this password, deleted files remain as secure as the encryption used.

CONCLUSION

Physical destruction of storage devices is possibly the only way to completely remove information, however this is often not a feasible solution. You should evaluate the sensitivity of the data and determine an appropriate destruction procedure dependant on the level of security, cost and time available. Whichever method you choose, please remember that once deleted, data may be able to be recovered.

FOCUS ON CYBER-STALKING

Cyber stalking and cyber bullying are a similar crime in that the same techniques are used to intimidate the victim. Cyber bullying might be considered a lesser crime by the inference within the name. However, whatever label it has cyber-crime is still crime. This article sets out to discuss some of the more basic issues related to cyber stalking and bullying. It differentiates these crimes from corporate or government cybercrime in that this article is intended to help individuals. This form of crime has many challenges to overcome to prevent it or apprehend perpetrators. With the ever changing landscape of social media and advances in computing technology, the cyber-criminal adapts to find new ways to intimidate. It is important to remember that to protect ourselves, we must adapt as well. METHODS OF INTIMIDATION Identity theft – With a few simple details such as name and address a criminal can impersonate you. Given a date of birth and a password, the cyber-criminal can wreak havoc with your name by setting up online shopping accounts, interfere with online banking and hack in to social media accounts. Data Attack – An unprotected computer and network provides a criminal with access to your data such as personal photos, letters, hobbies and interests. The data can be manipulated or destroyed or even read and used against a victim. Scare tactics – A cyber-stalker hides behind the internet and to many this means that they are elusive and untouchable. By issuing threats and manipulating personal accounts, the bully seams powerful. False accusation – A cyber-stalker may make false accusation via social media or free access web sites to try and incite others to abuse the victim. Adult content sites and accusations of paedophilic activity are common techniques for damaging the reputation of a victim. There are many other known techniques that a cyber-stalker may employ from false victimisation to GPS tracking. E bombs will swamp your inbox with junk e-mail and micro cameras can record your activity. The YouTube society means that getting information broadcast is relatively easy. HOW THEY TRACK YOU The methods of information gathering employed by cyber-criminals are broad ranging. There are many free access websites that already post personal information about you for anybody to see. People tracing sites list your last registered address along with the other people that lived with you at the time. These sites also track your social media activity and any information that you may have posted such as photographs and blogs. Other websites such as property sites will declare when you bought your house and how much you paid for it. The cyber-criminal treats information like a jigsaw. The more pieces they have the bigger and clearer the picture becomes. Phishing, key logging and spyware are all software applications that once installed on your computer can create a constant stream of your personal information to the outside world. These applications can be implanted by a seemingly innocent but rogue e-mail. The cyber-criminal is not guaranteed to stay online. The area between cyber-stalker and stalker is grey. More serious accounts involve close contact tactics such as card skimming, GPS tracking and filming to gain information and intimidate their victims. PROTECTING YOURSELF Protection against the cyber-criminal is a difficult subject to address because of the shifting technology on the internet. There are three basic avenues of protection. The first is doing what you can to defend yourself from cyber intrusion. Secondly, if you are being stalked there are additional measures that you can take. The other is information gathering. If you are being bullied or stalked then proving the crime is often quite difficult. VIGILANCE • Password protect all of your accounts - use complex passwords • Don’t use the same password for all accounts • Install anti-virus and anti-spyware software • Keep security software regularly updated • Use advanced security settings • If it’s on the internet and free it’s because you are the product • Don’t carry security details in your wallet • Be suspicious of unsolicited contact • Be suspicious of unusual contact or content • Never give out detail unless you are absolutely sure of integrity • Regularly reset your passwords and PIN numbers • Monitor your account activity • Reset passwords if used on an unknown computer • Be cautious of using geo-location services on your mobile phone • Keep work and family activity separate • Use encryption software to store data • If you are suspicious, act quickly SHUT THE GATES • Reset all passwords and PIN numbers • Check security software settings • Create new e-mail and social media accounts • Minimise use of cordless phones, baby monitors etc. • Replace your mobile phone • Review encryption software • Regularly check your credit rating • Regularly search your name on the internet EVIDENCE GATHERING It is critical to record times, dates and events by keeping a diary but to help the criminal investigation it is important to gather primary evidence. This is evidence gathered as close as possible to the source. There are electronic devices that can connect to your computer that record the time and date along with everything that happens on screen and everything that you enter on the keyboard. Software applications can indicate sources of malicious data through such techniques as e-mail and IP address tracing. CONCLUSION Protection is necessary to defend yourself from cyber-crime. Simple, user friendly tools and vigilance will go a long way to keeping you safe. If you are suspicious of a crime being committed then act quickly to alert the authorities, increase your defences and seek professional advice. Information gathering is key to resolving the issue. A crime without evidence is difficult to stop. ABOUT C-HQ c-hq provides effective technical advice based on the understanding of your threats, the associated hazards and their potential. We provide advice and guidance for the security of people and property, critical national infrastructure and the high security estate.

Defining PSIM

PSIM as a concept emerged because end user managers of security environments cried out for better management of their security information. They wanted to be able to do with security data what every other business unit does with the data from their respective business units – that is, to make intelligent business decisions. PSIM is a better, more flexible and much more useful way of managing security events and the information needed to respond to incidents than traditional command centre solutions. THE CHALLENGE Currently, improvisational, fragmented and off-the-cuff security management is the norm. It's common to find security operations and traditional command-and-control centres using paper-based processes and not sharing information. Business units and IT departments rarely have access to data in corporate security departments. Events are managed separately. Access-control-related events are monitored and managed separately from intrusion detection systems, and separate also from environmental sensors and other alerting systems. Often the people and systems are not even located in the same facility, inhibiting information sharing and correlation. THE CONSIDERATIONS Converged security and IT networks need to be managed to mitigate any risk of negative impact through the flood of data induced by an IP CCTV system. Ensuring interoperability across different vendors' devices/systems is a challenge. The physical security market as a whole lacks common, open standards. Thus, virtually, any deployment requires the development of new drivers to integrate various systems. Choosing the right system. The capability to intelligently analyse and cross-reference incoming data represents a further challenge, most PSIM systems, still process individual alarms. "PSIM is simply the security version of the larger, more important business tool of Information Management." THE BENEFITS PSIM principles may be used to produce better situational awareness, prompting better security and business decisions. Situation management software creates useful information out of raw video by contextualizing it (unifying video, alarm and sensor data) which improves situational awareness and makes incident responses more efficient. Data management best practices are more pervasive now. Regulatory compliance and management best practices dictate that computer systems and data be handled in standardized ways. Security departments are, in general, not compliant with these best practices. The PSIM system will aggregate, correlate and analyse data from various sources, including alarms, environmental sensors, intrusion-detection systems and video surveillance to …. ● Present a situational view of data. ● Guide standard operating procedures by documenting efficient best practices for every situation. ● Identify trends by searching through data from current and past events to create reports. ● Audit operator behaviour by recording all responses to all alerts for later analysis. CONSLUSION Physical Security Information Management systems provide specific security information based on intelligent analysis of data from a range of sensors from what would traditionally be disparate systems. It enables an organisation to manage risk and ensure that standard procedures are carried out at an enterprise level. ABOUT C-HQ c-hq provides effective technical advice based on the understanding of your threats, the associated hazards and their potential. Working in line with CPNI guidelines, we provide advice and guidance for the security of people and property, critical national infrastructure and the high security estate. We provide support in the development and the design of your system. Producing schematics, schedules, interac-tion matrices and configuration tables as well as compliancy documentation and commercial selection. An effective protection system protects more than just assets, it protects a business.

Credit: Steve Hunt http://www.huntbi.com Frost & Sullivan http://www.frost.com

Control Room Design

A suitable and proportional control room along with its associated areas is essential to the implementation of a robust security strategy. Operators will undertake a mixed range of tasks from VDU/GUI operation to producing reports and documentation. In order to achieve the most success from a security system, the control room must be designed with the operators in mind. Consideration should be given to the following.    ● Security Policy    ● Security Procedures    ● Security Mechanisms    ● Task Identification    ● Time and Motion Analysis    ● Sociotechnical Interfacing    ● Proportional Accommodation    ● Resilience    ● Disaster Recovery    ● Compliance with regulation and standards    ● DDA Assessment The control room suite should be located in a position where it cannot be isolated or compromised, as it must be able to continue to operate in the event of a serious disturbance. A Briefing Room may be necessary for management during a serious disturbance. The location of this room needs to have safe access for emergency personnel and services. Access to a restroom/kitchen should be available. The staff toilets should ideally be separate male and female, but unisex toilets may be considered when space is at a premium.  A disabled toilet facility should be available as required by the DDA assessment. A staff shower room should ideally be provided incorporating sufficient dry area for changing and storage of clothes whilst showering. Adequate space must be provided for the services that are essential for the operation of the control room. Adequate height must be provided to allow for raised floors. Raised floors and ceiling voids must be secured within the envelope of the control suite. Lighting should be appropriate for all the tasks being performed. However, consideration needs to be given to reflection and glare on monitor screens. The control room should be designed as a low noise environment with sound absorbing ceiling tiles, etc. The use of cross talk attenuation may need to be considered where ducts pass between separate rooms. The ergonomics of the room needs careful consideration with respect to the positioning on monitors and display technology in relation to the operators. Headaches can result from and signle or combination of the following.    ● Screen Glare    ● Poor Image Quality    ● Stress and Anxiety    ● Long Periods of VDU use    ● Poor Posture The sociotechnical interfacing considerations should take in to account all of the above along with issues relating to watching images that don’t change very often, which can lead to “change blindness”. Black screen technology and PSIM solutions increase operator efficiency. Control room design has many facets of consideration, from ergonomics to integration. Control room design, whether large or small must form part of the overall security strategy and mechanism.

WHAT IS THE MOST RELIABLE BIOMETRIC TECHNOLOGY

I was recently asked which biometric technology I thought was most reliable. This is a relatively easy question to answer until I considered the wider issues of using it as a form of identification for access management and then trying to work out which technology is best. Physical biometric identifiers are the distinctive and measurable characteristics used to identify individuals such as facial recognition, fingerprints, palm vein, iris and retina patterns etc. The reliability of a technology tends to be the inverse of the social acceptance of that technology. Fingerprints are socially accepted with some resistance from those that associate them with criminal behaviour but they have a relatively high false positive or rejection rate. Which may be fine on a small access control system to a comms room but in an airport with thousands of passengers passing through on an hourly basis, a high percentage failure rate is unacceptable. Facial recognition is quite uncontroversial but equally has relatively high failure rates. It is generally regarded that eye scans are the most reliable form of biometrics. However, technology such as iris and retina scanning appears to have more social resistance due to its perceived intrusive nature. For this reason iris scanning is now more prevalent than the deeper retina scan. The reliability of iris scanning was born out in a study carried out by the National Physics Laboratory some years ago, where is competed against six other technologies and won with the best false match and rejection ratios. The problem is compounded by the fact that biometric systems provide"probabilistic results". It is possible to get variable results due to technical issues and degradation of data, such as fingerprint damage for example. There is also evidence of ethnicity, age, sex and medical conditions affecting rejection rates. Having poorly installed and maintained systems combined with the deployment of biometric technology at airports and other high volume portals without understanding the biology of the population being screened could lead to long queues. In conclusion, no single biometric trait has been identified as fully stable or distinctive and biometric reading technology should only be deployed with this in mind. False positives and reject rates need to be considered in line with the number and the biology of the users of the system.

Access Control the Basics

ACCESS CONTROL

Electronic access control can be defined as any system that restricts access based on authority to enter. However, beyond this access control can restrict interaction with a resource. This area could include controlling access to a computer terminal or specific software.

OPERATIONAL REQUIREMENT

In order to maximise the benefits of your access control system it is important to establish some basic criteria as a starting point for the system design. The first of which is to define the problem and consider if electronic access control is the most appropriate response. Given that the answer is “yes it is”, it is critical to establish the operational requirements (OR) of the system.

The basic model for an OR is to establish the following information…

Site Plan – to identify areas of concern.

Statement of the Problem.

Stakeholder Liaison.

Risk Assessment.

Success Criteria.

Determine the Technical Solution.

With the OR in place it is then possible to design the most appropriate access control solution taking in to consideration that authorised personnel should not be impeded from their routine activities.

Level two of the OR should establish each portal to be controlled along with specific requirements such as emergency exit, manual override, time zones, alarm conditions and response.

Finally, the response to access control information needs to be considered. Who will monitor it, where from, what training do they need and are there any legal issues associated with discrimination and data protection?

SYSTEM DESIGN

  There are many technologies available that validate a user as having the authority to proceed.

RFID cards and tokens.

Smart Cards.

Fingerprint.

Palm print.

Iris Scan.

Facial Recognition.

These “readers” will need to connect to a control device that holds the access data and controls the locking method. The controller needs to be intelligent in its own right and not rely upon connection with a software application running on a remote computer or server. The selection of the door controller is dependent upon the number of people logged on the system, the level of security required and whether the system will be managed either locally or remotely. These elements must be established early in the Operational Requirement to ensure that the system is appropriate and not over engineered.

Door hardware needs to be considered to ensure that a suitable locking and override method is deployed. Access through a door will be granted by either applying or removing power to an electric release mechanism. Where emergency exit is required, the locking device must be fail safe and be wired in series with an emergency release mechanism such as a break-glass unit or a fire-panel relay. Higher security doors that are not emergency exit may be fitted with fail secure locks so that if the power is removed, the door remains locked. The type of electric lock mechanism will depend on the type of door.

The door should be fitted with a sensor so that the access control system can report a range of conditions such as…

Door secure.

Door Insecure.

Door Held Open.

Door Forced Open.

DISCRIMINATION

Great care should be taken when designing any access control system to ensure that the reader and barrier technology can be operated by both able and less able people. It may be necessary to consider reader mounting heights, hands free cards or coded transmitters to overcome discrimination issues.

SECURITY ISSUES

Access control is just what it says “access control “. It does not necessarily secure a portal because of the risk of someone following an authorised person through or a door being held open. There are techniques to reduce this risk that need to be considered in the system design and overall access control philosophy.

Access control cards can be vulnerable to cyber-attack but more likely lost or abused.

The principles of PIDS

The first principle to “Demarcate” will clearly define the boundary of restricted areas. Visual demarcation will generally be the fence line itself; however, the fence needs to be identified with signage to make it quite clear that this is a secure perimeter and that breaching this fence line will incur a penalty. The penalty will be dependent on the nature of the activity or perceived intensions of the intruder. Signage needs to be clear, concise and visible. Anybody approaching the perimeter, whether innocently or with an intension to breach it must be presented with a clear message that will define the purpose of the barrier and the severity of the consequences if they do breach it. Effective signage can also provide a level of deterrent that will discourage casual wandering into prohibited areas. “Detection” is the process of identifying and notification of a valid intrusion event, or attempt. There are many technologies that can be deployed from vibration sensors to radar. A key point to remember when deploying any technology is the consideration of the local environment. Technology can be affected by terrain, weather conditions, wild life and vegetation, amongst many other factors. Whenever possible it is better to “Deter” an intruder rather than detect the event. Signage and visual cues can be used to put off the less determined but the higher the motivation of the intruder the less likely they are to heed any warnings. Security planting, such as thorny bushes can be used to deter people with a relatively low motivation to enter a particular area. A highly motivated person will attempt to breach perimeter defenses whatever the risk. In this case “Delay” tactics need to be deployed to ensure that the perpetrator is caught and either detained or displaced. Delays can be caused by the physical strength of a barrier against intrusion or entanglement by something such as razor wire. When designing a perimeter system of this magnitude it needs to be considered that there will be an element of nuisance alarms. These will be managed, to an extent, by the technology deployed. However, extreme weather conditions and animals will cause systems to trigger a “false” alarm condition. If the frequency of nuisance alarms gets above a certain point, operators become complacent and reset alarms without investigation. In order to maintain operator alertness it is essential to minimize events and provide a facility for them to be able to instantly verify or “Determine” the event as it happens. One of the best forms of verification is visual by the operator. If the operator can see what has caused the event they are instantly armed with the best intelligence to react appropriately. Visual verification of the event can be achieved using conventional CCTV, however it has its limitations. Darkness, fog and foliage can all limit the operational effectiveness of a CCTV system. Thermal imaging could be considered as a means to overcome these issues. The final system is likely to be made up of a combination of techniques to protect the perimeter; using different delaying methods dependent on environment and sensitivity of the area. Nuisance alarms can be minimized by using dual detection methods so that if either detects an event it can alert the operator but not go in to full alarm until both detection systems register the same event. Verification of an event can also be made semi or fully automatic by deploying specific software that analyses the content of a video signal to determine the nature of the intrusion before bringing it to the attention of an operator.

Bogus security guard arrest http://ping.fm/u5nDz security

CCTV: what trends can we expect in 2011? http://ping.fm/bwYSB CCTV SECURITY

Rob Whiteman

appointed CEO of UK Border Agency http://www.info4security.com/story.asp?sectioncode=16 &storycode=4127755

New #security resource

www.chqconsulting/advice/ for overview of technology 

Retail Crime Cost Soars to £1.4 billion

http://tinyurl.com/6sfhwpp  are you protected? #security #theft