Phishing, pharming, hacking and malware are all terms most electrical or low-voltage contractors know a little about. Contractors at least know the damage such computer threats can do to their clients.
According to the Columbia (Mo.) Business Times, the volume of spam increased 100 percent in 2007 over the previous year, and spam had become more dangerous, with URL-based viruses increasing 256 percent.
While there has been a lot written about ways information technology (IT) staff can keep corporate networks safe, there also are steps that electrical and telecommunications contractors can take. An EC can help build physical networks and environments that will protect their clients’ networks.
Inside or outside
“The threats can come from either inside employees or outside nonemployees,” said James Michael Stewart, an IT trainer and owner of the IT training company Impact Online.
Unlike outsiders’ threats, insiders are most often nonmalicious and even unintentional. Either form of threat can leave a network vulnerable, so safeguards should be implemented to prevent this. For instance, it is important that the actual physical infrastructure of the network be as inaccessible as possible.
“Limit direct access so that no one can just walk up, break into the network and connect,” Stewart said. “There should not be any exposed cables onto which ‘sniffers’ can be directly attached to eavesdrop on a cable.”
Less subtle than a sniffer, but arguably more destructive (at least in the short run), is a disgruntled employee or common vandal who gains access and proceeds to cut exposed cables.
All cables should be behind walls, above ceilings and out of sight. Of course, that is all consistent with industry--standard code. But nearly every experienced cabling contractor has seen installed cables that are exposed, and technicians will do their clients well by pointing out the security risks of such exposures. In addition, all doors to telecommunications rooms should be kept locked.
“One place where this vulnerability can be overlooked is in a building where multiple offices use central punch-down blocks, like on a ground floor or in a central closet on each floor,” Stewart said.
Similarly, he cautioned that outside access points can be exploited.
“Oftentimes, those access points are enclosed in boxes that are only secured with break-away plastic locks,” Stewart said. “A serious hacker can break into them by just tearing away that lock, installing a listening device, and then putting another plastic lock in its place. That is why those boxes need padlocks.”
But much easier unauthorized access is available through a common wall jack.
“There should not be any active ports that do not have approved devices attached to them, for an open port can be hacked,” Stewart said.
Any unused ports should be disabled at the switch, so employees cannot attach rogue devices that provide unmanaged access to the network.
“That is especially true for ports in areas that have unsecured or public access, such as reception or receiving areas or areas that may be open to public tours, where outsiders can have physical access to the network,” Stewart said.
Another point of concern may be wireless access points (WAPs). If employees or hackers gain access to one, they can potentially plug an extra cable into it in order to connect a rogue device. Or the intruder might—intentionally or unintentionally—press the WAP reset button, which would restore the device’s factory specifications and password, making it either nonfunctional with the current network or vulnerable to anyone with access to the default factory password. Stewart suggests that contractors consider offering bids to clients to install nonmetal cages around WAPs to make them harder to hack, especially in high security environments.
Additional hardware strategies include intelligent infrastructure or intelligent patching solutions, which enable IT staff members to see and arrest unauthorized network accesses when they happen. These solutions provide real-time notification whenever there is a change in the network usage, which will provide a much shorter time that an unauthorized intruder can survive on a network, be that a nonmalicious insider or a malevolent hacker.
A safe network requires an infrastructure that is engineered and constructed well. Electrical and telecommunications contractors who are well educated about security issues and infrastructure options can partner with their clients to help them be equipped to ward off what have become inevitable attacks.
MUNYAN is a freelance writer in the Kansas City, Kan., area, specializing in business writing and telecommunications. He can be reached at www.russwrites.com.