Relate typical forensic, biometric and security techniques to typical scenarios.
The Scenario
A company employing approximately four hundred personnel is considering the use of technology to improve its levels of security.
This security concerns both physical and logical access to areas within a single campus and networked computer system with ADSL Internet access. The company does not have a web presence at this time.
One system that is currently being considered for its general administrative and clerical staff is to use open plan offices with individual PC Workstations where staff may use any available machine and not have individual desks / machines (concept of ?hot desking?). It is further proposed that the use of individual Fingerprint readers to enhance workstation usage.
The company currently considers that it requires four levels of security, namely:
1. Public Areas
Within these areas members of the public will have free access during opening times.
2. General Access Areas
Within these areas those staff using the ?hot desking? concept will be allowed to move freely.
3. Senior Staff Areas
These areas will principally be individual offices for those staff that have access to details such as personnel files, finance, payroll etc.
4. Research Areas
These areas are to be considered the most sensitive where only a small number of staff will be able to gain access. Within these areas the company is developing its next generation of products.
Each of these areas should be considered for both physical access control as well as controlling logical access to the various sections of the network.
The company is also mindful that should security be breached it will be necessary to take steps to identify the attackers as well as the techniques used so that the probabilities of future attacks can be reduced.