416    Chapter 6 • Infrastructure Security: Devices and Media

                 Mobile devices provide a security leak simply because they allow confidential
             corporate information to be easily transported anywhere. In addition, many mobile
             devices provide methods to allow users to connect to a remote network. If these
             devices are not adequately secured, they can allow anyone who gains possession of
             the device to access the network. Securing communications going in and out of
             mobile devices is one method of combating this, and encrypting data stored on the
             device itself is another.
                 Coax cabling is an older style of network media that still has many limitations,
             which includes the fact that it is difficult to work with, is only good for short dis-
             tances, is limited to slower speeds, and is very vulnerable to breakdown. In most
             network designs using coax, a single break in the line can bring down the entire
             network.
                 UTP and STP cable are a step up, using multiple pairs of wires to provide net-
             work communication, which allows for greater distance, speed, and ease of use. In
             addition, most network designs using UTP or STP can work around a break in the
             cabling.A major vulnerability of both coax and UTP/STP cabling is that with the
             correct equipment, the network can be eavesdropped upon without having to con-
             nect to it.
                 Fiber-optic cable eliminates all of these vulnerabilities by using optical tech-
             nology rather than normal electronic technology.All communication takes place on
             a wave of light, which provides high speed and reliable communication. In addi-
             tion, it is not as vulnerable to eavesdropping and not at all vulnerable to EMI and
             RFI.The downside of using fiber-optic cable is that it is very expensive.
                 As far as removable media is concerned, magnetic tape was one of the earliest
             and most commonly used forms of data storage. It is still used regularly in backup
             systems and provides a low-cost solution to storing large amounts of data.
             Encrypting the data stored on the tapes and keeping the tapes secure are two good
             security practices. It is important to remember that magnetic tape is vulnerable to
             magnetic fields and can easily be erased with a simple magnet.
                 CDRs allow administrators to store a small amount of data on a sturdy plastic
             disk.They are not vulnerable to magnetic fields and are very portable.This leads to
             the possibility of a security leak of confidential corporate data. It is always wise to
             prevent CDRs or DVDs from being brought in to or taken out of a site.
                 Hard drives are considered removable media in that many servers have hot-
             swappable hard drives which allow a drive to be removed without having to open
             up the system.This could conceivably allow an intruder to simply walk out with
             data.This should be prevented with physical security for the data center itself, and
             by locking the drive chassis on the server.



          www.syngress.com