WEBVTT 00:00.000 --> 00:02.310 >> Okay guys, in this section, 00:02.310 --> 00:03.480 we'll talk about reducing 00:03.480 --> 00:05.820 the attack surface. The idea 00:05.820 --> 00:07.710 here is that some software like 00:07.710 --> 00:10.830 operating systems can really be bloated and contain 00:10.830 --> 00:12.240 a lot of applications and 00:12.240 --> 00:14.940 services that may not be necessary. 00:14.940 --> 00:16.590 But the more services and 00:16.590 --> 00:18.765 applications you have running on a system, 00:18.765 --> 00:20.775 the larger the system is, 00:20.775 --> 00:24.185 and that also means it has a larger attack surface. 00:24.185 --> 00:26.060 So if you can uninstall or 00:26.060 --> 00:28.325 disable some of the unnecessary services, 00:28.325 --> 00:32.599 you can reduce the attack surface and harden 00:32.599 --> 00:34.850 the system. But it's more than just reducing 00:34.850 --> 00:37.265 the amount of extra software or hardware. 00:37.265 --> 00:40.565 Reducing the attack service also involves patching 00:40.565 --> 00:41.974 and updating your systems 00:41.974 --> 00:44.580 to make them a harder to attack. 00:45.490 --> 00:49.025 Now before we talk about hardening our systems, 00:49.025 --> 00:52.385 we also need to think about hardening our facilities. 00:52.385 --> 00:54.620 Now, when it comes to where 00:54.620 --> 00:56.195 your facility should be placed, 00:56.195 --> 00:57.680 we want to think about somewhere 00:57.680 --> 00:59.735 where there is natural surveillance. 00:59.735 --> 01:01.130 You don't want to be at the end of 01:01.130 --> 01:02.695 a driveway off the road, rather you'd 01:02.695 --> 01:05.210 want to be somewhere where there is a lot of 01:05.210 --> 01:08.975 traffic or in an area that is frequently observed. 01:08.975 --> 01:11.810 Fences are helpful, but they should be 01:11.810 --> 01:14.565 eight feet high in order to DETER an intruder. 01:14.565 --> 01:16.310 There is no height that will totally 01:16.310 --> 01:18.020 prevent a determined intruder, 01:18.020 --> 01:19.895 but you can't DETER someone. 01:19.895 --> 01:22.190 In many cases, we were just looking to 01:22.190 --> 01:25.100 use layered defense to slow an attacker down. 01:25.100 --> 01:27.080 Lighting is important, 01:27.080 --> 01:29.150 it should be eight feet high and overlaps 01:29.150 --> 01:32.195 there are no dark areas that are not lightened. 01:32.195 --> 01:35.450 Door should have hinges that are internal to the door 01:35.450 --> 01:38.795 and not in a place where an attacker can pop them open. 01:38.795 --> 01:40.820 For your windows, you want 01:40.820 --> 01:42.320 to have the strongest available, 01:42.320 --> 01:44.900 which are polycarbonate or Lexan, 01:44.900 --> 01:47.350 such windows are bulletproof. 01:47.350 --> 01:50.000 Security guards and man- traps are 01:50.000 --> 01:52.040 important to stop someone from trying to force 01:52.040 --> 01:53.270 their way in or 01:53.270 --> 01:55.760 piggy-backing or tailgating on another person who has 01:55.760 --> 01:59.510 access.. We went to log the entry and 01:59.510 --> 02:01.430 exit of all visitors so you can 02:01.430 --> 02:04.070 keep track of all the people who have had access. 02:04.070 --> 02:07.115 If you really want to tightly control visitor access, 02:07.115 --> 02:08.900 one thing you can do is require 02:08.900 --> 02:12.305 a drivers license in exchange for the visitor's badge. 02:12.305 --> 02:14.180 This helps ensure that when people 02:14.180 --> 02:15.845 are actually who they say they are, 02:15.845 --> 02:17.330 and also that they will return them 02:17.330 --> 02:19.680 visitor's badge when they leave.