Have you checked if your enclosures are hacker-proof?

Cyberattacks on physical security systems are a major concern now. But this concern is often limited to surveillance cameras, access control systems, and devices at the endpoint. An often-ignored component is enclosures.
 
Enclosures containing electronics, communications, or cabling infrastructure offer a simple attack point for cyber breaches and an opportunity for a physical attack on the infrastructure. Yet, many of these assets are housed within enclosures that provide minimal security features to offer a deterrent to any would-be attacker.

Also read: Cybersecurity looms as a major concern

An unaddressed problem

Walking down the street, you can often see open street-communication cabinets. Sometimes you can even clearly see the equipment inside. Now, if it were an IT-related enclosure, there have been solutions to protect cabinets and enclosures. Cameras would be in place that would take a snapshot of any attempt to tamper with the enclosures, and they would have an audit trail of who has opened that door.
 
But the physical security world has not taken up such high levels of protection when it comes to enclosures. Part of the challenge is that many physical security professionals still need to accept that modern devices are now digital and can be considered potential cybersecurity risks.
 
Speaking to asmag.com recently, Iain Deuchars, GM at Comnet/Vanderbilt, said that this is an issue their company has been trying to address proactively by building solutions that help enclosures become intelligent. Intelligent enclosures can stop potential cyberattacks before they spiral out of control.

What is intelligent enclosure protection?

Enclosures differ in size, shape, build, or how they’re mounted. But one thing they have in common is that all of them have a door.
 
“And this was our starting point for adding a level of protection to enclosures because you can add magnetic contact sensors to them to identify any potential threats,” Deuchars said. “Our intelligent enclosure protection solutions are designed to do just this. We ensure that access to the enclosure should be monitored, at a minimum, and, ideally, monitored and controlled.”
 
Simply put, an intelligent enclosure has safety mechanisms in place that would provide more control to the stakeholders, alerting them of untoward incidents. These measures include:

• A simple tamper switch that notifies the door position
• A maglock that offers remote open/locked operation
• For more accurate control, access control systems containing time and attendance features and managed credentials
• Access codes that can be sent to individuals where keypad systems control access
• Video verification that can further enhance the design to prove the individual is whom they say they are

Advantages of using intelligent enclosure protection

Networks are everywhere. Connections drive the power of everything we use today, including the IoT, video surveillance, and access control devices. We know that they are beneficial, but we also know that they are vulnerable to cyber attacks.
 
“Because enclosures are mostly designed to protect the ethernet device from mother nature, bad actors can break those enclosures into pretty easily,” Deuchars pointed out. “Many of them are accessed with a single key that is not coded to the device. Security leaders need to realize that cybersecurity is two-fold. It can be carried out by hacking the network or physically breaking into the weakest physical point. Either way, this event is a cyber breach, and it needs to be addressed proactively.”

The crucial role of systems integrators

 The physical security industry is often accused of being reactive. With enclosures, stakeholders often think a locked metal box will be secure enough, but in today’s market, it isn’t. But making them understand or accept this is difficult. Systems integrators have a significant role here.
 
“Education is a big part of the solution - integrators need to be informing end users about these potential challenges and how to mitigate risks,” Deuchars said. “There’s not a lot of solutions currently available to address these attacks, so we’re providing a value to our SI partners by stepping up to the plate with a bundled innovation. We’re bringing different products from different parts of our business together — and that helps our integrator partners build new revenue streams and business opportunities.”

Conclusion

Today’s security professionals and customers take steps to ensure that they purchase secure devices and install them with all the standard cybersecurity measures in place. But ignoring enclosures could result in them becoming a weak link in your security. Intelligent enclosures are a necessity that integrators and customers must consider seriously.