undefined | Better HN

BeaglePlaza5y ago· 2 in thread

Threat is that the mobile devices could be used to 1) photograph proprietary systems, 2) exfil data over mobile networks or potentially introduce 3) malware via usb ports.

I don't really get how bolting the devices is a solution for enabling 2FA, unless the access console is also at the same location. But it would prevent 1) and 3).

f0ff5y ago

As long as the table is bolted to the floor, you're replacing posession (of a phone) factor, with location (in SOC) factor. Keeps both client happy, and security architect sleeping soundly.

Nice solution.

Dylan168075y ago

You look at the code and then you walk back to your desk to enter it.

phlo5y ago

The threat actors are SOC employees or visitors who might (maliciously or unwittingly) use their smartphones to record sensitive data.

The risk is data exfiltration. A selfie in front of the SOCs giant screen wall; a compromised phone that keeps recording audio.

The problem is that a third-party SOC will generally need a way to connect to their customers' systems. Sometimes that gets properly implemented as a site-to-site VPN with isolated jump hosts and session recording. In other instances, the SOC gets to use normal employee VPN access, and usually a handful of VPN tokens.

And now you have a fun conflict: One customer insists that no mobile phones are carried inside the secure SOC area. Another uses a VPN solution that requires a smartphone (and, e.g. Duo Push) as the second factor. How do you satisfy both? You take a set of mobile phones, possibly add some measures to stop them from being used as recording devices, and bolt them to a table so they can't leave the secure area.

notatoad5y ago

i think it's just an amusing anecdote because phones aren't usually bolted to tables.

0 comments

0 comments