Mention physical security to an IT professional, chances are that the first thing they will think of is a laptop cable restraint device. The cable lock, an industry standard for the protection of mobile computing assets is a dumb device which often is left in the bag, and rarely if ever used, despite company policy or best practice.
This device gets little respect from both users and asset administrators, as users find it cumbersome, and admins know it provides limited protection. But what if physical security was intelligent? And its usage and security policy could be audited, and it had the intelligence to detect physical threat in real time, and were able to invoke deterrent and protective actions? The value of physical security would have a whole new set of values.
Recognizing the value intelligent physical security Cicada Security Technology Inc., A Montreal based company, developed a platform independent USB based physical security device designed to identify threat, and invoke protective actions on the host computer. Using a policy based model, the Cicada can be configured to operate non-invasively to common user work habits, and monitors multiple environmental triggers for deviations from the administrator defined thresholds. Initially devices as a means to protect assets from theft, it soon became evident that the technology had a much greater value for the protection of confidential data, and as an enabling technology for other end point security platforms.
Once triggered, the Cicada invokes user defined protective actions which can include locking the host to the operating login screen, activating a siren on both the device and the host, dismounting an encrypted volume, and in more extreme cases, brick the host, or even destroy cryptographic keys. As can be imagined, as the protective action occurs the moment the threat is detected, and any information stored on, or is accessible from the active host is instantly protected, and the possibility of exposure of confidential information is minimized.
The prospect of adding the ability to audit the presence and status of an intelligent physical security technology opens up a whole new aspect of security where usage compliance can now be validated and enforced both at the local level, as well as at the security perimeter. When connecting remotely to a trusted environment, an external device can now be validated for compliance to the prescribed security policy, including the status of the physical security on the device. Considering the value to enterprise, and environments deploying federated identity gateways, the value is truly significant.
Additional applications of intelligent physical threat detection technology can be applied to the protection of kiosk based computing platforms such as automated teller or gaming systems where in the event of physical disturbance, latent transaction data can be flushed, or crypto keys can be purged rendering the memory of these devices void of any valuable or usable data.