Security Basics mailing list archives
RE: Physical Access Cards
From: "Paul Jenkins" <pjenkins () dsci com>
Date: Mon, 5 Oct 2009 11:31:54 -0400
Ok I eluded to this earlier but I'm going to emphasize it this time, If you have scan access only to your building and you have Photo-ID badges this is as bad as printing the logo on the proximity/mag card, and putting a welcome mat at the front door. However if your org has Badge/pin (or other 2 factor) having the logo on the card should pose no additional risk, (IMHO), since these organizations usually have an ID card required to be worn, then print the logo it should add no additional risk, since more information could be gathered from the badge. If you have badge only access that card should be kept with no identifying information, business cards, ID-badges, etc. To me badge only is unnecessary risk, unless sensitive areas behind the initial access point are further protected. Is it paranoia, maybe a little, just think of the information as a whole not individual pieces. Walk down the hall and look at the average user and what they have on that lanyard (keys, ID, Phone lists, god forbid system passwords and pins). All that withstanding if your not adding any additional information to the lost "bundle" would the look of a logo on the access card make management happy, I say go for it. -Paul -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of craig.wilson () redtray co uk Sent: Friday, October 02, 2009 1:51 PM To: Steve Freeman; listbounce () securityfocus com; jcoyle () winwholesale com; security-basics () securityfocus com Subject: Re: Physical Access Cards I would agree. Though if someone on the street should pick it up and gain entry that is about as severe as it can get and would probably be the exception not the rule. Sent from my BlackBerry(r) wireless device -----Original Message----- From: "Steve Freeman" <freema2 () bellsouth net> Date: Fri, 2 Oct 2009 07:00:10 To: <jcoyle () winwholesale com>; <security-basics () securityfocus com> Subject: RE: Physical Access Cards My company used to print the company name on the access cards until we had an incident where someone lost their card, didn't report it right away and the person that found it used it to gain entry into a secure area. I suggest not putting any identifying information on the card. Just my thoughts! Steve -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of jcoyle () winwholesale com Sent: Thursday, October 01, 2009 9:54 AM To: security-basics () securityfocus com Subject: Physical Access Cards Good Morning, Do you have reservations about printing the company logo on building access cards? If so, what are they? Sincerely, Jeffrey Coyle ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442 f727 d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442 f727d1 ------------------------------------------------------------------------ ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: Physical Access Cards, (continued)
- Re: Physical Access Cards Robin Wood (Oct 01)
- RE: Physical Access Cards Howe, Paul H (Oct 01)
- RE: Physical Access Cards jcoyle (Oct 01)
- Re[2]: Physical Access Cards Adam Pal (Oct 05)
- RE: Physical Access Cards Steve Freeman (Oct 02)
- Re: Physical Access Cards craig . wilson (Oct 05)
- Re: Physical Access Cards Stephen Mullins (Oct 05)
- RE: Physical Access Cards Steve Freeman (Oct 05)
- RE: Physical Access Cards Paul Jenkins (Oct 01)
- Re: Physical Access Cards ron (Oct 05)
- RE: Physical Access Cards Paul Jenkins (Oct 05)