Personal computing discussed

Moderator: Dposcorp

 
druidcent
Minister of Gerbil Affairs
Posts: 2454
Joined: Wed Aug 07, 2002 7:55 pm
Location: Earth, Sol, Milky Way
Contact:

Re: NIST password guidelines updated!

Wed Aug 16, 2017 12:52 pm

Only two companies that I've worked for in Tech have had strict badge access requirements, and force everyone to badge in.. no badge, talk to the secretary and get a loaner that's associated to your user login. Co-workers can hold a door open, but you still need to badge in, even internal doors.

Current company has a neat system for the security guards, where you badge in, and your company profile pic shows up on the screen, so as you go through the turnstiles (high tech ones of course), the guards can match the faces of people entering.. Not sure how well it works, since I haven't seen any incidents...
 
just brew it!
Gold subscriber
Administrator
Posts: 51636
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: NIST password guidelines updated!

Wed Aug 16, 2017 1:43 pm

The building I work in has access beyond the lobby controlled by gates with badge readers. The weird thing is, in a controlled-access building, they also have individual combination locks on all the restroom doors. The explanation given is that if an intruder makes it past the building lobby, they don't want them to be able to easily hide in the restrooms. Seems kind of goofy to me; the restrooms would be a lot easier to search than most of the office areas. Less stuff to hide in/under/behind.

Would be a lot less annoying if they did a better job of keeping up with replacing the batteries on the combination locks before they die. If the battery dies, you can't unlock the door and have to go use one on another floor (which you hopefully know the combination to).
Nostalgia isn't what it used to be.
 
Waco
Gold subscriber
Minister of Gerbil Affairs
Posts: 2494
Joined: Tue Jan 20, 2009 4:14 pm
Location: Los Alamos, NM

Re: NIST password guidelines updated!

Wed Aug 16, 2017 2:01 pm

Glorious wrote:
I've never been in the military etc..., but I'm pretty sure the only way they've found around this problem is authorizing the low-level guys at the entry points to *KILL* anyone who (almost certainly legitimately) is a higher ranked officer who "forget" his documents/whatever and is trying to just bully his way in despite procedure.

It really does take that level of credible deterrence to even approach being full-proof.

:lol:

You've been watching too many movies. The only way you get into a secured site is with a correct badge and associated passcode (or you're being escorted by someone who does). There are typically multiple levels of such controls as well.

Sure, they can shoot you, but that level of deterrence isn't exactly required if you physically can't get in due to locked turn-styles and gates. :) The way the policies are written, nobody is going to risk their job allowing tailgating through an access point (it is a termination-style offense).
Z170A Gaming Pro Carbon | 6700K @ 4.4 | 16 GB | GTX Titan Xm | Seasonic Gold 850 | XSPC RX360 | Heatkiller R3 | D5 + RP-452X2 | Cosmos II | Samsung 4K 40" | 2048 + 240 + LSI 9207-8i (128x8) SSDs
 
Glorious
Gold subscriber
Gerbilus Supremus
Posts: 11164
Joined: Tue Aug 27, 2002 6:35 pm

Re: NIST password guidelines updated!

Wed Aug 16, 2017 2:26 pm

Waco wrote:
You've been watching too many movies. The only way you get into a secured site is with a correct badge and associated passcode (or you're being escorted by someone who does). There are typically multiple levels of such controls as well.


I said *most* places, I wouldn't include where you work as one of them.

Waco wrote:
Sure, they can shoot you, but that level of deterrence isn't exactly required if you physically can't get in due to locked turn-styles and gates.


...of which I am fully aware because my site equally has them, as I explicitly mentioned.

But, just a like a lot of large sites relying on chair-link fences, some guard gets an alarm AGAIN. Those damn raccoons? Maybe, maybe not, I'll finish my coffee before I radio the other guy who will then finish his coffee before he gets around to checking the perimeter etc....

In my case, I was just pointing out that despite the walls and razorwire, the railway entrypoints clearly aren't sealed metal doors nor are they all manned. This doesn't tend to be any issue, because most security "problems" seem to want to come in through the clearly marked (and guarded) entry points.

Waco wrote:
The way the policies are written, nobody is going to risk their job allowing tailgating through an access point (it is a termination-style offense).


Yes, but a place that has a fissionables is not "most" places, as I already said.

Most commercial, and even many governmental, buildings/sites are nowhere near that stringent.

I only included the military example because I am dimly aware of the antics of various commando groups in WW2 who, more than once, managed to bluff their way past guards onto air strips etc... despite how most them of them didn't even speak the language of their enemies. I assumed that our modern military had procedures to prevent that sort of thing these days, and yes, when it comes to policies preventing the deaths of hundreds where it SERIOUSLY matters (because, domestically, it almost never does: compared to drunks,crazies,activists actual terrorists are like parts per BILLION), that's what I presume you have to do.

Even for other places with fissionables, anti-nuclear ancient nuns famously managed to sneak into Y-12 just a few years ago, they hung around singing hymns and lighting candles for a few hours before security finally showed up, if I remember correctly (one of the characters in Orange is the New Black is clearly based on them).

And passcodes. Heh. 1) look at the door frame 2) area code/zip code 3) 123. 321. 1234. 4321. :P
 
Waco
Gold subscriber
Minister of Gerbil Affairs
Posts: 2494
Joined: Tue Jan 20, 2009 4:14 pm
Location: Los Alamos, NM

Re: NIST password guidelines updated!

Wed Aug 16, 2017 3:45 pm

Glorious wrote:
And passcodes. Heh. 1) look at the door frame 2) area code/zip code 3) 123. 321. 1234. 4321. :P

I'll freely admit I missed a few key points in your original post. :)

However, passcodes are per badge affairs at all the sites I'm aware of, at least.

IIRC Y-12 used chain-link fence. Other sites tend to use...sturdier...materials for barricades. Further, they didn't enter any security sensitive buildings, they just got within "the fence" and spray painted a few buildings. :)


I will fully concede that most "security" is simply security theater, though. It's meant to keep out the normal intrusions...not the dedicated actors.
Last edited by Waco on Wed Aug 16, 2017 4:26 pm, edited 1 time in total.
Z170A Gaming Pro Carbon | 6700K @ 4.4 | 16 GB | GTX Titan Xm | Seasonic Gold 850 | XSPC RX360 | Heatkiller R3 | D5 + RP-452X2 | Cosmos II | Samsung 4K 40" | 2048 + 240 + LSI 9207-8i (128x8) SSDs
 
Glorious
Gold subscriber
Gerbilus Supremus
Posts: 11164
Joined: Tue Aug 27, 2002 6:35 pm

Re: NIST password guidelines updated!

Wed Aug 16, 2017 3:49 pm

Again, there are plenty of governmental facilities, particularly the ones that are obviously sensitive, that do this stuff correctly.

That's just not most commercial facilities, and not all governmental ones either.

I don't think either of us really disagree, just making points to illustrate different aspects of different sides of the spectrum.

I don't actually believe I could get into (or probably even near without notice) your workplace no matter what I did. :P
 
Redocbew
Gold subscriber
Gerbil Jedi
Posts: 1702
Joined: Sat Mar 15, 2014 11:44 am

Re: NIST password guidelines updated!

Wed Aug 16, 2017 3:59 pm

One side of my family grew up in the military. A number of years ago my mother and her brother decided it'd be fun if they tried to sneak "in the back door"(his words) into one of the bases where they used to live as kids. They get in the car and drive away. They get close, and suddenly there's a helicopter above the car telling them they're in a restricted area and to go away.

So yeah. Sometimes the whole gate and badge thing need not apply. :P
Do not meddle in the affairs of archers, for they are subtle and you won't hear them coming.
 
Vhalidictes
Silver subscriber
Gerbil Jedi
Posts: 1776
Joined: Fri Jan 07, 2005 2:32 pm
Location: Paragon City, RI

Re: NIST password guidelines updated!

Wed Aug 16, 2017 5:39 pm

Most "secure locations" have good security and good observance of rules, sure. The problem is that lots of real work is done in places that aren't nearly that secure. I can't really give any details but some of the places I worked were essentially office parks, and really shouldn't have been.
 
NovusBogus
Silver subscriber
Graphmaster Gerbil
Posts: 1295
Joined: Sun Jan 06, 2013 12:37 am

Re: NIST password guidelines updated!

Thu Aug 17, 2017 4:40 am

Glorious wrote:
I've never been in the military etc..., but I'm pretty sure the only way they've found around this problem is authorizing the low-level guys at the entry points to *KILL* anyone who (almost certainly legitimately) is a higher ranked officer who "forget" his documents/whatever and is trying to just bully his way in despite procedure.

It really does take that level of credible deterrence to even approach being full-proof.
[/quote]
While that can potentially happen, the way they actually get around it is by operating under the General Orders for Sentries or a variation thereof, which explicitly empowers guards to turn away superior officers if they're not authorized. Admirals were recruits once too, and as recruits they had this drilled into them. The civilian world operates quite differently, and I'm not aware of a particularly good analog outside of special situations where the vast majority of employees and management are ex-military.

Who is online

Users browsing this forum: No registered users and 3 guests