Re: site security

Robert F. Connelly (rconnell@psi-japan.com)
Fri, 20 Feb 1998 10:09:25 +0900


Dear Kent:

I add one small item to your recommendations.

Son Duane immediately proposed something like Lojack. I understand you can buy
a crown with a transmitter in it from the "Spy shop" in the New York airport.
(Also a list of dentists willing to install it!)

Wouldn't it be nice to be able to see just where the units are going?

Regards,
BobC

At 05:54 PM 2/18/98 -0800, Kent Crispin wrote:
>On Wed, Feb 18, 1998 at 12:15:21PM -0800, Dave Crocker wrote:
>> Folks,
>>
>> In light of the breakin and theft, I thought a little harder about site
>> security.  I had thought that Best was dandy.  No question they are popular
>> and I know their operation in Mountain View quite well.  I assume S.F. is
>> the same.  Card keys, locked cages, hallway window into the room for
>> staffers to view. 
>>
>> On the other hand, visual control is not constant or even heavy.
>>
>> So I just called Exodus and heard a notably different description of
>> security features.  They have all the stuff Best can claim.  In addition
>> (though I don't know if there are differences in the quality of the
cages...):
>>
>> 1.  24 hour guard.  You get the card key each time from the guard, rather
>> than carrying it will you, and must sign in, showing photo id.
>>
>> 2.  Equipment coming in or going out is logged.
>>
>> 3.  Cameras on the access.  (Pretty sure Best doesn't have this.)
>>
>> All 3 of these points make for much stronger security than Best has.
>>
>> Might be worth considering.  I haven't checked other providers.
>
>Under the circumstances, I see several choices, in order of preference.
>
>        1) Get Best to improve their security -- they may want to do
>        that after this incident, because really, it could have
>        happened to any of their customers.  Given the value of the
>        equipment there, 24 hour attendance is not a luxury, it is a
>        necessity (I was under the impression that Best supplied this,
>        but obviously there are gaps.)
>
>        I would think that Best might want to seriously rethink their
>        security posture -- this could have been a bomb, instead of
>        a theft.  If they won't seriously improve, then I don't think
>        there is any choice but to...
>
>        2) ...move to someplace like Exodus.  Our security auditors,
>        if they are worth anything at all, should make this point
>        strongly, and I don't think, if we are serious, that we will
>        have any choice but to follow their recommendations.   We
>        have an excuse -- our final production configuration is
>        contingent on our security audit, we could say.
>
>        3) implement our own security measures (install alarms,
>        cameras, etc, hire a security guard).  This is a distant,
>        distant, third.  To be effective it would still have to
>        involve Best.  We could do this, but it would be a denial of
>        reality, IMO.
>
>--
>Kent Crispin, PAB Chair "No reason to get excited",
>kent@songbird.com the thief he kindly spoke...
>PGP fingerprint:   B1 8B 72 ED 55 21 5E 44  61 F4 58 0F 72 10 65 55
><http://songbird.com/kent/pgp_key.html>http://songbird.com/kent/pgp_key.html
>