38.2 SURVEILLANCE

< Day Day Up >

---

38.2 SURVEILLANCE

Obtaining the necessary information regarding possible attacks is the most fundamental aspect of information security management. Organizations concerned with public safety, such as police and defense forces need to keep track of the activities of antisocial elements by monitoring their voice conversations and fax messages. Individual organizations need to monitor the voice conversations of suspicious employees. Surveillance equipment helps in monitoring voice/fax/data communications.

Surveillance is the first step to gather the necessary intelligence regarding possible security attacks. Organizations concerned with public safety need to use surveillance equipment to monitor voice/fax/data communication.

38.2.1 Surveillance of Voice/Fax Communication

Security agencies such as government intelligence agencies and police obtain the necessary permission from the appropriate authorities and monitor the calls of selected persons. The scheme for this surveillance is shown in Figure 38.2. The telecom service provider will give parallel telephone lines to the security agency. These parallel lines are extended from the main distribution frame (MDF) of the telephone switch. The security agency will have a digital recording system (DRS) that records the complete conversation. The recording system will be capable of recording conversations from either fixed telephones or mobile telephones.

Figure 38.2: Surveillance of Voice/Fax Communication by Security Agencies.

Organizations can also monitor their telephone lines using the DRS as shown in Figure 38.3. In this system, incoming telephone lines will be connected to the PBX. Parallel lines will be connected to the DRS. All incoming and outgoing calls will be recorded in the DRS for later processing.

Figure 38.3: Surveillance of voice/fax communication by individual organizations.

Surveillance of voice/fax communication is done by a digital recording system that automatically records all voice/ fax calls for later analysis. This type of surveillance provides the necessary intelligence regarding possible security threats.

38.2.2 Surveillance of Data Applications

Figure 38.4: Surveillance of data applications.

To ensure that employees do not pass on secret information through e-mail, file transfer, and so on, surveillance is done from a proxy server through which the employees access the Internet. Packet-filtering software is used to monitor every incoming and outgoing packet. All the packets corresponding to a particular source/destination IP address can be collected to check the message content of the data application such as e-mail or file transfer. The packet filter can also filter out the packets—not allow the packets to pass out of the server.

Surveillance of data applications such as e-mail and file transfer is done through firewalls that monitor and if necessary filter the messages. A firewall can prevent access to specific URLs, or it can filter e-mail messages containing specific keywords.