You have been tasked with evaluating your organizations environmental controls and its supporting equipment as a possible attack vector. Environmental controls can be considered anything that is responsbile for monitoring and tracking the environment within your organization. For example: security cameras, thermostats, connected vending machines, fire alarms, security alarms, badge readers, elevator and lobby music providers, gym equipment.

Supporting equipment can be defined as anything perpherial type of device that supports your organization. For example: connected printers where vendors track usage and refill toner, backup generators, uniteruptable power supplies (ups), power strips that are managed, media devices such as Roku, Amazon Fire, gaming consoles, and vendors that perhaps operate your cafeteria.

All of these devices have types of them that can be connected to external monitoring companies who help ensure they are always functioning correctly. Also where do you think the badge reader controls are, could be controlled by a PC in the corner or one external to your organization? In many offices these days media players and gaming consoles are made available to employees or there is an on site gym with equipment that streams workout videos or the news while people are exercising. All of these sound odd however the author of this course has seen and experienced them all at one time or another.

You will pick at three (3) at least three connected devices and outline how they are used, where you would encounter them, and how would you go about protecting them so they cannot be used as an attack vector into your organization. You cannot not connect and support these devices, someone in your organization has made the decision they are needed. Failure to comply, unfortunately not an option.

answer it as a discussion