A cyber-secure facility such as an industrial control system (ICS) in a manufacturing plant, critical manufacturing facility, health care facilities/hospital, or classified network area that each include a plurality of networked devices all generally require access controls and possibly other cyber-security controls to limit network access. However, when normal network access is highly controlled, the continued need to transfer information into these facilities has led to the increased use of removable media devices (e.g., Universal Serial Bus (USB) flash drives) to bring in necessary information or files (e.g., application patches, diagnostics applications, and/or documentation) in the facility. The result is that this recent dependence upon removable media devices has created a new vector for cyber-attacks into protected network systems.
Some assessments of cyber-security needs and incidents at customer' ICS facilities have shown that USB drives are the primary inbound vector through which viruses and other malware enter these cyber-secure ICS facilities. These cyber-secure ICS facilities rely on physical security to protect the site and systems. Physical security can limit physical access to the facilities with badges only accessible areas, fences, video monitoring, or other physical security measures. Physical security can be just as important at the cyber-protection because in some cases limiting access to a facility to a limited number of users can diminish the chances of a cyber-attack.