Physical Security - The Hidden Dangers
by Dancho Danchev
dancho.danchev@frame4.com

Physical Security - an aspect of Security not that often overlooked and 
discussed as it should be, thus providing another possible entry point for
a malicious attacker. No matter of the host's or network's intrusion 
prevention measures implemented, it's the Physical Security that will 
endanger your data, and eventually damage sensitive information. 
This article seeks to provide summarized tips and recommendations 
for the proper and secure maintenance of your computer. 

- Never leave your computer unattended or not properly locked down. 
Make sure your screensaver is password protected, logout before you 
leave if it's going to take you several minutes to get back, lock and 
secure it. A lot of intrusions and sensitive data exposures are coming 
from "insiders" snooping around your workplace, realize the potential
problems that might occur and consider securing your computer
before you leave. 

- Put as many lines of defense as possible, start with setting up a
reasonable BIOS password, a measure that will stop a lot of potential
attackers, although it can be bypassed by advanced ones,or have your
password guessed, it will definitely slow them down. 

- "Shoulder Surfing" activity is another commonly used technique for
compromising the Physical Security of a computer. Make sure no one
is watching you, before you enter your ID or password, use your body
to screen the sensitive data from exposure, just the way you protect
your PIN code while using a cash machine. 

- Unknowingly replaced or purposely placed CD's, diskettes, on your
desk while you're away, is another way for an attacker to compromise
the security of your computer. These definitely contain malicious 
code(virus/trojan/worm) so make sure you don't anything you're not
absolutely sure about. 

- Never give physical access to your computer, considering everyone,
especially people who are unknown to you, pretending to be a staff 
member etc. Friends or relatives, playing around your PC could 
unknowingly contribute to its infection with a malicious code. 
Realize the dangers and ensure yourself that they're well taken care of. 

This article is the property of Frame4 Security Systems, all rights reserved.
Copyright (c) 1999-2003 Frame4 Security Systems 
http://www.frame4.com/