Physical Computer Security: Part One

When most people think about physical security, visions of Mission Impossible style “real world” hacking probably come to mind. While these types of intrusions are certainly possible (Mission Possible??), the movie versions are dramatically overplayed. Unless you run a government data center (like the one that hosts PRISM perhaps?) the chances of someone staging a high-tech break in just to get at your company email files are probably pretty slim. However, physical hacks and data breaches are nonetheless a very real threat; albeit in somewhat more mundane, and thus sometimes hidden in plain sight, sorts of ways. Physical computer security is an extremely broad topic that couldn’t possibly be covered in any great depth inside a single article; but we do think it’s a large enough concern to warrant a bird’s eye overview; which is what follows.

Locks, Cables, & Cameras

While there are a great number of ways in which your data might be accessed by an unauthorized party, the most practical concerns probably come from the possibility of data loss rather than data theft. This is not to say that you shouldn’t take theft and other security breaches seriously, you absolutely should, but as a matter of course, you’re most likely to lose something because of a hard drive failure, power outage, server crash, or personnel negligence. This is why redundancy in critical systems, like web servers, and secured backups of all data are absolutely paramount. Fortunately, there are some basic steps you can take to make sure that your data is protected against both theft and loss.

Backups

Effective backups are those that are kept up to date and kept far away. It won’t help much if your backup drives are stored in the same burned building or flooded out basement as your primary servers. Remember to be careful with offsite providers, they’re sometimes an easy target for theft. Make sure you use a reputable service or take your own offsite security measures.

Lock the doors

The most common types of security breaches are perpetrated by employees; either intentionally in the case of theft, or accidentally in the case of negligence. In either case, these types of problems are most directly under your control. Because employee breaches are predictable, you can take steps to prevent them. Implement strict quality control procedures, analyze your access protocols for unnecessary parties, and lock your doors. We can’t tell you how many company laptops go missing because they were left at the unused workstation overnight. When those laptops contain sensitive, irreplaceable, or private data, real problems often ensue. Finally, video and other types of surveillance can help to both reduce crime and negligence and can help to fix problems after they occur.

PIN Codes

Many people think PIN codes are passwords. This isn’t strictly true, we’ll talk more about passwords next month, but PINs do work something like a password in that they are a form of digital access control. However, PINs typically protect real world assets by controlling physical access. In this context, PINs are really best conceived as digital locks, with the code acting as the “key” to the lock. Just as with traditional locks and keys, PINs only work if you use them. Many smartphone, laptop, and tablet users like to save passwords, usernames, and links all over their mobile web browsers. But what happens when that device is stolen? All those saved passwords now grant whoever took the device full access to all your favorite accounts. To avoid this problem, use the lock that comes with most mobile devices by enabling the PIN protection feature. Typically 4-6 digits long, the PIN should be required every time the device is turned on, or better yet, ever time the device is woken from sleep.  While it’s a small pain to have to enter the number just to check the weather, the payoff is potentially huge. You wouldn’t leave your car door unlocked; take the same care with your phone or tablet.

Take basic precautions

Don’t be foolish with your security procedures and equipment. Unsecured wireless networks make great access points to your network. Data servers that sit in common hallways are easy to hack or damage, and exposed wires, dangerous conditions, lack of training, and sloppy construction can all lead to data disasters. Clean up your server room, keep sensitive equipment out of common areas, and use readily available counter measures like hardware firewalls on your network and strong passwords on your wireless system and workstations. Basic precautions don’t cost a whole lot of money, especially in consideration of what’s at stake, and they can go a long way towards keeping your data safe and secure.

For more information

This is obviously a minimalist listing of possible security measures. Like we said, it’s a lot to cover. But rather than attempt to detail every possible application of every possible security measure (which would just overwhelm readers with a lot of information that didn’t apply to them personally), we feel that it’s more important to make companies aware of the broad range of risks and then work out potential solutions on a case by case basis. To find out specifically which risks your data faces, you can have a security audit performed on your systems and your company practices. Taking the time to prevent problems is usually a lot cheaper than fixing them after the fact.

Editor

Kjeld Lindsted Kjeld Lindsted
Content Architecture, Copywriting, and Editing
Full Bio >


Recent Articles

Did the “PC” Really Die?

Who Needs Net Neutrality Anyway?

Rise of the Visual Web

Microsoft Is Retiring Windows XP This Year

Email Marketing Part V: Back to basics

Mobile Is King: But you knew that already

Website v. Web Presence

Password Strength and Quality: How to build, and use, a password that holds


Tools



Topics

Security
Marketing
Coding and Design
e-Commerce, Privacy, and Legal
Hosting and Technology
OC Updates and Announcements
New Projects