Physical Protection of Hardware
A lot of effort goes into the development of software designed to prevent breaches of security that the actual physical precautions that can be taken are often overlooked.
It is sometimes forgotten, that breaching security defences via the internet takes a certain degree of technical knowledge and skill. Stealing laptops, smart phones and to a lesser extent desktops and using these to attack organisations is a bit easier. There is also the possibility to stealing data by copying it onto USB sticks, CD's or DVD's.
The actual process of maintaining physical security relies upon 3 main components:-
- Access Control
- Recovery & Testing
The first step is to create obstacles and place them in the way of potential hackers. The idea is to make it physically difficult for hackers to get anywhere near hardware. So difficult in fact, that it would be easier for them to move onto less well protected targets.
'Hardening' measures include:-
- Perimeter fencing & secure window and door locks
- Access control devices: magnetic swipe cards, key fobs etc.
- Biometric control systems: face recognition, retina scanning, fingerprint and voice recognition.
- Locking up/down physical hardware.
The next component to physical security involves observing those using the hardware or coming close to it and who may engage in activities like 'shoulder surfing'. As can be imagined, this involves:-
- Using surveillance cameras inside as well as outside on the perimeter.
- Using intrusion detection systems.
- Using heat and smoke detectors.
- Using blinds where screens and printers may be overlooked.
- Never leaving visitors unaccompanied.
- Shred or always secure sensitive paper documents in lockable file cabinets.
All users should take regular backups or copies of their data. This is particularly important for organisations that keep account or financial data. They should have a comprehensive 'disaster plan' in case the worst should happen and they can get back up and in business again, after data theft, fire, earthquake or even a bombing.
- There should be frequent and regular backups of data.
- Backups should be kept in a separate location from the main servers in case they are compromised with a virus or destroyed.
- Ensure proper insurance is in place to cover physical and business losses in case of natural disaster, accident or damage.
- Test and practice the disaster plan to check that it works and everybody knows what to do.
Can you now do?
- Identify two different hardware precautions that could be taken to enhance data security.
- Explain for each hardware precaution provided how they enhance data security.
If you don't feel confident in meeting any of these performance criteria, ask your teacher or re-read the information again.