The first level of security in any computer network is physical security. I'm amazed when I walk into the reception area of an accounting firm and see an unattended computer sitting on the receptionist's desk. Often, the receptionist has logged on to the system and then walked away from the desk, leaving the computer unattended.
Physical security is important for workstations but vital for servers. Any good hacker can quickly defeat all but the most paranoid security measures if they can gain physical access to a server. To protect the server, follow these guidelines:
Lock the computer room.
Give the key only to people you trust.
Keep track of who has the keys.
Mount the servers on cases or racks that have locks.
Disable the floppy drive on the server.
A common hacking technique is to boot the server from a floppy, thus bypassing the security features of the network operating system.
Keep a trained guard dog in the computer room and feed it only enough to keep it hungry and mad. (Just kidding.)
REMEMBER | There's a big difference between a locked door and a door with a lock. Locks are worthless if you don't use them. |
Client computers should be physically secure:
Instruct users to not leave their computers unattended while they're logged on.
In high-traffic areas (such as the receptionist's desk), users should secure their computers with the keylock, if the computer has one.
Users should lock their office doors when they leave.
Warning | Here are some other threats to physical security that you may not have considered:
|