A.2. Hardware Security

According to a study released in 2000 by the FBI and the Computer Security Institute (CSI), over seventy percent of all attacks on sensitive data and resources reported by organizations occurred from within the organization itself. Implementing an internal security policy is just as important as an external strategy. This section explains some of the common steps administrators and users can take to safeguard their systems from internal exploitation.

Employee workstations, for the most part, are not as likely to be targets for remote attacks, especially those behind a properly configured firewall. However, there are some safeguards that can be implemented to avert an internal or physical attack on individual workstation resources.

Modern workstation and home PCs use a BIOS that controls system resources on the hardware level. Workstation users can set administrative passwords within the BIOS to prevent malicious users from accessing or booting the system. BIOS passwords prevent malicious users from booting the system at all, deterring the user from quickly accessing or stealing information stored on the hard drive.

However, if the malicious user steals the PC (the most common case of theft among frequent travelers who carry laptops and other mobile devices) and takes it to a location where they can disassemble the PC, the BIOS password does not prevent the attacker from removing the hard drive, installing it in another PC without BIOS restriction, and accessing the hard drive to read its contents. In these cases, it is recommended that workstations have locks to restrict access to internal hardware. Specialized security devices, such as lockable steel cables, can be attached to PC and laptop chassis to prevent theft, as well as locks on the chassis itself to prevent internal access. This type of hardware is widely available from manufacturers such as Kensington and Targus.

Server hardware, especially production servers, are typically mounted on racks in server rooms. Server cabinets usually have lockable doors, and individual server chassis also are available with lockable front bezels for increased security from errant (or intentional) tampering.

Enterprises can also use co-location providers to house their servers, as co-location providers offer higher bandwidth, 24x7 technical support, and expertise in system and server security. This can be an effective means of outsourcing security and connectivity needs for HTTP transactions or streaming media services. However, co-location can be cost-prohibitive, especially for small- to medium-sized businesses. Co-location facilities are known for being heavily guarded by trained security staff and tightly monitored at all times.