Physical Computer Security - undervalued and often overlooked

A few weeks ago I heard of a case of theft from a business in the Cowichan Valley involves a hard drive from a PC stolen from an individual representing an IT company called "Tek Systems." When I started in the field of physical security technology was no longer a priority, the computers were four times the price they are today, and not every company had one, we were more concerned about the computer so the data goes missing. Now the day is different, almost every company has computers and our data are very important if not more important then the computer and hard drive to keep it.

The incident with the hard drive theft was a prime example of one of the oldest techniques of hacking called "Social Engineering" In terms of technology, social engineering is a non-technical kind of "Hack" basa that the interaction human and often involves tricking other people to break normal security procedures, in this case, the person portraying himself as a PC technician to perform an update on corporate PCs, so as to deceive the person that allows him to work on PC .

What can we do to protect ourselves? In this day and age all you hear are firewalls, routers and software anti-virus, it seems that the second day there is a new virus that will crash and to quit all of humanity, criminals try to get our information most private and credit card numbers with each click of a button, but if we buy the latest anti-virus software and firewalls were secure, so at least for a couple of weeks. We most often look for some of the most easy and simple techniques to protect our data, the physical security of it.

The first is the blocking of the PC, most PCs nowadays comes with a surface to place a padlock to lock the case so that no one can enter without a key, as well as there are many solutions on the market to ensure the physical PC at a desk like cages for computers on the bolts and cables similar to bicycle locks.

The second is to know their suppliers of information technology, and make sure that staff know who they are, have a single point of contact for your company's IT coordinator office to say, which is responsible for coordinating the repair of computers within office with your suppliers of information technology. A good company will provide ample warning of any upgrades to take place, but it should show up at your door. When the technician is there to make repairs or upgrades which should walk even if the boot and control the PC with the user or IT co-ordinator to ensure that the repair was successful.

The third is to protect the data, there are many types of software out there to do this, most laptop manufactures have built in security measures in place, requiring a password to even start the laptop, these features are incorporated rarely used. Data encryption software is relatively inexpensive and simple to use, most criminals do not have the experience and or skills to break this type of security, but that still does not prevent them from stealing the computer, only protects your data and your company's reputation.

Where there's a will there's a way, the criminals will always find ways to steal your data and equipment, but if there is a deterrent and the measures in place to make it more difficult in general to continue toward the goal easier, we just have to remember to practice safe computing .......