Recommended practices for physically securing PC's

[d4ncingd4n at gmail.com (d4ncingd4n at gmail.com)]

At one place I worked, we had some computers stolen. I addressed the issue with ping sweeps every 5 minutes that would 
alert if a box didn't respond. The staff were instructed to leave their computers turned on. This accomplished several 
things: the computers always received their updates, power failures were quickly alerted, nobody could steal equipment 
without being detected (unless they were very fast), and I gained the reputation of being proactive. The users were 
told to Reboot their computer first if they had issues. This would alert me they were having issues before it was 
escalated. 

Bart 
Sent from my Verizon Wireless BlackBerry

-----Original Message-----
From: Jack Daniel <jackadaniel at gmail.com>

Date: Wed, 25 Feb 2009 12:51:48 
To: PaulDotCom Security Weekly Mailing List<pauldotcom at mail.pauldotcom.com>
Subject: Re: [Pauldotcom] Recommended practices for physically securing PC's


Cable and case locks are far from perfect, but they can help.  One of
the car dealers I used to support had some theft issues (hard to
believe, I know), I installed cable locks (which also half-assed
locked the cases) and it was enough to stop the problems they were
having.  As with any security issue, the determined attacker will
always win, but the show of adding a lock not only adds a little
security, it displays an awareness of a problem and sends the message
to anyone paying attention that there is/was a problem.  A little bit
of awareness might trickle into the brains of the end-users, and that
might make the needed difference.

Jack


-- 
______________________________________
Jack Daniel, Reluctant CISSP
http://blog.uncommonsensesecurity.com
http://www.linkedin.com/in/jackadaniel

On Wed, Feb 25, 2009 at 11:04 AM, Craig Morris <morris.tech at gmail.com> wrote:
> Hi folks, we have just had a weird incident where someone stole 3 sticks of
> RAM from a PC located on a desk in a cubicle. ? Bearing in mind we have key
> card access to the building etc, but not the specific floor - that's open
> once inside the building.
>
> To combat this, we are taking the usual steps of key card access to the
> floor, moving the desktop PC to a locked room, securing the physical case
> with the case lock (probably not the most effective deterrent)
>
> We also have physical security guards who check bags etc on entry and exit
> but they can barely spell PC, forget about ID'ing a stick of RAM or HDD.
>
> We are considering using cable locks on the laptops located in cubicles, and
> possibly on desktop PC's as well.
>
> All of which is good and will assist in preventing the theft of an entire
> unit but won't prevent someone from stealing components - I don't place much
> faith in the case locks.
>
> So the question is, what's the practice for securing the components ? ?We
> don't want anything too draconian (like CCTV in work areas) or physically
> guards on each floor.
>
> Any thoughts would be appreciated.
>
> Craig
>
>
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com