Physical and hardware security of your device | Dailytrust

Physical and hardware security of your device

Hardware security is vulnerability protection that comes in the form of a physical device rather than software that is installed on the hardware of a computer system. The term also refers to the protection of physical systems from harm.

Security breach may occur if you allow physical access to your device. Experts said many tools could be used to get into your password and account information that can then be used to access secured network resources.

Securing information is not limited to the encryption and authentication of data processed and received by an individual’s device, experts also said. There are physical threats that can easily compromise the integrity and confidentiality of information, this can be a simple glance over the shoulder on your plain text email before it is encrypted with that strongest encryption algorithm known. Employing electronic security mechanisms is as important as physical security techniques to protect information.

And given the ability to reboot a system and load software from a USB drive, attackers might be able to access data or implant Trojan horses and other applications intended to weaken or compromise network security.

It is much easier for an attacker to walk into a reception area and say he is there to do some work on the server, and get access to that server in the closet in the front lobby than to get into a physically secured area with a guest sign-in and sign-out sheet.

A more serious threat is theft or loss. Laptops and handheld devices are easy targets for thieves. According to datalossdb.org, stolen laptops account for 18% of all data breaches. In order to prevent theft or loss, you must safeguard your equipment.

At your work

You should position your computer screen carefully, both on your desk and when you are away from the office, in order to prevent others from reading what is displayed there, Safe Online said.  “In the office, this means considering the location of windows, open doors and the guest waiting area, if you have one’’, it added.

Portable devices

Keep your laptop, your mobile phone and other portable devices that contain sensitive information with you at all times, especially if you are travelling or staying at a hotel; even if you are stepping out for a meal.

If you have a laptop, tablet or other mobile device, try to avoid putting them on display. There is no need to show thieves that you are carrying such valuable hardware with much information. Avoid using your portable devices in public areas, and consider carrying your laptop in something that does not look like a laptop bag.

The goal is to reduce the exposure of information to unauthorized access, you may not be able to completely prevent physical attacks but how do you make sure that your information are not compromised when the attack occurs, how do you prevent compromising your correspondence and collaborators? These are the ultimate goals of enforcing physical security controls.

Cable locks

In order to protect your device, you must be extra careful with whom you allow access to it. Laptops should never be left in an area that is open where anyone can have easy access to them. Laptops, Apple iMacs, and any easily transportable office computers should be physically secured. Security cables with combination locks can provide such security and are easy to use. The cable is used to attach the computer to an immovable object. Computers have one and sometimes two security cable slots. The security cable slots allow you to attach a commercially available antitheft device to the computer. Computer locks commonly use steel cables to secure the PC to a desk. They’re most commonly found in computer labs and internet cafes. Laptop locks are meant to protect both privacy and the computer. There are a number of different types of laptop locks: cable locks, case locks, and twist locks.

Safe

Tower-style computers can also be targets of thieves, not only for a higher resale value than laptops, but also for the data they might hold. For example, financial businesses have been hit hard by theft of desktop computers because they hold a lot of personal data. PC Safe Tower and server cages, which have all-steel construction and a lever locking system, are designed to bolt to the floor. Drive access can be either completely restricted or left available for ease of use.

There are also laptop safe security cases used to protect an organization’s computers and data out in the field.

Locking cabinets

A locked cabinet is another alternative for laptop equipment that is not used or does not have to be physically accessed on a regular, daily basis. Computer cabinets include a keyboard drawer and adjustable top shelf. A slide-out bottom shelf accommodates a CPU and printer. It has built-in cable management grommets. Depending on what needs to be secured, there are computer cabinets designed to hold everything from LCD/LED flat screens to entire systems. This type of security is often used for training rooms where the computers can be secure without the inconvenience of removing them after each training session.

Screen lock

A screen lock or passcode is used to prevent access to the phone. Screen locks can be set on just about any mobile device such as personal digital assistants (PDAs) and smartphones. This feature is used as a most basic form of security. It is done using a pattern lock or a passcode to secure the handset. It’s similar to a password-protected screensaver on a computer. The lock code usually consists of a four-digit code. Screen lock only locks users out of the user interface. It does not encrypt data.

Screen locks should be configured to lock the device screen automatically after a brief period of about 10 or 15 minutes of inactivity. Androids can use a pattern on the screen instead of a password. One caveat, you need your Gmail/Google account credentials to reset the security lock should you forget it, so be sure to set up a valid Gmail/Google account beforehand. There are also a number of applications available on the Android application marketplace that can add additional security measures.

Strong password

Passwords are one of the first pieces and the best methods of acquiring access; password length is an important consideration for mobile devices. Strong passwords can be derived from events or things the user knows. Password strength is a measure of the difficulty involved in guessing or breaking the password through cryptographic techniques or library-based automated testing of alternative values. A weak password might be very short or only use alphanumeric characters, making decryption simple. A weak password can also be one that is easily guessed by someone profiling the user, such as a birthday; nickname; address; name of a pet or relative; or a common word such as God, love, money, or password.

Device encryption

Just like the data on hard drives, the data on mobiles can be encrypted but can present some challenges. First, it’s difficult to enter complex passwords on small keyboards, and multifactor authentication is unfeasible. The limited processing power of mobiles also means the extra computation required for encryption may cause them to suffer performance issues and the always-on nature of these devices means that encryption.