III. Physical Security
Protection against theft, changes, or unauthorized access
to the personal computer or workstation is difficult. Consider the following
A. Location and Construction
Evaluate potential locations for the computer room.
Consider the importance of having direct access from the outside and the need to
protect windows. Decide if windows should have bars or electronic detection
devices. Should there be a system to control keys and other access devices?
For example, a particular situation might require
heavy doors with dead bolts. If the doors are not new, they should have new
locks. Seal windows at ground level or protect them with metal bars.
Additionally, consider alarms and detection devices.
Computer Room Access.
Depending on organizational need, restrict access
to rooms containing microcomputers to specifically authorized personnel.
Consider special precautions for stand alone computers, e.g., those on an
Protect microcomputers with lockable equipment
enclosures, lockable power switches, fasteners, and securing devices. Consider
devices such as those that sound an alarm when equipment is moved or
disconnected from a wall socket.
One example of an advanced device, such as one used
by the Department of the Navy, employs a crystal oscillator with various
broadcasting frequencies embedded in the microcomputer. Antennas located
throughout the area can be used to track any movement of the microcomputer.
Standardized inventory and control forms may be
used throughout any organization interested in controlling hardware, software,
or data. These forms should contain information about the location of the
microcomputer, who is responsible, and any changes made since the original
installation. Centrally record the physical location and configuration of each
Some standard devices normally associated with a
microcomputer, such as a mouse, internal cards and wires, do not lend themselves
well to the above procedures. These devices might be subject to external
controls, such as check-out, removal from the machine on a daily basis, etc.
It is particularly important to protect floppy
disks from contaminants, unauthorized access, destruction and damage. Procedures
should ensure that all diskettes (floppy disks), be labeled before use and
stored in a secure place when not in use. One method of protecting diskettes
against theft is to hide a signaling device (such as those used in libraries)
in the jacket cover of the floppy.