On Tue, 2006-03-14 at 21:05 +0700, Feris Thia wrote: > On 3/14/06, Rodolfo Alcazar <rodolfo.alcazar@xxxxxxxxxxxx> wrote: > > - lock hardware, specially hard disks (deny physical access to disks) > > you mean.. lock hardware from operating system level ?? If so... how > can I do that ? Security is an integral issue. I saw cases with security locks on other offices, and computers secured to the desks. Here we have a locked servers area, only two keys, and guardians are trained to protect that area. We also have a phone alarm which triggers when the servers room window is opened. We saw here (a couple of years ago) an interesting event: some thiefs entered by night to a non-government human rights office. Didnt steal nothing. Except 6 hard disks (windows servers and clients). Some people were fired. Im sure the information contained worths it. If someone gets your linux disk, he can install it on another linux box, and break encryption if its worth (cracking has a cost. If the cost is lower than the value of the encrypted information, it is worth. The value includes time, obviously). Keep an eye on your backups, also. Where are they? Are they locked? If you get them to a security box in a bank... which is the transportation procedure? The point is: If you have valuable information, spend not only on logical security, but physical. Physical breakage is easier, cause a lot of managers forget it. When I visited Colombia, some years ago, know this office: a girl convinced a guardian to enter. Then aimed the guy with a gun, make him unplug alarms and electricity and 4 guys entered and stolen some tapes. The paradox: logical security was unbeatable. -- Rodolfo Alcazar Administrador datos y red Deutsche Gesellschaft für Technische Zusammenarbeit (GTZ) GmbH Programa de Apoyo a la Gestión Pública Descentralizada y Lucha Contra La Pobreza - PADEP Av. Sánchez Lima 2226 T +591 22417628 (121) C +591 70656800 E rodolfo.alcazar@xxxxxxxxxxxx I www.padep.org.bo
