5.3 - Protecting Assets

In this section, we identify the main physical security components to fight against threats as theft, interruption to services, physical damage, compromised systems and environment integrity, and unauthorized access.

The loss from these components being damaged as well as cost to replace these systems, consultant fees, and additional negative effects on productivity and customer confidence are considered real losses. Although, companies are generally prepared for these types of losses, by using risk analysis tools, often times the data held within these systems is of high greater value than the physical systems themselves.

Protection against physical theft can be mitigated by taking the following measures:

• Inventory all laptops, including serial numbers, so they can be properly identified if recovered.
• Password protected BIOS.
• Register physical devices with the vendor to allow a report to be filed if stolen.
• Do not check physical devices as luggage, when flying.
• Never leave a physical device unattended (should be carried in a nondescript carrying case)
• Engrave the device with a symbol or number for proper identification.
• Back up the data from the laptop and store it on a stationary PC or backup media.
• Specialized safes
• Data Encryption