An organisation that I do work for has made the decision to move several public access terminals (Tower/Monitor/Keyboard/Mouse combo) into a public place.
These machines are already secured with change preventing software (either DeepFreeze or SteadyState) but will now live in a publicly accessible area with minimal observation.
What are the best ways to physically secure machines like this against theft? Are there any additional software security mechanisms which should be considered? What about securing them against the theft of peripherals?
Suggestions and advice would be appreciated.
Edit: The machines are not in the main flow of traffic (they are not on the main floor) but the area they are in is moderate traffic, and accessible for a good portion of each day. We're using PCs to be terminals because the budget for this is very small so we are recomissioning old machines to serve the purpose.
-
HP and Dell sell brackets or locks for most of their PC to make them harder to steal. Get a good salesman from either, or a resale outfit like CDW, they'll make the process much easier.
There are also companies that make hardened PC rigs for public use. Usually made out of all steel and acrylic so they're much harder to damage. Again, find a larger resale company and start asking.
Also, if it's really public then you can expect them to be valdalized and stolen on a regular basis no matter what you do. It's simply a cost of doing business, and you have to weigh the gains against the losses.
From Chris S -
Cable locks for the tower and monitor - I know most laptops have little divots for a standard cable lock to fit into, you should look into monitors and towers that also have them. Then you loop them around the desk if you can. If you already work with someone selling you office furniture, you can buy them with cable-lock-friendly bits on them.
Unless you have a good reason to use them, epoxy all of the unused peripheral ports. Have someone do a regular check for physical keyloggers getting attached to the keyboard. Unplug the floppy drive ribbon cable, if applicable.
From mfinni -
You could get an integrated kiosk solution. I've never specced one of these, but there's a whole bunch of suppliers on the net who are more capable and specialised.
Ok, maybe that's outside your budget.
You could put a standard PC in the view of the public, but you'd have to really lock it down.
- Physically disable the USB ports, either disconnect the headers from the motherboard, or fill the ports with epoxy resin.
- Put the entire unit in a lockbox, only the essential access is available, ie, holes for the keyboard and mouse cables.
- Instead of a mouse, how about a trackpad or trackball, these are easier to bolt down, and potentially harder to steal.
- Get a highly robust keyboard, one that can take a good bashing, preferably waterproof too, in case anyone spills their coffee on it!
- You'll need a secure firewall too, as well as as much software security you can get your hands on.
- Preferably, write your software to require a dongle for it to run, so they can copy the executable files, but they'd need the hardware key to make it usable.
At the end of the day, people will vandalize your hardware, they'll steal the mice, cut the cables, steal the caps of the keyboard.
Weigh up the cost of replacing these weekly, or buying a hardened kiosk, then make the decision based on that.
Zephyr Pellerin : I just thought I'd add on that you can get some of those flexible keyboards. ( http://www.google.com/products/catalog?hl=en&client=firefox-a&hs=MUC&rls=org.mozilla:en-US:official&resnum=0&q=Flexible+keyboards&um=1&ie=UTF-8&cid=8674251919358054865&ei=3B6MS86VNoXitgOakJiFAw&sa=X&oi=product_catalog_result&ct=image&resnum=5&ved=0CCcQ8gIwBA# ) Have one around here and they are nigh indestructible.Tom O'Connor : They look pretty groovy, i bet they're no match for a stanley knife though!From Tom O'Connor -
Hi, if you're willing to switch to Mac using a software like eCrisper (http://ecrisper.com), then you could use http://www.ianchor.net/
Tom O'Connor : Interesting, but why not just drill through the "foot" aluminium, and bolt it to the desk?From Yves Mailhot
0 comments:
Post a Comment