[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Disable Root Recovery



On Tue, 2006-03-14 at 21:05 +0700, Feris Thia wrote:
> On 3/14/06, Rodolfo Alcazar <rodolfo alcazar padep org bo> wrote:
> > - lock hardware, specially hard disks (deny physical access to disks)
> 
> you mean.. lock hardware from operating system level ?? If so... how
> can I do that ?

Security is an integral issue. I saw cases with security locks on other
offices, and computers secured to the desks. Here we have a locked
servers area, only two keys, and guardians are trained to protect that
area. We also have a phone alarm which triggers when the servers room
window is opened. 

We saw here (a couple of years ago) an interesting event: some thiefs
entered by night to a non-government human rights office. Didnt steal
nothing. Except 6 hard disks (windows servers and clients). Some people
were fired. Im sure the information contained worths it. 

If someone gets your linux disk, he can install it on another linux box,
and break encryption if its worth (cracking has a cost. If the cost is
lower than the value of the encrypted information, it is worth. The
value includes time, obviously). Keep an eye on your backups, also.
Where are they? Are they locked? If you get them to a security box in a
bank... which is the transportation procedure? 

The point is: If you have valuable information, spend not only on
logical security, but physical. Physical breakage is easier, cause a lot
of managers forget it. When I visited Colombia, some years ago, know
this office: a girl convinced a guardian to enter. Then aimed the guy
with a gun, make him unplug alarms and electricity and 4 guys entered
and stolen some tapes. The paradox: logical security was unbeatable. 

-- 
Rodolfo Alcazar
Administrador datos y red

Deutsche Gesellschaft für
Technische Zusammenarbeit (GTZ) GmbH

Programa de Apoyo a la Gestión Pública Descentralizada y 
Lucha Contra La Pobreza - PADEP

Av. Sánchez Lima 2226
T +591 22417628 (121)
C +591 70656800
E rodolfo alcazar padep org bo
I www.padep.org.bo


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]