According to a study released in 2000 by the FBI and the Computer Security Institute (CSI), over seventy percent of all attacks on sensitive data and resources reported by organizations occurred from within the organization itself. Implementing an internal security policy appears to be just as important as an external strategy. The following sections explain some of the common steps administrators and users can take to safeguard their systems from internal malpractice.
Employee workstations, for the most part, are not as likely to be targets for remote attack, especially those behind a properly configured firewall. However, there are some safeguards that can be implemented to avert an internal or physical attack on individual workstation resources.
Modern workstation and home PCs have BIOSes that control system resources on the hardware level. Workstation users can also set administrative passwords within the BIOS to prevent malicious users from accessing the system. BIOS passwords prevent malicious users from booting the system at all, deterring the user from quickly accessing or stealing information stored on the hard drive.
However, if the malicious user steals the PC (the most common case of theft frequent travelers who carry laptops and other mobile devices) and takes it to a location where they can disassemble the PC, the BIOS password does not prevent the attacker from removing the hard drive, installing it in another PC without BIOS restriction, and mount the hard drive to read any contents within. In these cases, it is recommended that workstations have locks to restrict access to internal hardware. Hardware such as lockable steel cables can be attached to PC and laptop chassis to prevent theft, as well as key locks on the chassis itself to prevent internal access. Such hardware is widely available from manufacturers such as Kensington and Targus.
Server hardware, especially production servers, are typically mounted on racks in server rooms. Server cabinets usually have lockable doors; and individual server chassis also are available with lockable front bezels for increased security from errant (or intentional) shutdown.
Enterprises can also use co-location providers to house their servers, as co-location providers offer higher bandwidth, 24x7 technical support, and expertise in system and server security. This can be an effective means of outsourcing security and connectivity needs for HTTP transactions or streaming media services. However, co-location can be cost-prohibitive, especially for small to medium-sized businesses. Co-location facilities are known for being heavily guarded by trained security staff and tightly monitored at all times.