After researchers recently discovered a way to physically hack into PC’s, Tyler Reese, Product Manager from One Identity, explains how organisations can protect systems from these attacks and what users can do to protect their data.
Tyler Reese, Product Manager at One Identity:
“Physical security is just as important as cyber security. Organizations should ensure that their systems are physically secured. Practices and techniques such as using physical locks, educating employees on the danger of allowing unknown individuals onto work premises, locking IT equipment to desks and employees physically securing IT equipment while traveling, such as keeping laptops in hotel safes when they away from their rooms, all help to improve an organisation’s physical security.
To mitigate against these attacks, encrypting your hard drive with TPM/Bitlocker, continuing to keep your operating system and applications patched, and applying new firmware/microcode updates as they become available are all important measures to take. Many computers also have tamper notification alerts if someone has opened the case of a computer, which lets the user or admin know that someone has been tampering with the internals of the system.
To protect data, users should only keep the data they need on their machines. If you have sensitive files that you don’t need access to, archive it in a separate location or hard drive. Cloud file services such as One Drive have the ability to disable local caching of files, so they are only downloaded when needed.’”