The importance of physical security

It makes no difference what Operating System (OS) you run, Windows, Linux, BSD, or OSX, if someone has access to your computer (or server), password security is meaningless.  Every OS has the possibility of resetting the administrative password.

This does make some sense, as often computers or servers are set-up, run an application or service for an extended period of time, and potentially become “orphans” in the enterprise.  Put another way, the person who did the original set-up has moved on, let go, or simply forgot how the device was configured.

The reality is that sometimes short term “kludges” end up end up having long lives, are never properly documented, and live their lives in a forgotten corner of a server room, under desk, locked in a closet, or some other forlorn corner of the enterprise.  When that happens, there is a legitimate need to reset the the master password.

Linux? Look here –http://www.slashgeek.net/2012/06/12/reset-linux-root-password-in-under-5-minutes/

Windows 7? Look here – http://www.securitytube.net/video/4611#

BSD? Look here – http://www.techrepublic.com/blog/security/recover-freebsd-root-access-when-you-forgot-the-password/4621

OSX? – Look here –http://abneru.wordpress.com/2012/05/10/change-mac-osx-lion-root-password/

Windows in general? Look here – http://pcsupport.about.com/od/toolsofthetrade/tp/passrecovery.htm

There are lots of pages on the internet that can go on and on about the importance of physical security, however most of them refer to large enterprise networks. However physical security is something every end-user should be aware of.  If you value your privacy, or if you have confidential data on your computer, passwords are meaning less. Keep your eyes on your computer or you will never know if it has been compromised.

If your computer is a laptop or other portable device, the risk increases exponentially.  Do you know how many laptops or lost or stolen every day?  I’m sure Google can answer that question, but “far too many” works for me.  If this is a risk that concerns you, you also have the option of full disk encryption.

For more information about “full disk encryption” check out Truecrypt.  Keep in mind that unlike an OS, if your forget the encryption key, the number of recovery options are limited. http://www.truecrypt.org/

If you want to learn more about Physical Security check out the following link – http://www.techrepublic.com/article/lock-it-down-dont-overlook-physical-security-on-your-network/5054057 – or simple Google “IT Physical Security”.

 

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *