Tips to Improve the Physical Security of Our Computers and USB

Depending on our environment and the systems that we have to protect, the security that we must establish may be more or less strict. In any case, we must have minimum security measures that do not leave us unprotected. Next, we are going to deal with some of the physical security problems that we may face on a daily basis, and propose measures to avoid them or, at least, mitigate their impact as much as possible.

One of the points that can affect the physical security of our equipment the most is how we use USB memory sticks, improper use can be very harmful and we are going to start here.

You should never use unknown USB sticks

Right now one of the most common ways of transferring data is through the use of USB memories. However, improper or reckless use can destroy the physical security of our equipment. One thing to keep in mind is the danger of USB sticks of unknown origin . For example, let’s imagine that one day on the street or in a public place you can find a pendrive or an external hard drive, would you use it?

In principle, this sounds positive, but there is a very important aspect to take into account, you do not know if it contains harmful software or in how many PCs it could be inserted. That memory can contain a large number of dangers, which a priori, we have not thought about, such as:

• Keyloggers : it is a type of malware designed to steal passwords and personal data, it allows you to record all keystrokes and send it to a remote server.
• Trojans : with this type of malware, they could sneak into our PC remotely to spy on us, and even to gain full control of the PC.
• Creating scheduled tasks that could put computer files, stored information, and installed programs at risk.
• Collection of information from the system that they could use to sell them to third parties or send us targeted advertising.
• Browser hijackers in which we could be redirected to websites controlled by cybercriminals.

In addition, we must not forget the USBkill , pendrives specifically designed to physically damage our PC, server or wherever we connect it. The USBkill are responsible for storing and later downloading all the energy in the USB port, therefore, we will irretrievably damage the motherboard of our equipment, causing our computer not to start again.

Another important issue can be a lost USB memory that can affect our security . They are getting bigger and bigger and we sometimes store identity documents and invoices in them that could be used to impersonate identity. It is always recommended to add a layer of encryption to these types of devices, so that, in case of loss or theft, no one can read the information without the decryption key. Programs like VeraCrypt are highly recommended, because they allow you to create encrypted containers, and they also allow you to fully encrypt the USB memory.

There may also come a time when for some reason you want to give or sell a USB memory . In this sense, you do not have to deliver it as you have it at that time, since it may contain confidential files or passwords that may affect your security. In these cases, what we must do is use specific file deletion programs to prevent data recovery programs from recovering said information.

To finish with this section, we must always have our USB memory controlled . Perhaps if it is used only at home or in a single space, it is not so important, but it should be done. In this sense, it is convenient to put a sticker, mark or strap to help us identify it. Also keep in mind that you can mistakenly enter one that is not yours and infect your computer. Sometimes USB sticks have a similar design or could even be identical.

The protection of our work team

The first thing we have to do in this section is that we have established a login with username and password. Ideally, have a strong password made up of:

• 12 characters.
• Please have uppercase and lowercase letters.
• Contains some symbol such as @.

If someone has physical access to our computer, it is always recommended to block the session to force to enter the access password again.

This is an important safety measure to protect our work. If we work in front of the public or in an office where clients pass, we must work like this, when we are not in front of our computer we must protect our  equipment . The correct way is by blocking the system, or directly by logging out and then logging in again. The objective is that, when starting again, it asks us to enter the username and password. In this way we avoid prying eyes, misuse by colleagues and possible theft of information. Our personal computer must also have security updates, an antivirus and an anti-malware software installed.

Keep confidential information safe

We must handle confidential information safely and efficiently. A security breach can lead to personal loss or damage to the company. In this sense, a good policy may be the use of Bitlocker encryption used by the Pro and Enterprise versions of Windows. In case of not having this tool, we could use the same VeraCrypt that also serves to encrypt disk drives, partitions, and even create encrypted containers.

One thing that we must be careful with regarding the physical security of our computers is the information that is displayed on the screens of our PCs or laptops. Depending on the angle a person takes, they could see our passwords or confidential information. One way to avoid this is by using privacy filters on our screens. Its operation is that only the people in front of the screen can see its content. While a person behind could see it, it takes away the view of the content from many others. View is blocked for those outside a 60 ° viewing angle.

Sometimes we have to work with confidential voice memos in which, perhaps, sensitive information such as passwords is mentioned. In those cases when we work with confidential audios and we are not alone, we must always use headphones . It is also necessary to establish an adequate policy of backup copies of our data. In addition to choosing the appropriate medium, they should be kept in a safe place where they can be properly preserved, and if possible they are fully encrypted.

Physical security in our equipment

It’s not about just reaching out and plugging in the equipment. We also have to place it in the right place, and also, that it has protection measures. An important part is the placement, we must place it in a place where it sits in a stable way and objects cannot fall on it. It is also recommended that it is not at ground level and at a certain height, so that, in case of flood, it is not affected too much.

Another important element is the issue related to electricity, to protect it correctly it is very important to connect our PCs to grounded sockets. It is also very important to always work with uninterruptible power supplies (UPS), so that it protects us from both voltage surges and power cuts, in this way, in the event of a power failure, we will have time to safely shut down your computer after saving all your work.

Do not allow unauthorized persons to use our equipment

We must not allow anyone to touch our equipment . In that sense, you could make something work by disabling a security option. Imagine for a moment that you cannot surf the Internet, then a non-expert colleague disables the firewall and we can surf. You are doing us a disservice because you are exposing our security.

In case the one who offers you advice is a stranger, do not let him use the computer or put into practice what he proposes. At most, write it down on a paper or text file to make the appropriate inquiries. You should always turn to the authorized person of your company, or request assistance from a specialist as the case may be. With this series of physical security tips on our computers we can keep them safer.