Depending onyour level of risk, you may use locked doors, electronic security systems, oreven armed guards. How restricted you keep the host depends on therisk and potential loss of someone gaining illicit physical access. The first step in keeping a machine secure from prying fingers is keeping thehost in a restricted location. It is something everyemployee needs to be concerned with. Physical security isnot simply a matter for data centers and security systems. Manyinsider attacks are actually due to a disgruntled employee. It is easy to imagine situations where someone couldimpersonate a coworker in an effort to get them fired or harm the company. However, if the situation hadbeen slightly different and there was a malicious user in the group, there couldhave been great harm done. Luckily, they were all friends and knewtheir boundaries with each other and the company. In the end, the activity caused the workers to become much more securityconscious and better administrators. It was increasingly a real cat-and-mouse game as theirdefensive and offensive skills became refined. Over time, the administrators becameskilled at locking down their workstations to make it difficult for those tryingto play tricks on them. They took great joy in breaking into each others' computers andperforming various acts of mischief. This gave someworkers unsupervised physical access to their coworkers machines for hours onend.
They worked around the clock on a shift basis, so it was notunusual for only one or two people to be in the office at a time. Controlling physical access to a host is the first step in preventing aninsider attack.Īt a previous job, one of us (Bruce) shared an office with seven other systemadministrators. These attacks arecommon because not only will an insider potentially have the motivation toattack, they will have easier access to trusted resources than an outsideentity. Insider attacks are violations of thesecurity of a resource by someone within your organization. According to various reports, between 38% and 70% of all computerattacks are insider attacks. Lack ofphysical security in a workplace can allow illicit and almost untraceableaccess. However, it is an important aspect of information security. Physical security is a trait often overlooked when attempting to secure ahost.
#ACCESS ACTURETIVES FOR MAC MAC OS X#
This chapter presents techniquesthat you can employ that make Mac OS X more secure and have a minimal impact onthe usability of the system. However,to be user friendly, some sacrifices have been made that make it less secure.Also, there are some common configuration practices that can further reduce theoverall security of the core operating system. Mac OS X as it ships out of the box is designed to be user friendly. Through properconfiguration and maintenance, your Mac OS X workstation can provide a stableand secure platform for your applications. However, in the hands of a malicious user attempting to gainaccess to your data or resources, it is powerful and dangerous. When using the operating system forday-to-day activities, it is easy to use and provides a stable platform foryour applications. OS X is a powerful, modernoperating system with a UNIX core.
#ACCESS ACTURETIVES FOR MAC FOR MAC OS#
This advice holds particularly true for Mac OS X. Regardless of which analogyyou prefer, realize that the more effort and attention to detail you provide toyour base configuration, the more secure and reliable your host will be. There are many analogiesthat can be used to describe the need for secure OS configuration A house needsa solid foundation to survive a storm, a chain is only as good as its weakestlink, a tree with shallow roots is easily toppled. From physical security to account management to bootoptions, the quality of the base configuration of your operating system makes ahuge difference in the overall security of the host. To have a secured workstation, all aspects of the machines' securityneed to be considered.