How can you secure your computer’s hardware configuration?



You’re planning to disable the USB port on all of the computers in your organization, but you’re concerned about your end user community re-enabling the ports on individual systems. What’s the easiest way to ensure that the hardware changes are protected from any end-user modifications?

A) Add a password to the BIOS configuration

B) Modify the Windows group policies to restrict access to the USB ports

C) Open the systems and physically disconnect the USB ports from the motherboard

D) Use a physical USB lock to prevent access to the ports


The answer: A) Add a password to the BIOS configuration

The BIOS passwords can easily restrict access to the system’s hardware configuration without any hardware modifications.

The incorrect answers:

B) Modify the Windows group policies to restrict access to the USB ports
Windows group policies can restrict access to the USB ports, but they’ll have no effect on other operating systems. Since we’d like to restrict access to the hardware, we’ll need a solution that can work universally regardless of what LiveCD might be used as a boot source.

C) Open the systems and physically disconnect the USB ports from the motherboard
Opening every computer is time consuming, and most USB ports are integrated onto the motherboard. Unless you want to get out a soldering iron, it will be difficult to physically disconnect the USB ports.

D) Use a physical USB lock to prevent access to the ports
There are locks available for USB ports, but those solutions require additional hardware and specialized tools. This clearly isn’t the easiest solution.

Want to know more? Watch “Installing and Configuring Security Systems.”

The practical implementation of security system impacts a wide range of systems, technologies, and processes. In this video, you’ll learn how to secure your BIOS, use smart cards, audit your system through event logs, and how NTFS can make your system more secure.