Physically protecting a computer presents many of the same problems that arise when protecting typewriters, jewelry, and file cabinets. Like a typewriter, an office computer is something that many people inside the office need to access on an ongoing basis. Like jewelry, computers are very valuable, and very easy for a thief to sell. But the real danger in having a computer stolen isn't the loss of the system's hardware but the value of the loss of the data that was stored on the computer's disks. As with legal files and financial records, if you don't have a backup - or if the backup is stolen with the computer - the data you have lost may well be irreplaceable. Even if you do have a backup, you will still need to spend valuable time setting up a replacement system. Finally, there is always the chance that stolen information itself, or even the mere fact that information was stolen, will be used against you.
Your computers are among the most expensive possessions in your home or office; they are also the pieces of equipment that you can least afford to lose.
 We know of some computer professionals who say, "I don't care if the thief steals my computer; I just wish that he would first take out the hard drive!" Unfortunately, you can rarely reason in this manner with would-be thieves.
To make matters worse, computers and computer media are by far the most temperamental objects in today's home or office. Few people worry that their television sets will be damaged if they're turned on during a lightning storm, but a computer's power supply can be blown out simply by leaving the machine plugged into the wall if lightning strikes nearby. Even if the power surge doesn't destroy the information on your hard disk, it still may make the information inaccessible until the computer system is repaired.
Power surges don't come only during storms: one of the authors once had a workstation ruined because a vacuum cleaner was plugged into the same outlet as the running workstation: when the vacuum was switched on, the power surge fatally shorted out the workstation's power supply. Because of the age of the computer involved, it proved to be cheaper to throw out the machine and lose the data, rather than attempt to salvage the hardware and information stored on the machine's disk. That was an expensive form of spring cleaning!
There are several measures that you can take to protect your computer system against physical threats. Many of them will simultaneously protect the system from dangers posed by nature, outsiders, and inside saboteurs.
Computers are extremely complicated devices that often require exactly the right balance of physical and environmental conditions to properly operate. Altering this balance can cause your computer to fail in unexpected and often undesirable ways. Even worse, your computer might continue to operate, but erratically, producing incorrect results and corrupting valuable data.
In this respect, computers are a lot like people: they don't work well if they're too hot, too cold, or submerged in water without special protection.
Computers are notoriously bad at surviving fires. If the flames don't cause your system's case and circuit boards to ignite, the heat might melt your hard drive and all the solder holding the electronic components in place. Your computer might even survive the fire, only to be destroyed by the water used to fight the flames.
You can increase the chances that your computer will survive a fire by making sure that there is good fire-extinguishing equipment nearby.
In the late 1980s, Halon fire extinguishers were exceedingly popular for large corporate computer rooms. Halon is a chemical that works by "asphyxiating" the fire's chemical reaction. Unlike water, Halon does not conduct electricity and leaves no residue, so it will not damage expensive computer systems.
Unfortunately, Halon may also asphyxiate humans in the area. For this reason, all automatic Halon systems have loud alarms that sound before the Halon is discharged. Halon has another problem as well: after it is released into the environment, it slowly diffuses into the stratosphere, where it acts as a potent greenhouse gas and contributes to the destruction of the ozone layer. Halon is therefore being phased out and replaced with systems that are based on carbon dioxide (CO2), which still asphyxiate fires (and possibly humans), but which do not cause as much environmental degradation.
Here are some guidelines for fire control:
Make sure that you have a hand-held fire extinguisher by the doorway of your computer room. Train your computer operators in the proper use of the fire extinguisher. Repeat the training at least once a year. One good way to do this is to have your employees practice with extinguishers that need to be recharged (usually once every year or two). However, don't practice indoors!
Check the recharge state of each extinguisher every month. Extinguishers with gauges will show if they need recharging. All extinguishers should be recharged and examined by a professional on a periodic basis (sometimes those gauges stick in the "full" position!).
If you have an automatic fire-alarm system, make sure you can override it in the event of a false alarm.
Ensure that there is telephone access for your operators and users who may discover a fire or a false alarm.
Many modern computers will not be damaged by automatic sprinkler systems, provided that the computer's power is turned off before the water starts to flow (although disks, tapes, and printouts out in the open may suffer). Consequently, you should have your computer's power automatically cut if the water sprinkler triggers. Be sure that the computer has completely dried out before the power is restored. If your water has a very high mineral content, you may find it necessary to have the computer's circuit boards professionally cleaned before attempting to power up. Remember, getting sensitive electronics wet is never a good idea.
Because many computers can now survive exposure to water, many fire-protection experts now suggest that a water sprinkler system may be as good as (or better) than a CO2 system. In particular, a water system will continue to run long after a CO2 system is exhausted, so it's more likely to work against major fires. They also are less expensive to maintain, and less hazardous to humans.
If you choose to have a water-based sprinkler system installed, be sure it is a "dry-pipe" system. This keeps water out of the pipes until an alarm is actually triggered, rather than having the sprinkler heads pressurized all the time. This may save your system from leaks or misfortune.
 We know of one instance where a maintenance man accidentally knocked the sprinkler head off with a stepladder. The water came out in such quantity that the panels for the raised floor were floating before the water was shut off. The mess took more than a week to clean up.
Be sure that your wiring, in addition to your computers, is protected. Be certain that smoke detectors and sprinkler heads are appropriately positioned to cover wires in wiring trays (often above your suspended ceilings), and in wiring closets.
Smoke is very good at damaging computer equipment. Smoke is a potent abrasive and collects on the heads of magnetic disks, optical disks, and tape drives. A single smoke particle can cause a severe disk crash on some kinds of older disk drives without a sealed drive compartment.
Sometimes smoke is generated by computers themselves. Electrical fires - particularly those caused by the transformers in video monitors - can produce a pungent, acrid smoke that can damage other equipment and may also be a potent carcinogen. Several years ago, a laboratory at Stanford had to be evacuated because of toxic smoke caused by a fire in a single video monitor.
An even greater danger is the smoke that comes from cigarettes and pipes. Such smoke is a health hazard to people and computers alike. Smoke will cause premature failure of keyboards and require that they be cleaned more often. Nonsmokers in a smoky environment will not perform as well as they might otherwise, both in the near term and the long term; and in many locales, smoking in public or semi-public places is illegal.
Here are some guidelines for smoke control:
Do not permit smoking in your computer room or around the people who use the computers.
Install smoke detectors in every room with computer or terminal equipment.
If you have a raised floor, mount smoke detectors underneath the floor as well.
If you have suspended ceilings, mount smoke detectors above the ceiling tiles.
Most dust is electrically conductive. The design of many computers sucks large amounts of air and dust through the computer's insides for cooling. Invariably, a layer of dust will accumulate on a computer's circuit boards, covering every surface, exposed and otherwise. Eventually, the dust will cause circuits to short and fail.
Keep your computer room as dust free as possible.
If your computer has air filters, clean or replace them on a regular basis.
Get a special vacuum for your computers and use it on a regular basis. Be sure to vacuum behind your computers. You may also wish to vacuum your keyboards.
In environments with dust that you can't control well, consider getting keyboard dust covers to use when the keyboards are idle for long periods of time. However, don't simply throw homemade covers over your computers - doing so can cause the computer to overheat, and some covers can build up significant static charges.
While some parts of the world are subject to frequent and severe earthquakes, nearly every part of the world experiences the occasional temblor. In the United States, for example, the San Francisco Bay Area experiences several earthquakes every year; a major earthquake is expected within the next 20 years that may be equal in force to the great San Francisco earthquake of 1906. Scientists also predict an 80% chance that the eastern half of the United States may experience a similar earthquake within the next 30 years: the only truly unknown factor is where it will occur. As a result, several Eastern cities have enacted stringent anti-earthquake building codes. These days, many new buildings in Boston are built with diagonal cross-braces, using construction that one might expect to see in San Francisco.
While some buildings collapse in an earthquake, most remain standing. Careful attention to the placement of shelves and bookcases in your office can increase the chances that your computers will survive all but the worst disasters.
Here are some guidelines for earthquake control:
Avoid placing computers on any high surfaces - for example, on top of file cabinets.
Do not place heavy objects on bookcases or shelves near computers in such a way that they might fall on the computer during an earthquake.
To protect your computers from falling debris, place them underneath strong tables.
Do not place computers on desks next to windows - especially on higher floors. In an earthquake, the computer could be thrown through the window, destroying the computer, and creating a hazard for people on the ground below.
Consider physically attaching the computer to the surface on which it is resting. You can use bolts, tie-downs, straps, or other implements. (This practice also helps deter theft of the equipment.)
If you need to operate a computer in an area where there is a risk of explosion, you might consider purchasing a system with a ruggedized case. Disk drives can be shock-mounted within a computer; if explosion is a constant hazard, consider using a ruggedized laptop with an easily removed, shock-resistant hard drive.
Here are some basic guidelines for explosion control:
Consider the real possibility of explosion on your premises. Make sure that solvents, if present, are stored in appropriate containers in clean, uncluttered areas.
Keep your backups in blast-proof vaults or off-site.
Keep computers away from windows.
As with people, computers operate best within certain temperature ranges. Most computer systems should be kept between 50 and 90 degrees Fahrenheit (10 to 32 degrees Celsius). If the ambient temperature around your computer gets too high, the computer cannot adequately cool itself, and internal components can be damaged. If the temperature gets too cold, the system can undergo thermal shock when it is turned on, causing circuit boards or integrated circuits to crack.
Here are some basic guidelines for temperature control:
Check your computer's documentation to see what temperature ranges it can tolerate.
Install a temperature alarm in your computer room that is triggered by a temperature that is too low or too high. Set it to alarm when the temperature gets within 15-20 degrees (F) of the limits your system can take. Some alarms can even be connected to a phone line, and can be programed to dial predefined phone numbers and tell you, with a synthesized voice, "your computer room is too hot."
Be careful about placing computers too close to walls, which can interfere with air circulation. Most manufacturers recommend that their systems have 6 to 12 inches of open space on every side. If you cannot afford the necessary space, lower the computer's upper-level temperature by 10 degrees Fahrenheit or more.
Sometimes insects and other kinds of bugs find their way into computers. Indeed, the very term bug, used to describe something wrong with a computer program, dates back to the 1950s, when Grace Murray Hopper found a moth trapped between the relay contacts on Harvard University's Mark 1 computer.
Insects have a strange predilection for getting trapped between the high-voltage contacts of switching power supplies. Others seem to have insatiable cravings for the insulation that covers wires carrying line current and the high-pitched whine that switching power supplies emit. Spider webs inside computers collect dust like a magnet.
Motors, fans, heavy equipment, and even other computers can generate electrical noise that can cause intermittent problems with the computer you are using. This noise can be transmitted through space or nearby power lines.
Electrical surges are a special kind of electrical noise that consists of one (or a few) high-voltage spikes. As we've mentioned, an ordinary vacuum cleaner plugged into the same electrical outlet as a workstation can generate a spike capable of destroying the workstation's power supply.
Here are some guidelines for electrical noise control:
Make sure that there is no heavy equipment on the electrical circuit that powers your computer system.
If possible, have a special electrical circuit with an isolated ground installed for each computer system.
Install a line filter on your computer's power supply.
If you have problems with static, you may wish to install a static (grounding) mat around the computer's area, or apply antistatic sprays to your carpet.
Walkie-talkies, cellular telephones, and other kinds of radio transmitters can cause computers to malfunction when they are transmitting. Especially powerful transmitters can even cause permanent damage to systems. Transmitters have also been known to trigger the explosive charges in some sealed fire- extinguisher systems (e.g., Halon). All radio transmitters should be kept at least five feet from the computer, cables, and peripherals. If many people in your organization use portable transmitters, you should consider posting signs instructing them not to transmit in the computer's vicinity.
Lightning generates large power surges that can damage even computers whose electrical supplies are otherwise protected. If lightning strikes your building's metal frame (or hits your building's lightning rod), the resulting current on its way to ground can generate an intense magnetic field.
Here are some guidelines for lightning control:
If possible, turn off and unplug computer systems during lightning storms.
Make sure that your backup tapes, if they are kept on magnetic media, are stored as far as possible from the building's structural steel members.
Surge suppressor outlet strips will not protect your system from a direct strike, but may help if the storm is distant. Some surge suppressors include additional protection for sensitive telephone equipment; this extra protection may be of questionable value in most areas, though, since by law, telephone circuits must be equipped with lightning arresters.
In remote areas, modems are still damaged by lightning, even though they are on lines equipped with lightning arresters. In these areas, modems may benefit from additional lightning protection.
Vibration can put an early end to your computer system by literally shaking it apart. Even gentle vibration, over time, can work printed circuit boards out of their edge connectors, and integrated circuits out of their sockets. Vibration can cause hard disk drives to come out of alignment and increase the chance for catastrophic failure - and resulting data loss.
Here are some guidelines for vibration control:
Isolate your computer from vibration as much as possible.
If you are in a high-vibration environment, you can place your computer on a rubber or foam mat to dampen out vibrations reaching it, but make sure that the mat does not block ventilation openings.
Laptop computers are frequently equipped with hard disks that are better at resisting vibration than are desktop machines
Don't put your printer on top of a computer. Printers are mechanical devices; they generate vibrations. Desktop space may be a problem, but a bigger problem may be the unexpected failure of your computer's disk drive or system board.
Humidity is your computer's friend - but as with all friends, you can get too much of a good thing. Humidity prevents the buildup of static charge. If your computer room is too dry, static discharge between operators and your computer (or between the computer's moving parts) may destroy information or damage your computer itself. If the computer room is too humid, you may experience condensation on the computer's circuitry, which can short out and damage the electrical circuits.
Here are some guidelines for humidity control:
For optimal performance, keep the relative humidity of your computer room above 20% and well below the dew point (which depends on the ambient room temperature).
Some equipment has special humidity restrictions. Check your manuals.
Water can destroy your computer. The primary danger is an electrical short, which can happen if water bridges between a circuit-board trace carrying voltage and a trace carrying ground. A short will cause too much current to be pulled through a trace, and will heat up the trace and possibly melt it. Shorts can also destroy electronic components by pulling too much current through them.
Water usually comes from rain or flooding. Sometimes it comes from an errant sprinkler system. Water also may come from strange places, such as a toilet overflowing on a higher floor, vandalism, or the fire department.
Here are some guidelines for water control:
If you have a raised floor in your computer room, mount water detectors underneath the floor and above it.
Do not keep your computer in the basement of your building if your area is prone to flooding, or if your building has a sprinkler system.
Because water rises, you may wish to have two alarms, located at different heights. The first water sensor should ring an alarm; the second should automatically cut off power to your computer equipment. Automatic power cutoffs can save a lot of money if the flood happens off-hours, or if the flood occurs when the person who is supposed to attend to the alarm is otherwise occupied. More importantly, cutoffs can save lives: electricity, water, and people shouldn't mix.
To detect spurious problems, you should continuously monitor and record your computer room's temperature and relative humidity. As a general rule of thumb, every 1,000 square feet of office space should have its own recording equipment. Log and check recordings on a regular basis.
In addition to environmental problems, your computer system is vulnerable to a multitude of accidents. While it is impossible to prevent all accidents, careful planning can minimize the impact of accidents that will inevitably occur.
People need food and drink to stay alive. Computers, on the other hand, need to stay away from food and drink. One of the fastest ways of putting a keyboard out of commission is to pour a soft drink or cup of coffee between the keys. If this keyboard is your system console, you may be unable to reboot the computer until the console is replaced (we know this from experience).
Food - especially oily food - collects on people's fingers, and from there gets on anything that a person touches. Often this includes dirt-sensitive surfaces such as magnetic tapes and optical disks. Sometimes food can be cleaned away; other times it cannot. Oils from foods also tend to get onto screens, increasing glare and decreasing readability. Some screens (especially some terminals from Digital Equipment Corporation) are equipped with special quarter-wavelength antiglare coatings: when touched with oily hands, the fingerprints will glow with an annoying iridescence. Generally, the simplest rule is the safest: Keep all food and drink away from your computer systems.
 Perhaps more than any other rule in this chapter, this rule is honored most often in the breach.
In many modern office buildings, internal walls do not extend above dropped ceilings or beneath raised floors. This type of construction makes it easy for people in adjoining rooms, and sometimes adjoining offices, to gain access.
Here are some guidelines for dealing with raised floors and dropped ceilings:
Make sure that your building's internal walls extend above your dropped ceilings - so that intruders cannot enter locked offices simply by climbing over the walls.
Likewise, if you have raised floors, make sure that the building's walls extend down to the real floor.
Here are some guidelines for dealing with air ducts:
Areas that need large amounts of ventilation should be served by several small ducts, none of which is large enough for a person to traverse.
As an alternative, screens can be welded over air vents, or even within air ducts, to prevent unauthorized entry (although screens can be cut).
The truly paranoid administrator may wish to place motion detectors inside air ducts.
Although glass walls and large windows frequently add architectural panache, they can be severe security risks. Glass walls are easy to break; a brick and a bottle of gasoline thrown through a window can do an incredible amount of damage. Glass walls are also easy to look through: an attacker can gain critical knowledge, such as passwords or information about system operations, simply by carefully watching people on the other side of a glass wall or window.
Here are some guidelines for dealing with glass walls:
Avoid glass walls and windows for security-sensitive areas.
If you must have some amount of translucence, consider walls made of glass blocks.
Intentional disruption of services (e.g., a student who has homework due)
Revenge (e.g., a fired employee)
Entertainment for the feebleminded
Computer vandalism is often fast, easy, and very expensive. Sometimes, vandalism is actually sabotage presented as random vandalism.
In principle, any part of a computer system - or the building that houses it - may be a target for vandalism. In practice, some targets are more vulnerable than others. Some are described briefly in the following sections.
Several years ago, 60 workstations at the Massachusetts Institute of Technology were destroyed in a single evening by a student who poured Coca-Cola into each computer's ventilation holes. Authorities surmised that the vandal was a student who had not completed a problem set due the next day.
Computers that have ventilation holes need them. Don't seal up the holes to prevent this sort of vandalism. However, a rigidly enforced policy against food and drink in the computer room - or a 24-hour guard - can help prevent this kind of incident from happening at your site.
Local and wide area networks are exceedingly vulnerable to vandalism. In many cases, a vandal can disable an entire subnet of workstations by cutting a single wire with a pair of wire cutters. Compared with Ethernet, fiber optic cables are at the same time more vulnerable (because sometimes they can be more easily damaged), more difficult to repair (because fiber optics are difficult to splice), and more attractive targets (because they often carry more information).
One simple method for protecting a network cable is to run it through physically secure locations. For example, Ethernet cable is often placed in cable trays or suspended from ceilings with plastic loops. But Ethernet can also be run through steel conduit between offices. Besides protecting against vandalism, this practice protects against some forms of network eavesdropping, and may help protect your cables in the event of a small fire.
Some high-security installations use double-walled, shielded conduit with a pressurized gas between the layers. Pressure sensors on the conduit break off all traffic or sound a warning bell if the pressure ever drops, as might occur if someone breached the walls of the pipe. It important that you physically protect your network cables. Placing the wire inside an electrical conduit when it is first installed can literally save thousands of dollars in repairs and hundreds of hours in downtime later.
Many universities have networks that rely on Ethernet or fiber optic cables strung through the basements. A single frustrated student with a pair of wirecutters or a straight pin can halt the work of thousands of students and professors.
We also have heard stories about fiber optic cable suffering small fractures because someone stepped on it. A fracture of this type is difficult to locate because there is no break in the coating. Be very careful where you place your cables. Note that "temporary" cable runs often turn into permanent or semi-permanent installations, so take the extra time and effort to install cable correctly the first time.
In addition to cutting a cable, a vandal who has access to a network's endpoint - a network connector - can electronically disable or damage the network. Ethernet is especially vulnerable to grounding and network-termination problems. Simply by removing a terminator at the end of the network cable or by grounding an Ethernet's inside conductor, an attacker can render the entire network inoperable. Usually this event happens by accident; however, it can also happen as the result of an intentionally destructive attack.
All networks based on wire are vulnerable to attacks with high voltage. At one university in the late 1980s, a student destroyed a cluster of workstations by plugging the thin-wire Ethernet cable into a 110VAC wall outlet. (Once again, the student wanted to simulate a lightning strike because he hadn't done his homework.)
Unless your computer is used by the military or being operated in a war zone, it is unlikely to be a war target. Nevertheless, if you live in a region that is subject to political strife, you may wish to consider additional structural protection for your computer room.
Alternatively, you may find it cheaper to devise a system of hot backups and mirrored disks and servers. With a reasonably fast network link, you can arrange for files stored on one computer to be simultaneously copied to another system on the other side of town - or the other side of the world. Sites that cannot afford simultaneous backup can have hourly or nightly incremental dumps made across the network link. Although a tank or suicide bomber may destroy your computer center, your data can be safely protected someplace else.
Because many computers are relatively small and valuable, they are easily stolen and easily sold. Even computers that are relatively difficult to fence - such as DEC VaxStations - have been stolen by thieves who thought that they were actually stealing PCs. As with any expensive piece of equipment, you should attempt to protect your computer investment with physical measures such as locks and bolts.
If your computer is stolen, the information it contains will be at the mercy of the equipment's new "owners." They may erase it. Alternatively, they may read it. Sensitive information can be sold, used for blackmail, or used to compromise other computer systems.
You can never make something impossible to steal. But you can make stolen information virtually useless - provided that it is encrypted and that the thief does not know the encryption key. For this reason, even with the best computer-security mechanisms and physical deterrents, sensitive information should be encrypted using an encryption system that is difficult to break. We recommend that you acquire and use a strong encryption system so that even if your computer is stolen, the sensitive information it contains will not be compromised.
 The UNIX crypt encryption program (described in Chapter 6, Cryptography) is trivial to break. Do not use it for information that is the least bit sensitive.
Portable computers present a special hazard. They are easily stolen, difficult to tie down (they then cease to be portable!), and often quite easily resold. Personnel with laptops should be trained to be especially vigilant in protecting their computers. In particular, theft of laptops in airports is a major problem.
Note that theft of laptops may not be motivated by greed (resale potential) alone. Often, competitive intelligence is more easily obtained by stealing a laptop with critical information than by hacking into a protected network. Thus, good encryption on a portable computer is critical. Unfortunately, this encryption makes the laptop a "munition" and difficult to legally remove from many countries (including the U.S.).
 See Chapter 6 for more detail on this.
Different countries have different laws with respect to encryption, and many of these laws are currently in flux. In the United States, you cannot legally export computers containing cryptographic software: one solution to this problem is to use an encryption product that is manufactured and marketed outside, as well as inside, your country of origin. First encrypt the data before leaving, then remove the encryption software. After you arrive at your destination, obtain a copy of the same encryption software and reinstall it. (For the U.S. at least, you can legally bring the PC back into the country with the software in place.) But U.S. regulations currently have exemptions allowing U.S.-owned companies to transfer cryptographic software between their domestic and foreign offices. Furthermore, destination countries may have their own restrictions. Frankly, you may prefer to leave the portable at home!
We hope your computer will never be stolen or damaged. But if it is, you should have a plan for immediately securing temporary computer equipment and for loading your backups onto the new systems. This plan is known as disaster recovery.
We recommend that you do the following:
Establish a plan for rapidly acquiring new equipment in the event of theft, fire, or equipment failure.
Test this plan by renting (or borrowing) a computer system and trying to restore your backups.
If you ask, you may discover that your computer dealer is willing to lend you a system that is faster than the original system, for the purpose of evaluation. There is probably no better way to evaluate a system than to load your backup tapes onto the system and see if they work. Be sure to delete and purge the computer's disk drives before returning them to your vendor.
Beyond the items mentioned earlier, you may also wish to consider the impact on your computer center of the following:
Loss of phone service or networks. How will this impact your regular operations?
Vendor going bankrupt. How important is support? Can you move to another hardware or software system?
Significant absenteeism. Will this impact your ability to operate?