Abstract
Organizations rely on physical, technical and procedural mechanisms to protect their IT systems. Of all IT systems, laptops are the probably the most troublesome to protect, since they are easy to remove and conceal. When the thief has physical possession of the laptop, it is difficult to protect the data inside. Organizations open to the public, such as hospitals and universities, are easy targets for laptop thieves, since every day many people wander in the premises. In this study, we look at the effectiveness of the security mechanisms against laptop theft in two universities. We analyze the logs from laptop thefts in both universities and complement the results with penetration tests. The results from the study show that surveillance cameras and access control have a limited role in the security of the organization and that the level of security awareness of the employees plays the greatest role in stopping a theft.
| Original language | English |
|---|---|
| Title of host publication | CCS'10 - Proceedings of the 17th ACM Conference on Computer and Communications Security |
| Pages | 666-668 |
| Number of pages | 3 |
| DOIs | |
| Publication status | Published - 16 Dec 2010 |
| Event | 17th ACM Conference on Computer and Communications Security, CCS'10 - Chicago, IL, United States Duration: 4 Oct 2010 → 8 Oct 2010 |
Conference
| Conference | 17th ACM Conference on Computer and Communications Security, CCS'10 |
|---|---|
| Country | United States |
| City | Chicago, IL |
| Period | 4/10/10 → 8/10/10 |
Keywords
- Case study
- Laptop theft
- Penetration tests
- Physical security
- Security awareness
- Social engineering