Just to show you how old I am, here’s a story I can recall from the chilliest days of the Cold war. Legend has it that a big hulking IBM Mainframe mysteriously “disappeared” while riding the rails to its destination in West Germany. Several years later, IBM received a parts order for a mainframe dubiously located in Moscow … bearing the “missing” computer’s serial number. As Karla Jennings so aptly put it on page 163 of ‘The Devouring Fungus:’
“The United States couldn’t bust the KGB for theft, but the Kremlin couldn’t get its parts either.”
A cute story from mother Russia to remind you to scold your pastors about the perils of portable computing. Here’s one from ‘Down Under‘ that may hit closer to home:
“LAPTOP PCs with top-secret Defence material were among the more than 1000 laptops stolen from government departments over the past four years, an inquiry has found.” – 04apr04 – The Australian
In other words, one of the easiest methods of me breaking into your church’s servers would be to borrow your youth pastor’s PDA for an hour or so while he’s sitting adjacent to the pulpit nodding agreeingly in rhythm to the staccato of the pastor’s sermonizing.
Think about it, among your church staff, how many of them have their passwords written down on a Post-It Note™ taped to the bottom of their keyboard and/or have their systems automatically fill in the blanks in response to a basic authentication prompt? Now think about this quote from a ComputerWorld story posted on this date three years ago today, in response to some State Department laptops that went missing on April 19, 2000 :
“If your firewalls, intrusion-detection software and encryption technologies make you feel safe, think again.
As the recent incident involving the theft of a U.S. State Department laptop demonstrates , having the best protection against external hackers means little if sensitive data is allowed to simply walk out the door.”
So unless your church’s current security measures exceed that of a secure government facility, here is some required reading to get you and your church staff started on the path of righteous physical security of your portable computing:
- Beginners Guides: Preventing Data Theft From a Stolen Laptop
- PDA Security 101
- No Security Without Physical Security
- A Reasonable Approach to Physical Security
- 5-Minute Security Advisor – Basic Physical Security
There will be a test, unfortunately for the unprepared, I won’t be the one administering it!