harrison@GPU.UTCS.UTORONTO.CA (David Harrison) (10/24/90)
We are about to replace our `dumb' ascii/tek-compatible terminals with colour X-terminals. Among the locations will be a dedicated terminal room which is never locked, although the building itself is locked from ~10PM - 7AM. Being a university building, people are constantly coming and going, so we regularly see winos et.al. in the building at all hours. So -- we are considering systems to insure that our X-terminals are still there when we come in in the morning. Physical security in terms of bolting the suckers to table tops, track balls similarly bolted down instead of mice, and similar physical measures are taken care of. But such schemes are fairly trivial to bust if the person *really* wants to steal our stuff. We are musing about more sophisticated systems, such as ping-ing the terminals every few minutes and if we don't get a response calling somebody, ringing a bell, whatever. Thus, I am soliciting experience, ideas, and/or cautions about these issues. --- David Harrison, Dept. of Physics, Univ. of Toronto
THOR@lcc.edu (What's So Personal About a Name Anyhow ?) (11/13/90)
In regard to your physical security issue: One tried and true solution is to hire student empolyess as terminal-baby sitters. Students are generally are inexpensive and available source for employment (and they will even work night & early morning shifts). While you could go out and bolt your terminals down, a determened thief wouldn't be detered for long, especially in an unattended room full of thousand dollar terminals. Just a Thought!
wcs@erebus.att.com (William Clare Stewart) (11/14/90)
David Harrison asks for suggestions about keeping X terminals from being stolen in a physically non-secure environment, such as pinging the terminal every few minutes. This won't work if people turn the terminals off, or do other things that confuse the terminal too much to answer pings, and won't work at all if there are any workstations on the net that could be convinced to forge replies. I don't have any POSITIVE suggestions, beyond social engineering and maybe a video camera that's VERY obvious. Model 029 keypunches were a lot easier to secure - they were too big to move without major inconvenience. -- Thanks; Bill # Bill Stewart 908-949-0705 erebus.att.com!wcs AT&T Bell Labs 4M-312 Holmdel NJ
P.E.Smee@gdr.bath.ac.uk (11/14/90)
We've got several similar terminal rooms. My first advice would have to be 'get a good insurance policy'. However, we don't actually have much trouble -- here's what we do: 1 - Some equipment is bolted down. Most, however, is only protected by a 'limpet' security system. (You see these in shops -- a little doobry stuck to the device, and connected by wire and plug to an 'alarm' ring. The alarm is set off if the limpet is unstuck from the device, or the wire cut or detached. It's an n-wire flex using both normally-open and normally closed switches, not color-coded, so that you would have to be pretty lucky to be able to defeat them by exposing the inner wires and shorting across the proper two. 2 - Closed-circuit TV monitor, transmitting back to our campus security office (rentacops). 3 - All machines clearly and irretrievably marked with University ID. Unlike marking your home stuff, there are no points for aesthetics. You can mark the thing up such that removing the marked bits makes them un-saleable. 4 - Keypad doorlocks. All our 24-hour terminal rooms have electronic keypad doorlocks, and attempts to mung them are monitored at the security office (yet again). The number is changed monthly, and the new number is announced only on our 'proper login' hosts. So, you have to login to one of our systems during the working day (which means we basically have password security) in order to find out the number to use out-of-hours to open the door. People without login accounts can get the number by appearing in person, during working hours and with proper ID, at the Computing Service reception desk. (One of the other British Universities, I believe Oxford, uses 'card-wipe' door locks, which are opened by a magnetic stripe on student and staff ID cards. Whoever this is also uses the technology as an integrated library card, sports-facility card, ...) 5 - Make sure there is a phone in the room. This phone MUST be able to get to police, fire, emergency medical, and university security numbers, at any time. (A hot-line to security or the University operators is fine, if there is someone guaranteed to be there 24 hours a day. Otherwise, you need a clever phone or switchboard.) This 'works', in the sense that most computing equipment stolen from us is NOT stolen from one of the 24-hour terminal rooms, but rather by breaking into private offices in some of our more isolated buildings. -- Paul Smee, Computing Service, University of Bristol, Bristol BS8 1UD, UK P.Smee@bristol.ac.uk - ..!uunet!ukc!bsmail!p.smee - Tel +44 272 303132