As the saying goes, “a secure system that an attacker can physically access is not a secure system.”

I keep an eye on the police blogs in my area just to get a feel for what kinds of incidents occur. Many of them relate to purses and laptops walking out of unsecured rooms. This kind of breach does not require a ton of commentary. If practical, lock the door to your offices. Lock your computer to a solid object. Encrypt your data and lock down your terminal when you step away. (There is software to do this for you!) Finally, don’t leave stuff unattended for prolonged periods.

As evidenced by the police blogs and personal experience, many restricted-access buildings depend on unauthorized persons voluntarily not attempting to enter. Despite the assertions of facilities administrators, these buildings and by extension the offices within should be considered public.

To end on a lighter note, I offer an excerpt from the daily police blog:

Public Intoxication / Possession of a Fictitious Document: A Student, who was under the age of 21, was reported as leaping a tall fire hydrant in a single bound and staggering as he attempted to walk along the sidewalk…”

Students! If you are under 21 and drunk, do not leap tall fire hydrants in a single bound! You will attract unwanted attention. Next time, try a doublejump.

(credit: Penny Arcade)