Effectiveness of Physical, Social and Digital Mechanisms against Laptop Theft in Open Organizations

Authors:
Trajce Dimkov;Wolter Pieters;Pieter Hartel
Affiliations:
-;-;-
Venue:
GREENCOM-CPSCOM '10 Proceedings of the 2010 IEEE/ACM Int'l Conference on Green Computing and Communications & Int'l Conference on Cyber, Physical and Social Computing
Year:
2010

Citing 10
Cited 2

Mobile ambients

Theoretical Computer Science
Spatial Policies for Sentient Mobile Applications

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Information exposure control through data manipulation for ubiquitous computing

NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Gaining Access with Social Engineering: An Empirical Study of the Threat

Information Systems Security
BootJacker: compromising computers using forced restarts

Proceedings of the 15th ACM conference on Computer and communications security
Privacy-preserving location tracking of lost or stolen devices: cryptographic techniques and replacing trusted third parties with DHTs

SS'08 Proceedings of the 17th conference on Security symposium
Attacking the BitLocker Boot Process

Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Laptop theft: a case study on the effectiveness of security mechanisms in open organizations

Proceedings of the 17th ACM conference on Computer and communications security
Two methodologies for physical penetration testing using social engineering

Proceedings of the 26th Annual Computer Security Applications Conference
Portunes: representing attack scenarios spanning through the physical, digital and social domain

ARSPA-WITS'10 Proceedings of the 2010 joint conference on Automated reasoning for security protocol analysis and issues in the theory of security

Training students to steal: a practical assignment in computer security education

Proceedings of the 42nd ACM technical symposium on Computer science education
Obligations to enforce prohibitions: on the adequacy of security policies

Proceedings of the 6th International Conference on Security of Information and Networks

Quantified Score

Hi-index	0.00

Visualization

Abstract

Organizations rely on physical, digital and social mechanisms to protect their IT systems. Of all IT systems, laptops are probably the most troublesome to protect, since they are easy to remove and conceal. When the thief has physical possession of the laptop, it is also difficult to protect the data inside. In this study, we look at the effectiveness of the security mechanisms against laptop theft in two universities. The study considers the physical and social protection of the laptops. We analyze the logs from laptop thefts in both universities and complement the results with penetration tests. The results from the study show that the effectiveness of security mechanisms from the physical domain is limited, and it depends mostly from the social domain. The study serves as a motivation to further investigate the analysis of the alignment of the mechanisms across all three security domains to protect the IT assets in an organization.