Theoretical Computer Science
Spatial Policies for Sentient Mobile Applications
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Information exposure control through data manipulation for ubiquitous computing
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Gaining Access with Social Engineering: An Empirical Study of the Threat
Information Systems Security
BootJacker: compromising computers using forced restarts
Proceedings of the 15th ACM conference on Computer and communications security
SS'08 Proceedings of the 17th conference on Security symposium
Attacking the BitLocker Boot Process
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Laptop theft: a case study on the effectiveness of security mechanisms in open organizations
Proceedings of the 17th ACM conference on Computer and communications security
Two methodologies for physical penetration testing using social engineering
Proceedings of the 26th Annual Computer Security Applications Conference
Portunes: representing attack scenarios spanning through the physical, digital and social domain
ARSPA-WITS'10 Proceedings of the 2010 joint conference on Automated reasoning for security protocol analysis and issues in the theory of security
Training students to steal: a practical assignment in computer security education
Proceedings of the 42nd ACM technical symposium on Computer science education
Obligations to enforce prohibitions: on the adequacy of security policies
Proceedings of the 6th International Conference on Security of Information and Networks
Hi-index | 0.00 |
Organizations rely on physical, digital and social mechanisms to protect their IT systems. Of all IT systems, laptops are probably the most troublesome to protect, since they are easy to remove and conceal. When the thief has physical possession of the laptop, it is also difficult to protect the data inside. In this study, we look at the effectiveness of the security mechanisms against laptop theft in two universities. The study considers the physical and social protection of the laptops. We analyze the logs from laptop thefts in both universities and complement the results with penetration tests. The results from the study show that the effectiveness of security mechanisms from the physical domain is limited, and it depends mostly from the social domain. The study serves as a motivation to further investigate the analysis of the alignment of the mechanisms across all three security domains to protect the IT assets in an organization.