1.8.1 Tamper-Evident Cover
Systems equipped with a tamper-evident cover have a key lock for their covers
and internal I/O devices. In the locked position, it mechanically prevents the
covers from being removed. The key has been changed to a type that can be
duplicated only by the manufacturer.
If the covers are forced open, an electro-mechanical switch and perimeter
sensor detect the intrusion. If the computer was on during the break-in attempt,
depending on options specified during system setup, it will either defer action
until the next IPL, lock up, or pass a non-maskable interrupt (NMI) to the
software.
The next time the computer is started, the power-on self-test (POST) routine
displays a message informing the user of the intrusion, and requires that the
automatic configuration program be run before the computer can be used. This
is done to flag any configuration changes that may have occurred due to the
intrusion (for example, removal of a disk drive). In addition, the system cannot
be used without the privileged-access password if it has been set. There is a
provision for maintenance that allows the system to be used without the covers
in place. However, to use this feature, the key must have been used to remove
the covers.
Other systems may have lockable covers. However, it is not that difficult to pry
the system unit cover off, disable or unplug the key mechanism, and get inside
the system. The tamper-evident mechanism is an important feature which flags
the intrusion and prevents the operation of the system after a forced entry has
occurred. This detection feature is very valuable for detecting the person most
likely to break into the secured workstation, the user. Once the machine has
been disabled, the system owner or administrator must be contacted to reset the
system.
1.8.2 Secure I/O Cables
This rear-panel security option is an enclosure that is secured to the back of the
computer by the cover lock. Its function is to prevent the cables from being
removed and other cables from being attached. This effectively secures the
serial, parallel, and SCSI cables, as well as other ports and cables provided by
adapters. This is because it prevents someone from attaching a device through
these connectors and gaining access to the data in the system.
The cable cover also has a tamper-evident feature.
1.8.3 Passwords
IBM PC Servers are equipped with several layers of password protection. The
most basic is the power-on password. The power-on password must be entered
correctly each time the system is turned on. After three incorrect attempts, the
system must be turned off and back on in order to try again.
The keyboard password is another level of password protection and is used to
lock the keyboard without turning the computer off. It also prevents rebooting
the system by pressing the Ctrl+Alt+Del keys.
IBM PC Servers also provide an unattended server mode (or network server
mode). This mode allows other computers to access a fixed disk drive on a
server even though the keyboard is locked. This is useful, for example, when
Chapter 1. IBM PC Server Technologies 35