Laptop theft: a case study on effectiveness of security mechanisms in open organizations

T. Dimkov; Wolter Pieters; Pieter H. Hartel

doi:10.1145/1866307.1866391

Laptop theft: a case study on effectiveness of security mechanisms in open organizations

T. Dimkov
, Wolter Pieters
, Pieter H. Hartel

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

7 Citations (Scopus)

19 Downloads (Pure)

Abstract

Organizations rely on physical, technical and procedural mechanisms to protect their IT systems. Of all IT systems, laptops are the probably the most troublesome to protect, since they are easy to remove and conceal. When the thief has physical possession of the laptop, it is difficult to protect the data inside. Organizations open to the public, such as hospitals and universities, are easy targets for laptop thieves, since every day many people wander in the premises. In this study, we look at the effectiveness of the security mechanisms against laptop theft in two universities. We analyze the logs from laptop thefts in both universities and complement the results with penetration tests. The results from the study show that surveillance cameras and access control have a limited role in the security of the organization and that the level of security awareness of the employees plays the greatest role in stopping a theft.

Original language	Undefined
Title of host publication	Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS)
Publisher	Association for Computing Machinery
Pages	666-668
Number of pages	3
ISBN (Print)	978-1-4503-0245-6
DOIs	https://doi.org/10.1145/1866307.1866391
Publication status	Published - Oct 2010
Event	17th ACM Conference on Computer and Communications Security, CCS 2010 - Chicago, United States Duration: 4 Oct 2010 → 8 Oct 2010 Conference number: 17

Publication series

Name
Publisher	ACM

Conference

Conference	17th ACM Conference on Computer and Communications Security, CCS 2010
Abbreviated title	CCS
Country/Territory	United States
City	Chicago
Period	4/10/10 → 8/10/10

Keywords

METIS-275686
Case Study
IR-74285
Laptop theft
SCS-Cybersecurity
EWI-18718
physical security
penetration tests
security awareness

Access to Document

10.1145/1866307.1866391

http://eprints.eemcs.utwente.nl/secure2/18718/02/css_-_results.pdf

Cite this

@inproceedings{5094d97153c241659224dd00b56890b8,

title = "Laptop theft: a case study on effectiveness of security mechanisms in open organizations",

abstract = "Organizations rely on physical, technical and procedural mechanisms to protect their IT systems. Of all IT systems, laptops are the probably the most troublesome to protect, since they are easy to remove and conceal. When the thief has physical possession of the laptop, it is difficult to protect the data inside. Organizations open to the public, such as hospitals and universities, are easy targets for laptop thieves, since every day many people wander in the premises. In this study, we look at the effectiveness of the security mechanisms against laptop theft in two universities. We analyze the logs from laptop thefts in both universities and complement the results with penetration tests. The results from the study show that surveillance cameras and access control have a limited role in the security of the organization and that the level of security awareness of the employees plays the greatest role in stopping a theft.",

keywords = "METIS-275686, Case Study, IR-74285, Laptop theft, SCS-Cybersecurity, EWI-18718, physical security, penetration tests, security awareness",

author = "T. Dimkov and Wolter Pieters and Hartel, \{Pieter H.\}",

note = "10.1145/1866307.1866391 ; 17th ACM Conference on Computer and Communications Security, CCS 2010 ; Conference date: 04-10-2010 Through 08-10-2010",

year = "2010",

month = oct,

doi = "10.1145/1866307.1866391",

language = "Undefined",

isbn = "978-1-4503-0245-6",

publisher = "Association for Computing Machinery",

pages = "666--668",

booktitle = "Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS)",

address = "United States",

}

Dimkov, T, Pieters, W & Hartel, PH 2010, Laptop theft: a case study on effectiveness of security mechanisms in open organizations. in Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS). Association for Computing Machinery, pp. 666-668, 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, Illinois, United States, 4/10/10. https://doi.org/10.1145/1866307.1866391

Laptop theft: a case study on effectiveness of security mechanisms in open organizations. / Dimkov, T.; Pieters, Wolter; Hartel, Pieter H.
Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS). Association for Computing Machinery, 2010. p. 666-668.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Laptop theft: a case study on effectiveness of security mechanisms in open organizations

AU - Dimkov, T.

AU - Pieters, Wolter

AU - Hartel, Pieter H.

N1 - Conference code: 17

PY - 2010/10

Y1 - 2010/10

N2 - Organizations rely on physical, technical and procedural mechanisms to protect their IT systems. Of all IT systems, laptops are the probably the most troublesome to protect, since they are easy to remove and conceal. When the thief has physical possession of the laptop, it is difficult to protect the data inside. Organizations open to the public, such as hospitals and universities, are easy targets for laptop thieves, since every day many people wander in the premises. In this study, we look at the effectiveness of the security mechanisms against laptop theft in two universities. We analyze the logs from laptop thefts in both universities and complement the results with penetration tests. The results from the study show that surveillance cameras and access control have a limited role in the security of the organization and that the level of security awareness of the employees plays the greatest role in stopping a theft.

AB - Organizations rely on physical, technical and procedural mechanisms to protect their IT systems. Of all IT systems, laptops are the probably the most troublesome to protect, since they are easy to remove and conceal. When the thief has physical possession of the laptop, it is difficult to protect the data inside. Organizations open to the public, such as hospitals and universities, are easy targets for laptop thieves, since every day many people wander in the premises. In this study, we look at the effectiveness of the security mechanisms against laptop theft in two universities. We analyze the logs from laptop thefts in both universities and complement the results with penetration tests. The results from the study show that surveillance cameras and access control have a limited role in the security of the organization and that the level of security awareness of the employees plays the greatest role in stopping a theft.

KW - METIS-275686

KW - Case Study

KW - IR-74285

KW - Laptop theft

KW - SCS-Cybersecurity

KW - EWI-18718

KW - physical security

KW - penetration tests

KW - security awareness

U2 - 10.1145/1866307.1866391

DO - 10.1145/1866307.1866391

M3 - Conference contribution

SN - 978-1-4503-0245-6

SP - 666

EP - 668

BT - Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS)

PB - Association for Computing Machinery

T2 - 17th ACM Conference on Computer and Communications Security, CCS 2010

Y2 - 4 October 2010 through 8 October 2010

ER -