Owners and users of computers and other electronic devices are highly sensitive to data security concerns. Many corporations and government agencies limit access to data. One technique for restricting data access is to limit devices to which a user can connect or disconnect their computers, thereby preventing employees from copying information from computer systems onto storage media or storage devices that the employee might remove from the premises. Limiting device access can also prevent employees from uploading harmful, unlicensed, or otherwise improper software, data, or viruses onto company computers.
Companies use various techniques to prevent uploading and downloading of information. Some prohibit all removable media devices from the computers, for example including floppy drives, compact disk (CD) writers, Iomega ZIP drives and Jaz drives, and others. Another solution is to place a mechanical locking device in place of the standard media. Other techniques include attaching or gluing a lock which prevents a drive such as a floppy drive, a compact disk (CD) drive, a digital versatile disk (DVD) drive, or other drive from opening. Further security methods may include the usage of terminals without any local storage capability.
The above-described solutions do not fully ensure data security because various interfaces may remain that allow access to data, including serial ports, parallel ports, or other types of data interfaces such as Universal Serial Bus (USB) ports on any computer surfaces to which an employee can still connect an external storage device. Some companies have taken steps to prevent data access by physically removing the data ports, breaking pins inside the ports, or by sealing the ports with epoxy, resulting in an irreversible and permanent disabling of the ports. If a computer support technician desires to later update system software on the computer, the disabled ports prevent reconnection of devices that would allow updating or restoration of the system software.
Even actions such as opening the computer case, removing an internal hard drive, and replacing the drive on an unprotected computer with the capability to upload software may not be feasible due to differences in hardware and an inability to install software patches on the computer within which the hard drive is ultimately to execute.