>> The thief could even access PCs that require a log-in username/password
>> by using a boot CD, a specially-crafted CD that sidesteps log-in
>> authentication, said Usher.
> Only on the assumption that data is actually on the hard drive, most
> major organisations that I know of prohibit storage of any data on a
> local hard drive and have it all on more secure network storage.
> If they leave data on a local hard drive, and don't lock out booting
> from a CD or Floppy (and having the BIOS password protected), then > more fool them.
BIOS passwords are only as good as that little CR-2032 lithium battery. Remove or short the battery and kiss passwords goodbye.
> Gartner's 2004 advice would block pod slurping, added Usher, if
>> enterprises adopted the research firm's recommendations to lock down
>> desktops by disabling USB functionality or Windows' Universal Plug and >> Play.
> And stopping booting another OS to bypass that disabling, otherwise it
> could be a waste of time.
As I showed above, you could remove/short the battery and then boot up Knoppix and copy files to CD-R, USB memory key, etc.