BIOS/UEFI and boot configuration
The BIOS/UEFI configuration is vital to the correct functioning and to the security posture of a system. Enabling or disabling devices for instance can have a big impact on a system. Security mechanisms provided by the operating system (e.g. file access permissions) can be circumvented by loading a different operating system, e.g. by booting from CD.
If physical access to the system by unauthorized persons is a concern, the BIOS/UEFI shall be protected by at least a strong password.
Multiple operating systems or copies thereof shall not be installed on the same computer.
Attention to access control. Risk of equipment damage!
Non-observance of security measures conceals security risks. Therefore:
→ Protect access to the BIOS/UEFI with a strong password.
→ Disable booting from floppy, CD-ROM or USB sticks.