Securing the BIOS
The following steps will make a system's BIOS more secure from unauthorized modification.
- Disable wake on LAN.
- Disable booting from external peripherals.
- Disable booting from CD/DVD.
- Disable booting from floppy.
- Use BIOS password.
- Research availability/existence of BIOS master password as a potential vulnerability.
- If possible, lock the machine's case, as most BIOSes will allow someone to reset them using a jumper combination or by removing the battery for a period of time.
See also: physical security