I know that anyone who can get into a computer can make it insecure (by putting the hard drive in another machine or taking the mo/board battery out to clear the bios password), but what are the steps I can realistically take to make a computer in a shared office secure? I can only think of these two: 1. set a BIOS password 2. set a GRUB password so no-one else can boot it into single-user mode Anything else?