Re: BIOS
Also write protected with a physical jumper link.
Amen, but that should IMHO be a basic option for *anything* with firmware. I agree that that is not always workable in an Enterprise environment, but if *you* can remotely change something it takes a lot of security to prevent someone else from doing the same.