A method and apparatus for protection of computer assets from unauthorized access is described. A protection engine is incorporated into microprocessor support circuitry to control access to computer assets, for example, BIOS memory and peripheral devices. The protection engine is capable of monitoring the state of an switch and controlling access to computer assets based, in part, on the state of the switch. The protection engine is capable of authenticating the source of interface control commands using cryptographic techniques. The protection engine provides protection against computer viruses, malicious cookies and java/javascript applets, macros, unauthorized remote access to a computer system, and other forms of unauthorized access.