Certain aspects direct to systems and methods for preventing a thin client or a zero client from unauthorized physical access. A microcontroller is provided and connected to the chassis of the thin client or zero client computing device via a first interface, such as a general-purpose input/output (GPIO) line. Whenever the chassis is physically opened, the chassis generates a signal, and sends the signal to the microcontroller via the GPIO line. Upon receiving the signal, the microcontroller determines that a physical access event occurs to the computing device. Unless the physical access event is authorized, the microcontroller may generate a log to record events for the computing device, and store the log in the storage device; and perform a self-protect action to the computing device. If network connectivity is available, the microcontroller may send the log to a server via the network.