An example of this would be something like the Google Search Appliance.
Areas covered might including closure and software security, remote access and updates, etc.
Looking more for a solution that covers 80% of the risks and requirements, than being at the Google Search Appliance level.
Well, first thing would be getting a lawyer to help you draft the terms and conditions for your customers. Without that, it don't matter. Also, nothing will prevent a moderately-determined malicious actor from getting in, so I assume you just want to extract punishment of some sort from customers that do get in?
Tamper-evident tape on all points where the hardware can be opened?
Special screws? I'm looking at you, Apple.
Contractual requirement to supply a VPN and/or dial-in connection for maintenance?
Some sort of phone-home so you know every time it gets rebooted? Combined with the case-opening alarms or alerts that some BIOSes have?
The ability to update the appliance with an encrypted USB key that you would mail out?
Individual passwords on all units, possibly based on a one-way hash of the serial number? Otherwise, when you have an employee leave, or a customer crack your password, all your units are vulnerable until the password is replaced.
Protecting the disk with a full disk encryption system tied to a TPM (something like Microsoft Bitlocker, for example) would go a long way toward preventing malicious attackers from being able to modify or copy the contents of the disk. Cracking open a TPM to get a key out is a non-trivial operation and even a determined attacker is going to have some real problems unless they've got a fairly significant budget.
