Remember: It’s not all about the 1s and 0s

So many businesses focus their security efforts on the technology: preventing successful phishing attacks, data breaches, intellectual property theft, etc. Unfortunately, those same businesses often overlook the critical role that physical security plays in really locking down enterprise risks. Good physical security – of your systems, workspaces and people – can go a long way to preventing many security incidents.

Don’t let your computers be stolen

At its most simple level, physical security applied to your systems can take the form of locked data centers, and locking cables that prevent laptops and desktops from being stolen. Many data breaches involve lost or stolen computer systems and those are the ones that often will force you to make a disclosure to affected parties under breach notification laws. Most of the time those systems aren’t stolen for what’s on them…they’re stolen so that the device itself can be sold. Think about who has access to your workspaces. Do you have contracted services, like janitorial or maintenance, that are in your offices after normal business hours? What do you know about those people?

I recently spoke with a CISO who had built a great security environment across his corporation. But, as he visited one of his Midwest offices, he was surprised to find no locks on the data center doors, and desktop computers weren’t secured with cables. When he asked the staff on-site why that was, they told him they trust everyone who works there. Why would anyone steal computers from them?

Don’t let unauthorized people into your workspaces

As noted above, it’s critical that you control who has access to your physical plants – offices, warehouses, distribution centers, etc. I’ve seen people talk their way past guards and gates way too easily. Many offices I visit no longer have receptionists, which was traditionally the first line of defense, having been replaced by locked doors and badge readers. But if your employees don’t practice good access control, it’s all for naught. The biggest culprit here is tailgating – one employee badges-in to open a door and multiple people follow her into the office. I met someone who allowed a person to tailgate into her office building, and that person turned out to be an attacker who shot his ex-girlfriend once he was inside.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *