Physical SecurityBy Simon Lincoln | 12 Nov 2021
Advice of personal and physical security
Your physical security
Information security is rightly focused on by businesses in keeping information safe from theft. However, digital threats are not the only ones that pose a risk. Physical attacks can be just as damaging. Every organisation has physical assets or facilities that can give criminals access to information: Laptops, Desktops, Mobile phones, Removeable media, Paperwork, Server rooms, Delivery/unloading areas.
Gaining access to this equipment by the criminal can be done in a number of ways: a criminal could gain access via open delivery areas or by tailgating employees - this is where a criminal gets into the building by approaching legitimate staff as they are about to enter. Equipment can be stolen while an employee is travelling. Offices that do not operate a clean desk policy also make it easier for information to be stolen.
Considerations for increasing your physical security
Clear desk policy: it is often convenient for workers to leave papers lying on desks, but if these papers contain sensitive information their contents can easily be stolen. A clear desk policy ensures that key documents are put away at the end of the day and papers are shredded if no longer required
Training: staff are often first in line when it comes to deterring a physical attack. Therefore, security training is extremely useful
Identify your employees: this can be as simple as creating an ID badge, or implementing biometric scanners (depending on your budget and security risk) - this reduces the likelihood of tailgating, and if passcodes or scanners are used you can restrict access to sensitive areas
Have a robust back-up protocol: back-ups won’t stop information being lost, but if equipment is damaged or lost information can then be quickly restored
Install cameras/alarms: security cameras can be installed outside vulnerable areas such as server rooms, reception area and delivery space.
Install gates/doors: server rooms should always be secured. Gated entry into the building can also help to prevent tailgating, as will specially designed anti-tailgating doors
Encryption/access control: ensure that staff encrypt sensitive material, including that saved on removeable devices and information sent via email. This adds another level of security to your information if access to the device is gained. Ensure that passwords are strong and that access to sensitive or confidential information is only granted to those who need it
Create a culture of security: integrate physical and digital security into every aspect of your business operations
Physical security doesn’t just pose a risk to large businesses. It’s also a weakness that is particularly easy to exploit in smaller organisations as they often have less money to invest in physical protection and fewer personnel who can be dedicated to security.
If you have concerns and would like a security assessment, please contact us –E: email@example.com | T: +44 (0) 20 7499 9323