As noted in our previous blog, physical security is one of the layers required for good data security. Physical security is an area that is often overlooked, but it’s one of the most vulnerable areas. Physical security are the measures put in place to protect equipment and resources, including people. Even with the greatest technology in place to protect your data, technology can’t stop a person from walking away with valuable information in hand.
Physical security is about controlling, monitoring, and managing who has access to equipment, facilities, and company assets. While there are numerous factors that should be taken into consideration when creating a physical security program, they must be tailored to fit individual business needs.
Some example of physical security are:
Conducting thorough and complete background checks on ALL employees and contractors
Implementing a security awareness program and continuously training employees on best practices
Utilizing security ID cards to control who has access to your space
Restricting data and hardware access to only people who require it for their jobs
Monitoring office spaces with surveillance cameras
Physically locking workstations in place
Restricting use of USBs, CD-ROMs and other portable media
Having procedures ready to remotely wipe any portable devices
Good physical security is the foundation for good cyber security. Next week we’ll dig deeper into data security.