Physical Security for Your Cybersecurity
Cybersecurity companies spend a lot of time innovating and finding new ways to protect your virtual assets, but what some businesses may not know is that physical security is another necessary piece of the equation. Before you ever turn on a server or load up an operating system, you need to have a firm foundation built on physical security.
Check and make sure that your building has the following physical security measures in place:
- Protect your printers. Many printers can now store recently printed documents in their internal memory, especially if the printer is a high-end office printer with a “job box.” If a hacker gets access to a login pin, they can access all users print jobs, some of which may contain confidential information. Put a policy in place that instructs users to delete their print jobs immediately after printing, and change login pin codes often.
- Lock the door to your server. The adage says that locks are only goods for keeping honest people honest, but when it comes to physical security, it’s your first line of defense against thieves and hackers. Ensure that no one but necessary personnel has access to the keys or passwords to enter the room. If not, you’re leaving yourself vulnerable to damage done to your servers, routers, switches, and cables.
- Make good use of surveillance cameras. Ensure that cameras are hidden away from sight so that people aren’t able to tamper with it before illegitimately entering your server room. Some higher-end cameras allow you to set up motion detection, to conserve power, and email notifications that let you know if someone is attempting to enter the room after-hours.
- Be sure that workstations are not left vulnerable. Implement a policy that says that unused offices are always locked when not in use. For computers that are outside of offices, such as the front desk, require thumbprint or face recognition software that makes it more difficult to log in than a traditional password. If an employee is gone for an extended period, such as vacation or sick leave, disconnect their workstation from the network to prohibit unauthorized access.
- Put case locks on all desktop computers. This prevents attackers from stealing hard drives from computer towers, as the cases cannot be opened without a key. For portable devices, such as laptops, purchase desk locks or require that laptops are to be turned into a locking cart when not in use. Laptops are very vulnerable to theft, as they are lightweight and easily hidden.