The Physical Side of IT Security

Updated: August 20, 2012

Issue

 

Firewalls, anti-malware applications, encryption technology and other data-security tools are all important, but so is the physical protection of your company's systems and storage media. Sadly, many businesses have confidently installed a full complement of data-security measures only to have a thief walk through the door and steal the server.

Here's how to make sure that your IT assets are protected against real-world threats such as burglars, vandals and employees with sticky fingers.

 

Strategies


1. Lock the door. A high-quality deadbolt lock, mounted on a strong, metal door, is the cheapest and most effective physical security investment a company can make. Locked doors can help keep items such as workstations, servers, mobile devices and data discs from "walking away" or being tampered with. If your company's budget allows, you may also want to install additional lock technologies such as a PIN keypad or a card or fingerprint reader.

2. Install a surveillance system. Recent technological advancements — and price reductions — have made cameras, motion detectors and other surveillance technologies far more useful and affordable. Deploy these devices at strategic locations inside and outside your business's premises. Besides protecting IT assets, surveillance systems can enhance your company's overall physical security.

3. Use rack-mounted equipment. It's a lot easier for a thief to walk off with a stand-alone server or network device than one that is mounted inside a rack. Rack-mounted gear also tends to be slightly less expensive to buy and is much easier to organize and service than stand-alone hardware.

4. Corral your portable devices. Any laptop, PDA or other portable device that isn't actually being used by an employee should be stored inside a securely locked room. You may even want to double the protection by chaining laptops to a wall or another permanent fixture with a cable lock. Smaller devices can be safely stored in a locked filing cabinet or safe.

5. Exile your backups. You can safely store primary backups inside the same locked room as your laptops and other mobile devices. Also, plan to keep secondary backup copies at a second site in case a fire or other calamity wipes out your primary business location. Be sure to use locks and other physical security tools at your remote storage site.

6. Seal open ports. Consider removing or sealing (with glue) open USB and FireWire ports on your office workstations. This move will keep employees and visitors from stealing data by plugging a USB drive, an iPod or a smartphone into a workstation.

7. Secure vulnerable workstations. Computers — particularly systems that are located in public places like a reception area or a point-of-sale location — are vulnerable to grab-and-run thieves. Make sure that these machines are securely attached to the desk or table.

8. Lock the cases. Each workstation should be locked down to prevent a thief from reaching inside the machine and stealing its hard drive — and the valuable data it contains. A variety of vendors offer inexpensive case locks.

9. Protect your printers. A stolen printer is a nuisance and a minor financial loss. Potentially far more valuable is the data that resides inside the printer's memory. A thief in possession of a company printer may be able to make copies of recently printed documents. Printers should be bolted down to prevent theft.

 

The Bottom Line

 

Many people think that IT security stops at protecting networks and sensitive data. If you're company doesn't implement a physical security plan, you'll be vulnerable to a host of real and costly threats. Make sure you implement these strategies and secure your business from danger.

Featured Research