The Physical Side of IT Security

Updated: February 21, 2008



Firewalls, anti-malware applications, encryption technology and other data-security tools are all important, but so is the physical protection of your company's systems and storage media. Sadly, many businesses have confidently installed a full complement of data-security measures only to have a thief walk through the door and steal the server.

Here's how to make sure that your IT assets are protected against real-world threats such as burglars, vandals and employees with sticky fingers.



1. Lock the door. A high-quality deadbolt lock, mounted on a strong, metal door, is the cheapest and most effective physical security investment a company can make. Locked doors can help keep items such as workstations, servers, mobile devices and data discs from "walking away" or being tampered with. If your company's budget allows, you may also want to install additional lock technologies such as a PIN keypad or a card or fingerprint reader.

2. Install a surveillance system. Recent technological advancements — and price reductions — have made cameras, motion detectors and other surveillance technologies far more useful and affordable. Deploy these devices at strategic locations inside and outside your business's premises. Besides protecting IT assets, surveillance systems can enhance your company's overall physical security.

3. Use rack-mounted equipment. It's a lot easier for a thief to walk off with a stand-alone server or network device than one that is mounted inside a rack. Rack-mounted gear also tends to be slightly less expensive to buy and is much easier to organize and service than stand-alone hardware.

4. Corral your portable devices. Any laptop, PDA or other portable device that isn't actually being used by an employee should be stored inside a securely locked room. You may even want to double the protection by chaining laptops to a wall or another permanent fixture with a cable lock. Smaller devices can be safely stored in a locked filing cabinet or safe.

5. Exile your backups. You can safely store primary backups inside the same locked room as your laptops and other mobile devices. Also, plan to keep secondary backup copies at a second site in case a fire or other calamity wipes out your primary business location. Be sure to use locks and other physical security tools at your remote storage site.

6. Seal open ports. Consider removing or sealing (with glue) open USB and FireWire ports on your office workstations. This move will keep employees and visitors from stealing data by plugging a USB drive, an iPod or a smartphone into a workstation.

7. Secure vulnerable workstations. Computers — particularly systems that are located in public places like a reception area or a point-of-sale location — are vulnerable to grab-and-run thieves. Make sure that these machines are securely attached to the desk or table.

8. Lock the cases. Each workstation should be locked down to prevent a thief from reaching inside the machine and stealing its hard drive — and the valuable data it contains. A variety of vendors offer inexpensive case locks.

9. Protect your printers. A stolen printer is a nuisance and a minor financial loss. Potentially far more valuable is the data that resides inside the printer's memory. A thief in possession of a company printer may be able to make copies of recently printed documents. Printers should be bolted down to prevent theft.


The Bottom Line


Many people think that IT security stops at protecting networks and sensitive data. If you're company doesn't implement a physical security plan, you'll be vulnerable to a host of real and costly threats. Make sure you implement these strategies and secure your business from danger.

Related Categories
Featured Research
  • Office365 Adoption eGuide

    Microsoft moved to the cloud in 2014, and, as a result, Office 365 is taking off. Now, Okta customers are connecting to Office 365 in increasing numbers. This eGuide explains why IT departments should plan and deploy solutions around identity and mobility management in concert with their Office 365 roll out to get maximum user adoption. more

  • Okta Directory Integration

    For most companies, Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) play a central role in coordinating identity and access management policies. When on-premise applications are integrated to Active Directory or LDAP, users get the best possible experience. That's why Okta's cloud-based identity and access management service provides a highly useful single integration point. more

  • Securing Enterprise Information Technology

    In the 1980s and 1990s, business applications and data were largely confined within and protected by a Local Area Network (LAN). The 2000s introduced a significant change. Download this white paper now to learn why the shift to the cloud is changing how companies think about and manage their IT infrastructure. more

  • Top 8 Identity and Access Management Challenges with Your SaaS Applications

    With more and more businesses adopting Software-as-a-Service (SaaS) applications, enterprise IT is fundamentally changing. This whitepaper presents the eight biggest Identity and Access Management (IAM) challenges associated with adopting and deploying cloud and SaaS applications, and discusses best practices for addressing each of them. more

  • Better BYOD with Pulse Secure and MDM Partners

    Learn how Pulse Secure and leading MDM product partners are transforming the way employees and IT benefit from the productivity and flexibility of BYOD — without compromising security or increasing management complexity. more