Excellent article by Phil Goldstein, BizTech web editor, who lays out five principal reasons for not overlooking physical security -- the blood-n-guts, rank-and-file grunt work of keeping things safe -- when so many concerns these days have to do with cybersecurity.
Many businesses spend vast amounts of time and money — and rightly so —focused on firewalls and encryption software to protect their IT systems and data. However, physical security is often overlooked in the debate over cybersecurity. It can be just as crucial, though, especially for small businesses that do not have as many resources as larger firms to devote to security personnel and tools.
Physical security helps companies protect assets, including IT infrastructure and servers, that make their businesses run and that store sensitive and critical data. Physical security encompasses measures and tools like gates, alarms and video surveillance cameras, but also includes another central element: an organization’s personnel. Crucially, business and IT leaders need to foster a culture of security in addition to investing in technology to protect the organization, according to security experts.
Want some letters after your name, like maybe CPO, CSSM or CPOI? Click here to find out how.
The Department of Homeland Security and the National Cyber Security Alliance (NCSA), a public-private partnership, have for the past 13 years been using October to annually mark National Cyber Security Awareness Month. The second week is focused on what organizations can do to create a culture of cybersecurity in the workplace.
Here are some strategies small businesses can follow to enhance physical security and make sure their data and IT infrastructure remains secure.
Instill a Culture of Security
An organization’s employees are its first line of defense, according to Malcolm Harkins, a security industry veteran and chief security and trust officer at Cylance, a cybersecurity firmfocused on proactive defense.
Harkins says that companies should start improving their security “by building security awareness and instilling a culture of commitment by creating a great place to work.”
“If you do this, your employees are less likely to get disgruntled and will, in turn, not want to harm the company,” he wrote in an op-ed piece for CBS Boston. “Train employees on security awareness, such as locking and encrypting their systems, choosing safe passwords and only sharing confidential information with those who need to know.”
Invest in Security Gates and Doors
In addition to having a staff member in a building’s lobby monitoring who gets access to a company’s offices, security technology expert Robert Covington, the founder and president of togoCIO, writes in Computerworld that “systems requiring a proximity card for entry are now quite common, and with good reason.”
Such systems are important and should be used more than they are, he says, because they “provide tight granularity of access control for individual doors and a detailed audit trail.”
Yet, as Covington notes, badges or badge data can be stolen by thieves or malicious actors. Ralph Goldman, a security industry veteran and lead writer for the Lock Blog, tells CIO that wireless communication technology is now enabling businesses to deploy “smart locks” that can let firms add barriers to doors and unlock the doors remotely via wireless protocols.
