Physical security is the protection of your assets, be it people, hardware and software, from actions that could cause damage to an organization. This includes protection of your networks and data as well.
Physical security offers protection against natural and man-made disasters like thieving, robbery, hooliganism and terrorist attacks. Threats to physical security can arise from both internal and external intruders.
Why do you need Physical Security?
Isn’t it better to be cautious now than to regret later?
Physical security being imposed by the organization, be it CCTV, access control, identity card, shredding of confidential documents, encrypting digital data, etc. are to protect the organization’s assets from external and internal attacks.
Core Areas of Physical Security
The first and foremost priority of physical security is the protection of employees, who are an essential asset. This is followed by securing all other facilities of the organization.
The main objective of physical security is to Deter, Detect and Respond. Stopping any unwanted intrusions, identifying the intruders and responding to such threats are the core objectives.
The success of a physical security implementation depends on how the 3 main components such as access control, surveillance and testing are executed. These work together to make your organizaton’s network more secure.
Factors affecting Physical Security in an Organization
- The number of employees
- The number of workplaces and buildings
- Size of the building
- Number of entry and exit points
- Places where sensitive data is located
Physical Security Attack Vectors
- Doors are left open
- Can the doors be broken easily, say made of glass
- Insecure server rooms, say, doors and windows made of glass
- Faulty power supply
- Faulty protection equipment
- Is it easy to gain network access?
Establishing Physical Security at the Workplace
- Keep an asset inventory
- Provide access to areas if and only if required
- Secure all devices and network
- Shred documents before disposal
- Keep the server room locked, limiting access and under surveillance
- Enforce a clean-desk policy
- Back up your critical data and store them in a safe place
- Regularly do a risk assessment of all your assets
- Have clearly defined security policies in place and implement them
- Have clearly defined outsider access procedures
- Enforce door locking
- Establish lockdown and emergency evacuation procedures
- Provide employee training to adhere to security needs and to inform the authorities of any breaches
Physical security is one of the most essential steps in securing an organization. The primary threats to the same are natural calamities, looting and theft. Implementing and enforcing good security guidelines will go a long way in providing the right kind of physical security to an organization.