Don't Forget Physical Security
Many business executives are concerned about protecting their sensitive data and intellectual property. They ask IT to address threats to these assets by implementing firewalls and anti-virus solutions to protect the organization's electronically stored information. What many executives don't know is that their major risks come from internal threats.
Employees already have a sign-on ID and password to the network. By having this basic information, your staff already has access to resources such as customer data and email. However, the greatest risk may be physical access to IT systems.
By having physical access to data centers, servers, backup tapes, laptop computers, flash drives, etc., employees can inadvertently, or on purpose, damage or destroy sensitive data. Contractors, service providers, and other personnel may also be granted physical access to sensitive data.
Altius IT recommends that a physical security review be performed on a regular basis:
- The first step in the physical security review is an inventory of your assets.
- Then determine who has physical access to the assets.
- Evaluate access and the risk to the organization.
- Make changes as appropriate.
Labels: physical security