Why Physical Security Should Be as Important as Cybersecurity
Many businesses spend vast amounts of time and money — and rightly so —focused on firewalls and encryption software to protect their IT systems and data. However, physical security is often overlooked in the debate over cybersecurity. It can be just as crucial, though, especially for small businesses that do not have as many resources as larger firms to devote to security personnel and tools.
Physical security helps companies protect assets, including IT infrastructure and servers, that make their businesses run and that store sensitive and critical data. Physical security encompasses measures and tools like gates, alarms and video surveillance cameras, but also includes another central element: an organization’s personnel. Crucially, business and IT leaders need to foster a culture of security in addition to investing in technology to protect the organization, according to security experts.
In addition to having a staff member in a building’s lobby monitoring who gets access to a company’s offices, security technology expert Robert Covington, the founder and president of togoCIO, writes in Computerworld that “systems requiring a proximity card for entry are now quite common, and with good reason.”
Such systems are important and should be used more than they are, he says, because they “provide tight granularity of access control for individual doors and a detailed audit trail.”
Monitor Your Systems and Space
Covington notes that video surveillance cameras “are very inexpensive today, and yet they can do double duty, not only detecting possible threats in progress, but allowing for forensic review of incidents. What a bargain!”
Surprisingly, he says, few companies use them — and many that do ignore them. “Cameras should be installed at all entry points to a facility, and in key areas such as data centers and telecom closets,” he says. “The video should be recorded and retained, with a live monitor placed on the desk of someone who can keep an eye on it.”
Getting Alerts with Alarms
Despite all of these measures, intrusion detection systems and alarms are also key elements of physical security. “Monitored alarms will help to drive away intruders – and ensure that staff or the police will be on their way if the alarm persists,” SmallBusiness.co.uk notes. “Consult a registered alarm specialist to find, install and maintain the ideal system for you.”
Covington notes that many small offices often share a common wall with other tenants in multitenant buildings. “You don't have to watch many home improvement shows to realize just how easy it is to get through drywall,” he says. “You need an intrusion system, and you need one supporting unique codes for each individual for audit trail purposes.”
Focus on the Server Room
For many small businesses, their data center is a server or rack of servers in a closet or small room. Guarding and monitoring access to that physical space is essential to maintaining data security — and potentially the operations of the business if the servers are tampered with or destroyed.
by Phil Goldstein (reference BizTech)
Optimistic
7 年Leave your thoughts here…A BIG agree on a well said security importance emphasis. We cannot deny both Physical and Cyber Security are crucial for the growth of the company. Security in general are the main focused how the Business can maintain secured for their growth.
Associate Director- Security & EHS Audit Compliance- Real Estate
7 年This is True, do not settle in just what you have, check, monitor and test.
CEO at DIRAK, Inc. | Pioneering. Precise. Personal. | Loudoun 40 under 40
7 年Physical security and cyber security are just common ways to divide the same thing--security. I think one major issue with the difference between physical and cyber security is that they often times have a slightly different focus. Physical security tends to be focused on people and cyber security tends to be focused on data. A well designed security program has to focus on both. When an organization views physical and cyber security as a team, rather than conflicting, they can create an excellent security posture. Even better when they are able to integrate their business operations into the mix and run a more secure and more efficient company. If you're interested in the mix of cyber and physical security in a data center, I'd like to recommend an article written by Aldon Blackwood, CPM in the Spring 2015 edition of Electronic Protection magazine (featured on the cover), "Bridging the Technology Gap: The importance of physical and cyber security within the data center" https://www.nxtbook.com/nxtbooks/webcom/ep_2015spring/index.php#/16
Security Consultant
7 年I am not sure that physical security isn't as important as cyber security, as cyber has a lot of dependencies on the other. In addition cyber is probably not the only threat that is faced and if a business is so blinded by cyber then its risk management process probably isn't working correctly. I do think however that there is a need for physical security to get on the front foot, with perhaps the document at the link below setting out why. https://redleafconsultancy.co.uk/merging-cyber-and-physical-security/
Senior Security Investigator, EMEA, at IBM
7 年Indeed !