Questions? Contact Us

 

Latest News

Featured News & Events

The importance of physical security in protecting your cyber investments

Data breaches have made plenty of headlines the past few years and it's widely known that companies such as Target and Home Depot and government organizations such as the Office of Personnel Management have been hacked.

With these high-profile hacks of prominent companies and organizations comes plenty of information about cybersecurity. But what about physical security of a company's or organization's assets?

Physical security and segmentation in an office are just as critical to protecting a company's or organization's assets and future as cybersecurity. Too often businesses and organization focus on cybersecurity and inadvertently become lax in physical security of assets such as computers, laptops, servers and even printers, along with mobile devices that can contain proprietary information and customer data.

It's imperative for any organization to take physical security into account in the operations.

Physical security for servers

Let's start with the office in general. Employees who have access to any area they want to go are a liability. Physical security and segmentation are very important to restrict access to areas where employees don't need to be.

Take a server or server room, for example. Often a small business has a server, but it might be in an office, underneath a desk, or some other conspicuous and unsecured location. That server contains vital information for a business or organization and can easily be taken or accessed.

Do you leave your purse, wallet, laptop, mobile device and keys to your car, home and office in your unlocked car in the parking lot of where you work or in your driveway so anyone who happens by might be able to take what they want?

It's the same scenario for an unsecured server. We use electronic security in the facility where our servers are stored. We also have a surveillance system to see who has been in the room and when and store that data electronically for a period of time.

We recommend getting your server in a data center that has 24-hour security and mantraps and multi-level identification to thwart someone trying to break in and access it or take it.

The critical component of power

There's another benefit: A steady power supply. For businesses and organizations with servers in closets or under desks, what happens when the power goes out? If there's no backup power source and you go offline, you're done. Which is a big deal, especially the affected server is used to support online sales.

At our data center in northern Virginia, which is located in a geographically safe location, if the power goes out you wouldn't even know it thanks to 10 very powerful generators. If you're inside the facility, you don't know the power has gone out, so in a secure data center with steady power a business can continue selling online even in a storm.

You might think you are saving money by storing your business's or organization's server in an office closet or under a desk. The reality is that if power is affected then your business is detrimentally affected.

There's also the issue of bandwidth, which is also critical to operating a business. Most businesses have only one internet connection. We have 23. Even if half of them go down, nobody notices.

Securing vulnerable devices

When it comes to securing vulnerable devices such as laptops, computers, trade secrets and anything that someone can steal, it's vital to consider physical security. For example, my laptop has a hard drive encryption so if it does get stolen the data on is protected.

Think about a construction business and all of its customer records and invoices stored on a computer. This likely includes personal information about customers, so whoever steals that computer has direct access to the company's information. You've got to make sure that the company computers and laptops are locked up.

At ZZ Servers headquarters, we have electronic door locks to control access to sensitive areas. It's an investment — we're talking about $1,200 per door for what we consider one of the more cost-effective solutions — but well worth it.

If you have sensitive data — and every business and organization does — you've got to know who's going through the door and stop the people who aren't supposed to be.

Securing computers

One last thing. Think about your computers. Businesses and organizations have alarm systems and things like that but they don't have things as simple as secure computer logins. There's no security to get into their computers, even those that have customer-centric type of information.

We understand that small businesses may not have the capital resources to hire a security team or to have someone tell them how to secure their business. Small business owners are busy paying the bills, doing their job and may not be savvy when it comes to IT security.

But having computer logins with passwords that are changed every several months or so is a simple step to securing your business. What about at the end of the day? How secure are your laptops or mobile devices?

These are all things to consider as the owner of a small business or if you're operating an organization. Don't let physical security get lost in the shuffle of operating your business.

For an additional resource on physical security for your business or organization, here's a helpful article: http://www.techrepublic.com/blog/10-things/10-physical-security-measures-every-organization-should-take/

A history of PCI compliance and why there’s a need...
Hosting in a secure environment is necessary for a...

Related Posts

 

Tag Cloud

QSA healthcare solutions amazon ec2 security TLS logical security Disaster Recovery Plan Accountability Act personal information IT solutions Payment Card Industry follow.The HIPAA Privacy Rule computer networks Continuous Monitoring information technology Alarm Security businesses HIPAA solutions recovering data ICANN Positive Customer Impact command line Interworx-CP change Presentation Internet Corporation Cybersecurity Business Solutions Hackers pci complliant hosting IT services Web Hosting Small Business Control Panel eCommerce Solutions motivation Firetalk Las Vegas PCI Data Security Standards Email cybersecurity backup solutions Healthcare Records iphone Business Solutions Health Care Cybersecurity cyber liability insurance Announcement spam email accounts IT Solutions PCI DSS 3.2 Scalable Redundant Cloud Infrastructure openssl cyber security Medical Solutions health care providers smartphone PCI Service Provider Server Mangement PCI Audit activesync Debian assesment mail server HIDS OSSEC eCommerce Windows World Backup Day cyber data privacy SSL Compliance PCI Solutions HIPPA teensy Car Hacking cloud infrastructure VPS Servers dsbl DRP hosting control panel Health Insurance Portability black friday shared secure hosting ipad credit cards stolen DEF CON shared folders spf malicious software social engineering PCI InterWorx business infrastructure anti virus protect data shared server Charleston embedded search apache Information Technology password cyber monday Credit Cards Credit Card Security Business Planning Vulnerability Xen Assigned Names arduino video lamp BSides security circles PCI compliance multi-factor authentication National Cyber Security Awareness Month exchange management CentOs vyatta router firewall filter security PCI HIPAA blackberry Geekend vps Home Depot Breach data protection business solitions cloud business community PCI Compliance Cloud Computing trends INFOSEC cell phone email IT security log files phishing members area computing in the cloud employee training Hosting IT Online Business GDPR Shmoocon vulnerability scanning credit card payment business solutions Linux physical security caller-id kerio Internet dss network sender policy small business compliance cyber monitoring Cybersecurity spoofing PCI Hosting physical Sysadmin HIPAA Solutions cli Ubuntu cyber protection two factor authentication education support Domani Names TiaraCon credit card Zendzian Internet infrastructure HIPAA windows 7 Reports computer security compliant hosting qsa safe computing ZZ Servers phishing attacks data breach intrusion detection bash passwords Medical Records David Zendzian ZZ Servers Co-Founder shared hosting permissions IT Services