Security Articles

All Posts

7 Steps for Crisis Management

 

Globally, organizations spend hundreds of billions of dollars every year to protect mission-critical digital investments and protect them from outside cyber threats. Organizations should adopt all of these best practices as they are essential to their success. Despite this, physical security is one element of security often overlooked or undervalued by many organizations. 

 

Physical security is a vital business practice with numerous objectives, including protecting intellectual property and preventing workplace violence. Implementing, improving, and maintaining each component of the organization's physical security program are essential factors in its success. 

TC_SecurityPlan_CTA

Let's go over the 7 steps for crisis management.

1. Establish Physical Security Perimeters 

Providing security at an organization's facilities should include the use of barriers, card-controlled doors, and manned reception desks. This is especially important for areas with sensitive information or for data processing or management systems. A physical access request and approval should always be required before access is granted to data centers or other high-risk areas. Doors and windows of rooms housing information systems should be locked at all times when left unattended. Taking external measures is also an essential part of safety, especially for offices and other locations below ground level. 

2. Implement External and Environmental Threat Protection 

Among other forms of environmental or human-made disasters, every organization should consider protection against damage from fires, floods, earthquakes, explosions, civil unrest, etc. Information systems and employees can be protected by defining such controls. Fire detection and alarm systems should be installed as soon as possible, and suitable fire suppression systems, like sprinklers, should be in place throughout the facilities and inside secure areas with information systems. To detect water leaks or possible flooding, water detection devices should be installed on raised floors as well as in dropped ceilings. Install, maintain, and verify that all master shutoff valves work properly to protect information systems from damage caused by water leaks. 

3. Provide for Safe Equipment Placement and Protection 

Systems and devices containing sensitive information should be kept in secure environments. Equipment should be protected and secured to minimize the risks of environmental threats and hazards. The performance capabilities of supporting utilities will be affected by adding new infrastructure devices, servers, or other systems and tools. An enterprise security professional should evaluate their tools and utilities before installation to ensure any new infrastructure or other hardware devices can be supported. Wireless access points, gateways, network equipment, communications equipment, and telecommunication lines should all have physical access limitations. 

4. Manage Supporting Utilities 

Electricity, natural gas, water supplies, sewage, heating, ventilation, and air conditioning (HVAC) are some of the utilities that must support the various systems and personnel. An electrical supply that meets equipment manufacturer specifications is necessary for these utilities. Uninterruptible power supplies (UPSs) can safely and adequately shut down critical business equipment. It is essential to install emergency lighting and regularly check its operation before a power outage occurs. Data centers and equipment rooms should have emergency power-off switches to allow a rapid power-down in case of an emergency. 

5. Provide Security for Power and Telecommunications Cabling 

Those cables that carry power, data, and telecommunications should be protected against interference, interception, and damage. To reduce the risk of handling errors, enterprise security teams should mark all cables clearly and precisely, so they cannot be accidentally unplugged or moved. Its facilities should control physical access to its information system distribution and transmission lines. To avoid unintentional errors, take the time to label and organize cables properly. By addressing cabling today, countless issues can be avoided tomorrow. 

6. Secure Information Assets While Off-Premises 

Information assets belonging to an organization, such as computers, peripherals, paperwork, reports, software, etc., should never be taken offsite without prior consent. All laptops should be encrypted fully. Regardless of where they are located, information assets belong to an organization. Family members and friends should not be allowed to use these assets. The improper viewing of information by unauthorized audiences poses technical risks and possible risks to the confidentiality of data contained on devices. The staff should take responsibility for all actions performed on or related to the information assets that are assigned to them and should be held accountable for those actions. 

7. Protect Physical Media in Transit 

It is crucial to protect information-containing media from unauthorized access, misuse, and corruption when the media are transported outside of an organization's physical boundaries. Offsite transfers of media should be encrypted. All media that goes outside an organization should be inventoried. Offsite archiving or long-term storage providers should be required to submit an inventory regularly if an organization uses its services. A provider's security controls must also be tested at least annually. 

Robby Coles
Robby Coles
Robby Coles is a born and raised Nashville, TN resident. He has been a marketing content writer for the past 14 years and has recently joined the Thinkcurity team as a Content Marketer. He enjoys writing compelling content that drives engagement. Robby is a wine enthusiast and dog dad that splits his time between Nashville, TN and Vienna, Austria.

Related Posts

7 Operational Improvements You Can Implement Today

Are you looking for ways to make your business more efficient? Are you in need of some quick and simple operational improvements that won't take a lot of time to implement? Below, we'll discuss 7 different ways to improve your business operations with just 10 minutes of effort. 

How to Negotiate Better Physical Security Contracts

Contract negotiations are the least fun aspect of any business development strategy, but it is the most important. Once the details of the deal have been finalized, it is down to putting it all on paper and signing on the dotted line. But this often proves to be the most difficult part of any new client relationship. Both parties are keen to protect themselves, and rightfully so, but how do you negotiate different key points of your contract? What must be included for your safety, and theirs? We’ll dive deeper into the world of physical security contract negotiations.  

How Social Media Has Impacted Physical Security

The increased use of social media over the past decade has had an enormous impact on physical security. Through surveillance, access control systems, and crowd behavior analysis, social media has proven to be an invaluable tool for keeping people safe. In this blog post, we will look at how social media has altered the way physical security is managed and how it can be used to improve safety. By understanding the potential of social media for physical security, organizations can make better decisions about how to protect their assets and personnel.