Business owners are responsible for the security of their employees, the physical property where the business is located, any products or inventory on premises, and intellectual property: designs or data stored on the company’s computer network. Anyone with physical or electronic access can pose a threat to security. Here are several practices and policy areas that a business owner can address to create a more secure workplace.
- Prevent non-employees from entering the workplace without passing through a security checkpoint, or showing identification.
- Set up surveillance, to keep track who enters and leaves the premises or unlocks doors.
- Determine if employee work schedules and contact information are easily accessible.
- Ensure that any parking area and the walkway to the nearest public transportation have adequate lighting.
- Identify any areas of the work environment (both inside and out) where employees are isolated or may be alone for periods of time.
- Determine if there are any safety issues for particular workers who have work responsibilities outside of the formal workplace.
- Set up specific safety procedures for domestic and sexual violence and stalking. These procedures should address crimes occurring on business property, including provisions covering customers, contractors, and non-employees.
- Make sure that the server room is locked whenever it is unoccupied. Physical access to servers could provide an opportunity for serious damage to your network infrastructure.
○ Ensure that your most vulnerable network devices are locked in this room.
○ Use rack mounted servers, which are easier to secure into closed racks that can be bolted to the floor.
○ Ensure that backups devices are secure. Many IT administrators keep backups in the server room; ideally they should be kept off-site.
- Make sure that computers that are connected to the corporate network are secured, especially computers in places such as receptionist areas and unoccupied desks and offices. Smart cards and biometric readers make it more difficult for unauthorized persons to log in. Ensure that all servers and workstations have case locks, to prevent intruders from accessing the hard drives.
- Ensure that laptops and portable devices are secured. These devices are easily stolen.
- Consider disabling the use of external flash or thumb drives. Software solutions to disallow the use of external drives are available, and some organizations even decide to fill USB ports with glue to permanently prevent use.
- Secure your printers.
○ Printers sometimes store recent documents in their own on-board memories which can be accessed if the printer is stolen.
○ It is also helpful to enforce a of shredding any extra copies of discarded documents.
Taking these measures creates a more secure workplace, for employees, property, and data. For help implementing physical safety and security solutions, remember to contact BLI.