Protecting Your Business from Internal and External Physical Security Threats

Many business owners and managers often take steps to protect data by installing firewalls, virus protection, and encryption, but what about the threats that can walk in the door? Gaining access to important information (or other valuable assets) does not always involve a computer or a hacker.

Physical security is generally defined as the protection of personnel, software, data, hardware, networks, facilities, and other assets from physical activities that can cause significant damage or loss to an organization. In this article, we will provide ten tips to better control unauthorized physical access rather than remote intrusive access through the network.

1. Reduce Manual Security Procedures

Sign-in sheets, or some variation, relies too much on a human providing oversight and enforcing the procedure. As a rule, any manual procedure is a weak link and could expose the organization to unauthorized access.

2. Invest in Effective Access Control

Robust workplace security should have a foundation of controlling who gets in and who gets out of the facility. This should be beyond simple locks and keys to include access cards or fobs that reliably track ingress and egress.  Access cards are also much more difficult to duplicate than a key, and require a security administrator in most cases to issue and assign them. It is also quicker to revoke access from a central console upon an employee separation event.

3. Analyze and Monitor Regularly

It is not enough to implement an access control system, it must be monitored and analyzed to ensure established policies and procedures are properly enforced, and the intended outcome is realized. Further, once risks are identified they should be reported to management so appropriate action can be taken.

4. Employee Training

Establishing a security mindset with employees is important to protect the facility and allow employees to take control of their safety. Increasing awareness of what is not acceptable, such as allowing anyone to “tailgate” behind them as they enter the building ensures employees have a better understanding of the potential threats they may encounter and the appropriate response to them.

5. Yearly Physical Security Assessments

Technology changes rapidly, so the access control system you implement today might not be effective in a few years. It is a good practice to assess whether the existing system can mitigate immerging threats or has become easier to exploit as new threats evolve.

6. Establish and Implement Strong Policies

Clearly documented, strong policies should be incorporated into employee guidelines that address common problems such as workplace violence, forbidden substance abuse, weapons possession, or bullying and harassment.  Implementing these policies proactively can help to eliminate undesirable behavior in the workplace that can escalate into a serious issue.

7. Look for Inside Threats

With the focus on external threats and unauthorized entry, it is easy to forget to pay attention to the number of incidents that arise from a disgruntled, unstable, or dissatisfied employee. Security administrative personnel should be trained on recognizing any behavior or action that is a risk and encouraged to report it through the proper chain of command. Managers should also investigate further as warranted and leverage resources such as law enforcement, therapists, or risk management experts as appropriate.

8. Be Prepared for Fire Emergencies

Having a facility fire evacuation plan is a great first step, but employees should be aware of where fire extinguishers are, any protective gear such as oxygen masks that are available, and periodic fire drills remain a great training aid in creating a mindset of preparedness.

9. Set up Video Camera Surveillance.

Beyond access control, it is important to have a visual recording of who goes in and out and when as an added layer of security. The combination of access control activity logs and synchronized video is powerful evidence in the event it is needed for disciplinary reasons or to reconstruct a crime scene.

10. Protect Portable Devices

Once an unauthorized person gains sufficient access, they can then obtain possession of laptops, mobile devices, tablets, or other small form factor devices that may contain sensitive, confidential, or valuable information.  An example may be weekend contractors or cleaning staff that are not closely monitored.  It is a good practice to not leave these devices unsecured, but also to ensure they can be tracked and traced through serial numbers or geolocation services. It is also a good practice to set them up with a remote wipe feature or lock if they become missing.

Hopefully these tips are useful and invoke further thought on other ways to increase physical security. As you design any physical security strategy, focus on the who, where, and when with consistent policies and reliable technology. If you need assistance with access control, video camera surveillance, fire alarm systems, mass notification, or other life safety area, Gallaher can custom design a cost-effective system for your business. Contact us at (877) 970-2471 or sales@gallahersafe.com for a free consultation to get started.

###

Gallaher & Associates Inc. is a leading regional life safety low voltage solutions provider servicing all of Tennessee and surrounding states. In business since 1973, Gallaher celebrates over 48 years helping clients complete thousands of successful life safety projects covering fire alarm equipment, monitoring, inspection, and service, camera surveillance, access control, nurse call, intercom, mass notification, intrusion detection, cabling, pro sound, and audio video. Let us put our 450+ years of combined experience to work on your next life safety, security, or communications solution by contacting (877) 970-2471 or sales@gallahersafe.com .