Most conversations about cybersecurity focus entirely on the digital realm. That makes sense. Most cyberattacks are carried out through the Internet. At the same time, neglecting physical security is something you do at your own risk. The most robust firewall in the world means little if anyone can simply walk into your server room.
You know exactly what’s happening on your network at any given time. You have the best firewall and antimalware system. You have file-centric security that keeps you in control of data even as it’s shared, and extensive backups that allow you to recover easily from even the most devastating ransomware attack.
That’s all well and good, but how is your physical infrastructure protected? Physical security is every bit as important as digital security. In some cases, it’s even required for regulatory compliance.
That’s an easy thing to forget, especially in an era where everything is connected to the Internet. In order to truly maintain a good security posture, you can’t just protect yourself in the digital realm. You also need to implement the necessary physical safeguards.
Let’s go over a few of the most critical ones.
Do you have a means of controlling access to your facility, or can anyone just stroll in without much difficulty? Particularly if you’re housing critical infrastructure or storing sensitive information on-site, you need to harden your physical perimeter. To start with, that means restricting the number of ways people can enter your site.
From there, it’s up to you how extreme you want to get. Obviously, you’re going to want to lock your windows and doors at night. You might also consider requiring keycards to enter the building, hiring uniformed guards to protect your assets, and shutting down access entirely after a certain time.
Closed Circuit Television
Video surveillance is a good “next step” to establishing a more secure perimeter. Locks, guards, and doors aren’t always going to deter criminals, after all. That’s especially true if the criminal is a malicious insider who may already have access to the building.
By installing a CCTV network, you can not only give your guards visibility into the areas you need to protect, but you can also respond to and mitigate criminal activity onsite.
A Secure Server Room
You shouldn’t just control access to the overall premises. You should also tightly guard the rooms in which your servers and backups are stored. Guard the physical hardware just as you’d control digital access to sensitive data.
That means restricting entry into the server rooms to a few select individuals, and consistently monitoring the comings and goings of those staff that do have access.
We’ve lost count of the number of times we’ve seen businesses suffer a data breach or a leak because they had no way of wiping a lost or stolen device. Device and endpoint management should be a baseline for cybersecurity – yet many organizations still neglect it.
You need an endpoint management solution that grants you visibility into the laptops, smartphones, and tablets within your organization. More importantly, that solution needs to have a way of wiping a device in the event that it’s compromised.
Air-Gapped WiFi Networks
Thanks to the proliferation of consumer Internet of Things devices within the enterprise, there have never been more routes by which a criminal might gain entry into your network. For that reason, it’s essential that you establish a password-protected, encrypted guest WiFi network completely isolated from your enterprise network.
Make sure that you also change the default credentials for any connected appliances like coffee machines and refrigerators.