One aspect of computer security that is often overlooked is the physical security of servers, computers and network devices.
If someone can steal a server, then the operation of the company will be severely disrupted. Assuming all data is backed up and recoverable, obtaining suitable hardware and restoring from backup is going to take days at a minimum. Also once the server is stolen breaking into the data can be done at the thief’s leisure, probably by either removing the disks and reading them from another machine or using a password cracker to break in.
The theft of a workstation is more likely, especially a laptop. Company laptops often contain data that might be useful to a competitor or just damaging if it falls into the wrong hands. Handheld devices and smartphones are probably at the most significant risk of theft. These contain email and contacts that can be misused. The loss of customer data would also fall foul of the new GDPR regulations and could result in costly legal action
These are all apparent risks, but there are many more to consider
- Is physical access to IT equipment controlled?
- Are equipment cabinets locked and keys kept securely?
- Are the cases of computers locked against theft of hardware?
- Are machines encrypted? Passwords won’t keep data safe.
- Do machines have disk drives and USB ports where data can be copied?
- Could someone access the wired network with their own laptop?
- Allowing non-company equipment access to the network could introduce a virus.
- Could someone boot a PC using a compact disk, floppy or USB key to access data?
- Is small or lightweight hardware like laptops, computers and printers physically locked down?
- Does the company have a procedure for tracking company hardware and software?
- Can handheld devices be remotely wiped if lost or stolen?
- Rack mounted equipment is more secure than desk mounted.
To physically secure your computer systems
Please use the Contact us page or call us on 01525540041 or 02033271747