Why it’s Important to Train Staff on Physical Building Security (Not Just Cyber Security)
By: Michael Dunlop
In the age of fighting cyber attacks, it’s all too possible for businesses to get bogged down in the process of protecting digital resources, at the expense of neglecting the security of their physical assets.
It is not enough to provide employees with rigorous training in the best practices for using the IT infrastructure; you also have to bring them up to speed with the security policies and systems that impact your bricks and mortar premises.
Let’s look at how this can be achieved, and why it matters today more than ever.
Image Source: Pixabay
Make sure staff know how to lock doors securely
There is a reason that penetration testing doesn’t just encompass the virtual aspects of an organization, but also factors in the possibility for on-site incursions.
If malicious third parties can gain access to your business premises, it could be easier for them to launch cyber attacks, steal hardware, nab sensitive data, and cause all kinds of disruption.
Training employees in the proper use of door locking mechanisms and systems should therefore be a base-level priority for companies of all sizes.
Thankfully with modern solutions, such as a magnetic door lock kit, it is possible to automate the locking of key points of entry, rather than relying on team members to remember to do this themselves. And if you pair these tools with alarm company software, you’ll know exactly where the breach occurred if or when it happens.
Human error is responsible for most breaches, so you simply cannot rely on training alone. Only a combination of adequate education and the best tools for the job will bring you the security results you desire.
Recognize the vulnerability of portable devices
Another point to make about physical building security is that it matters more in part because the hardware has become far more portable. So, if a rogue outsider is able to waltz into your offices unhindered, they could easily stroll out with a laptop, tablet, or smartphone which is a window into your business systems.
Even if you implement a switch to cloud storage, which means that individual devices do not store sensitive data locally on integrated memory, this is still an imperfect answer. Anyone who snatches a device could log into cloud-powered services and wreak havoc in this context.
Thus protecting your buildings from unwanted interlopers is about more than just stopping them from being physically present on-site, but also about training employees to be aware of the threats that the devices they use face wherever they are.
Compliance is possible through repetition and reevaluations
Training staff on physical building security is not something you can do once and expect the lessons to stick indefinitely. Regular reminders about the policies you enforce and the systems you rely on to shield your organization from the threats it faces need to be implemented.
Likewise, you cannot afford to assume that your policies are perfect, or that they will be reliable forever. Reevaluating how well your security processes are faring and making tweaks and improvements if issues are identified is better than assuming everything is fine and only changing things when a breach occurs.
This is doubly important in light of the industry regulations which apply to your business. Aside from the obvious reputational damage and disruption that will come with theft, you could also face the wrath of the authorities for falling short of the security standards they set, which will lead to fines and other punitive measures.
In short, training employees on both the security of physical buildings as well as the role that cyber security plays in the modern age must be the two-pronged strategy all businesses deploy.
1455 Views