With regular headlines about the latest cybercrime attack, the physical security of IT equipment is often overlooked. Your business must of course take precautions to protect the data it contains, but what about the theft of IT equipment in your office, and the devices used by mobile workers?
IT equipment theft is a major issue for business owners. Research by IDC in 2010 revealed that 84% of those businesses interviewed has suffered a laptop theft, with only 3% ever recovering their equipment.
The IDC report concluded: "Organisations today are turning to multiple levels of security to defend themselves against the potential issues a stolen laptop presents. It is important that organisations maintain policy in line with changes in working practice as well as evolution in technology. A proactive approach to monitoring working practices, technology and subsequent risk is required to ensure adequate protection."
The security of your IT equipment begins with the environment within which the devices will be used. Small businesses today will use an array of IT equipment and may even have small server rooms. The theft of actual servers has been on the increase as in some cases, it is easier to steal the server itself and retrieve the data that is wanted later.
Perform a security audit of your office space. Security doors should be fitted to prevent unauthorised access. Server rooms should have their own security access regime. The equipment your business has in its offices should be assessed next. Notebook PCs, desktops, tablets and other mobile devices need to be audited so a detailed security plan can be developed and implemented.
The protection of your business' IT equipment means being diligent with how this equipment is used, and taking all practical measures possible. The insurance service provider More Than offers this advice to prevent the theft of IT equipment:
- Have an inventory system, which requires individuals to sign for a specific laptop, whether for use inside or outside the office.
- Make sure that equipment is not swapped or lent to other staff without proper authority.
- Ensure that arrangements are made to retrieve a laptop when an individual leaves the firm.
- Ensure that all staff is fully aware that theft, whether internal or external, will be reported to the police.
- Consider whether loss by gross negligence should result in disciplinary action, perhaps the imposition of a fine.
- Clearly label or postcode-mark equipment.
- Lock equipment in secure cupboards when not in use or tethered to a secure object.
- Secure meeting rooms when equipment is left unattended.
- Use access control systems to limit access from public areas such as receptions, factories or warehouses to the main office facilities, and encourage staff to challenge unfamiliar visitors
- Reduce the likelihood of street robberies by disguising carrying cases used to transport laptop computers.
- When travelling by car, lock equipment, which is not being used in the boot.
There are a number of security products that your business could invest in to help reduce the instances of theft. Many tether laptops and other devices such as tablet PC to a desk or other fixed object.
Some products to consider for your business include:
These systems are all versatile enough to secure most types of IT equipment your business is likely to use. From smartphones to tablet PCs, taking the time to think about the physical security of these items can avoid costly down time and the potential loss of data if this wasn't backed up.
Developing a physical security policy that complements your digital security policy is now vital for your business to function with the least amount of disruption. And remember to communicate your business' security policy to all members of staff, as a change in habit and attitude towards the devices they use is often at the heart of improving the physical security of these devices.