Securitythreats, both physical and virtual, will be at the forefront of most CIOs’ IT strategies. But there are some basic guidelines you and your colleagues can follow in order to keep your data and systems intact.
1. Work with the facilities team
Join forces with the facilities department to establish a unified physical access and IT security policy. Traditionally, physical and IT security departments have been kept separate, but as risks continue to increase, combing IT and physical security strategies for enhanced security is on the rise. Leveraging the efforts of physical and logical security departments allows an organisation to lessen security risks while saving time and money. Avoid attempting to merge the two departments’ initiatives entirely: structured collaboration is the key to success, whereas forcing these disciplines into one security bucket can be problematic.
2. Avoid general or vague policies
Be sure to create detailed guidelines in your physical and data security policy. Technology alone cannot take the place of strict, clearly communicated organisational security policies, and technology can help to enforce a clearly outlined and unified policy. Whether a company employs three people or 3000, there are important policy questions management must address to first establish a physical and data security policy that addresses theft and data security breaches. For example, does a temporary employee require the same level of access as an executive? What is the security protocol for lost badges? What are the consequences of non-compliance to corporate security policies?
Of course, these policies must be effectively communicated and mandated across the organisation and a plan should be put in place for managing non-compliance. Then the key is to determine how physical access control and data security technologies should be deployed in line with those security policies.
3. Leverage existing physical security investment to increase productivity
Consider deploying multi-technology cards and readers to leverage existing physical security investment.
To reap the full benefits of a converged security solution, organisations should start by leveraging their existing physical access-control infrastructure, allowing enhanced physical access and additional layers of data security to be integrated into a single smartcard. Extending the use of smartcards can help to not only increase the security but increase security while increasing productivity for employees too. With a secure printing application employees are able to send print jobs to public office printers but will not need to worry about collecting the documents immediately as print jobs are only released upon smartcard presentation. Such applications on one hand ensure greater security and increased confidentiality and on the other hand allow print jobs to be reviewed again and cancelled before actually being printed off, reducing the amount of waste and cost significantly.
4. Get the most out of smartcards
Think about convergence with other applications. If a credential is used for more than buildings access, for example if it contains money for the canteen, gives access to the on-site gym and is integrated with the time and attendance system, employees are likely to not only use their badge more but also look after it better. The value associated with the badge for an employee increases with the number of applications that are linked to it and dependent on it.
5. Remember your mobile workforce
An increase in the number of employees who work from home or travel has meant that the need to secure remote access has become a common requirement for employers globally. Organisations need to support their mobile workforce, not only to ensure network and data security is guaranteed across multiple locations, but by meeting the challenge to maintain convenience and ease of connection for employees.
By using a multi-authentication smartcard, organisations are able to converge physical and logical security in a convenient, cost-effective and secure way. A smartcard, together with a reader and password or PIN, is used to gain access to networks securely. Smartcards add an additional layer of security and as most organisations are already familiar with using smartcards for physical access, they can now easily extend their security to provide logical access for their employees globally.
6.Protect your printers
You might not think that printers pose a security risk, but sensitive hard-copy information is often readily printed and scanned, posing a potential threat if access to scanned documents and retrieved print jobs is not controlled. Secure printing and scanning using smartcards allows a user to send a print job to a printer that has a contactless reader embedded within. Print and scan jobs are released only when the appropriate card is presented to the printer. Considering the evolving requirements around compliance, this solution ensures the right information is delivered to authorised personnel only.
7. Track and audit for increased security
For converged physical access control systems and logical access control systems, “geographic” monitoring is available. If a person has just come in through a door at a site in Buffalo, but is trying to log into his computer in Denver, then obviously there is a problem.
Another benefit in converged systems is to not allow a person to log onto his computer if he hasn’t used his card at a perimeter reader. This simple concept will get people to change their behaviour and not tailgate when they are denied access during the computer log-on process.
About the author
Tony Ball is senior VP in the identity and access management division of HID Global