With 2020 well underway, data breach prevention remains a pressing concern for all kinds of organizations worldwide. Hackers continue their efforts to infiltrate IT environments and access private data: In 2019, the total number of reported data breaches increased by 17 percent compared to the previous year, according to the 2019 End-of-Year Data Breach Report from the Identity Theft Resource Center.
To lower the risk of malicious actors breaching your IT environment, it’s essential to have various layers of advanced cybersecurity solutions and services in place – such as next-generation firewalls, network and endpoint Managed Detection and Response (MDR), anti-malware and anti-virus software, and so on. However, virtual safeguards alone aren’t enough to achieve the best possible security posture. You also need to implement something that a fair number of organizations overlook: Physical security solutions.
Although many still think of them as separate departments, cyber and physical security intersect and must be integrated to keep your company’s data breach risk level as low as possible. Even if you have everything locked down in cyberspace, you could still suffer a breach if a malicious actor sneaks in through an open door in the “real,” offline world.
If your IT and physical security strategies aren’t already linked, here’s why you should do so as soon as possible and what specific solutions you might want to consider implementing and maintaining to protect all aspects of your professional environment.
How Physical Security Affects Cybersecurity
While most cybercrimes involve malicious actors looking for virtual ways to sneak in, some incidents involve actual break-ins and theft. Verizon’s 2019 Data Breach Investigations Report (DBIR) states that physical actions (theft or loss) factor into 4 percent of breaches. Additionally, the DBIR notes that the most commonly stolen or lost assets are laptops and paper documents, and these items are most often stolen from a victim’s workspace or an employee’s vehicle.
The proliferation of mobile devices like smartphones and tablets in modern workplaces has made it more important than ever for companies to proactively work to thwart theft, sabotage and vandalism, according to research from the SANS Institute.
Device encryption can reduce the risk of a breach resulting from a lost or stolen laptop or phone with sensitive data on it. However, it’s ideal to simply stop the crime from occurring in the first place with physical security measures.
In addition to stolen devices, an improperly protected physical space could also lead to the following kinds of incidents:
- An unauthorized person entering your facilities and copying private data from workstations/devices.
- Someone with malicious intent uploading malware to your network/IT environment using a USB drive.
Ultimately, cybersecurity “depends greatly on physical security,” writes John Carney, senior technical manager with Cisco Government and Security Solutions, in his white paper, “Why Integrate Physical and Logical Security?”
“Attackers who can gain physical access to a computer can almost always take advantage of that access to further their efforts,” Carney states. “Merely getting access to a physical terminal where a memory device can be plugged in is usually sufficient.”
Physical Security Measures for Your Business
There are various physical security solutions your business can put in place to stop unauthorized individuals from getting anywhere near your IT infrastructure, devices and data. Some common protective measures include the following:
- ID badges for employees
- Perimeter fences
- Surveillance cameras
- Security guards
- Motion detection systems
- RFID tags
- Alarms/intrusion detection tools
- Creation of restricted access areas that require key fobs to enter
If you’d like to learn more about physical security, its connection to cybersecurity, and how you can achieve the highest possible level of protection for your business, the Stratosphere Networks team would be happy to answer any questions you might have and provide you with information about your options for safeguarding your organization. We maintain a state-of-the-art Security Operations Center (SOC) staffed with analysts who will gladly assist you. Connect with us today by calling 877-599-3999 or emailing firstname.lastname@example.org.