Almost every employee in the company is submitting a time-off request as the summer heat kicks into high gear. While workers’ minds are focused on their getaway plans, it is important to spend the time before the mass exodus begins to address the physical and cybersecurity measures needed to protect the company against data breaches, theft, and vandalism during the lazy, hazy days of summer.
It just takes just one incident to ruin your day when you come back from a relaxing summer vacation to learn a security breach is running rampart in your absence. The best time to revise routines or implement best practices is before summer vacation schedules get crazy. Make sure precautions and procedures are communicated in a solid plan to protect physical and data assets from both employees and outsiders.
Here are some tips to follow that will keep IT and physical security on track:
- Start with an inspection and evaluation of the current physical and cyber environment and procedures to determine what measures are effective or need to change.
- Security system procedures—Go over which employees are responsible for arming and disarming the system each day and who has been given an access code. Make sure the access code is changed when an employee leaves the company. Check that the security system is operating properly and includes redundant communications and back-up battery in the event of a power failure or if the phone line goes dead.
- Access control procedures—Review the current procedure for distributing keys or specialized credentials. Check all locks and replace locks that are not working properly. Install high-security readers on doors that lead to expensive equipment or areas where sensitive information is stored. With fewer people present this time of year, consider keeping the lobby door locked at all times. Take into account janitors and delivery persons to make sure they are given access at the proper times.
- Video surveillance procedures—IP surveillance cameras allow for remote viewing of the outside and inside of the building 24/7 from any mobile device or laptop where an internet connection is present. They provide quality video images in the event of an investigation.
- Monitoring procedures—In addition to installing a security system and surveillance cameras, it’s important to monitor a business around the clock for immediate response to a breach or theft.
- Communication system procedures—Establish a communication and response policy in case of an emergency situation.
- Cybersecurity procedures—Keep a documented inventory of devices. Instruct employees that whether they are in the office, a hotel, or some other public place to always be aware of where devices are at all times. Don’t leave a device unguarded, even for 1 minute. Keep your eye on your laptop as you go through airport security. Keep passwords somewhere other than on the device or case it’s stored in. Check out and review passwords and any suspicious activity on all well-traveled devices that access the company network (laptops, mobile phones, tablets, etc.) after employees return to work at the end of summer.
- Training—This is an ideal time to conduct an employee training to update workers on the latest threats and the proper application of policies and procedures.
Distribute a security procedure document to all employees. It’s important to have these policies and plans on paper. During the pre-summer-vacation security meeting, clarify any questions employees may have.