National Cybersecurity Awareness Month 2022: Physical Security
National Cybersecurity Awareness Month 2022 provides an opportunity to review a basic yet very important security measure: physical security of our technology and computers. Limiting and preventing physical access to the technology is key to preventing unauthorized access to our computers and data, whether it is personal or university owned. Some offices have barriers, such as doors or counters, that block unwanted access and stop people from wandering into sensitive areas; other offices have more open floor plans allowing people more opportunities to commit acts of cybercrime. The following list outlines a few things you can do to limit physical access to computers and sensitive data.
- One of the easiest ways to limit access is to password protect your computers, devices, and networks. By password protecting your devices, you can stop potential criminals from easily accessing your data while you are away.
- Protect your portable equipment as well by securing them with passcodes or passwords. Also if possible, think about securing them with physical locks. This is especially handy for conference rooms or classrooms where devices can be taken without notice.
- When stepping away from your desk or leaving for the evening be sure to log out or “lock” the computer. If using a Windows PC, press the Windows Key + L to instantly lock the computer, requiring a password when returning to log back in. This has the potential to stop anyone from accessing your data if you need to step away from your desk for a few minutes.
- When the front desk receptionist or greeter is out or they step away from their desk, consider using signage and/or a bell to ring for assistance. If you aren’t one of the lucky offices to have proper barriers for entry, this allows the public the option of signaling for assistance instead of having to walk through the offices to find assistance.
- When your meeting space is being used, consider having a member of the office present during the meeting or close by the meeting room so they know when the meeting has finished. The physical presence minimizes the risk of someone removing equipment from the room.
- Many offices offer computers for public use such as, for example, 4-H members, county fairs, etc. If your office has a computer designated for public use, do not allow sensitive data to be stored on the computer, do not store passwords to websites and confirm the user’s account has limited or guest account, not an administrator account.
- If you wish to have a wireless network for use by the public, enable a separate guest network with limited access and bandwidth. Modern network equipment has this capability built in but needs to be enabled and properly configured.
- Employee Awareness Training can be a huge help for your staff. Think about having discussions regularly regarding the safety of your technology and data. Feel free to loop your Computer Support Specialist in on these discussions for additional ideas or strategies for the office.
By being proactive for physical protection of our technology and devices, we can ensure our devices and data are safe and secure from prying eyes. Contact your Computer Support Specialist if you have questions.
Here are some links for further reading.
Tips for Creating a Strong Password
5 Ways to Be Cyber Secure at Work
Stay Safe Online – National Cybersecuirty Alliance
Cybersecurity & Infrastructure Security Agency