How to Bolster Data, Physical Security to Make Threats Go Elsewhere - Page 2

Download the authoritative guide: The Ultimate Guide to IT Security Vendors

Less obvious, but perhaps more likely are threats that have little to do with your company's business. For example, if you have a company with 50 knowledge workers in the office, that's 50 workers, each with a computer, perhaps two.

That's a tempting target for someone who might park their van outside a side door and send an accomplice in to steal every computer in sight. It won't matter that your critical company information is on those computers because they're not after that. The thieves just want to sell the hardware for a quick fix.

The answer to these concerns is what security experts call "security in depth," or "defense in depth." Here's an example of how that may work, according to one of the top physical security experts in the United States (who unfortunately can't be quoted). Let's say you have that server in a room down the hall that I mentioned previously. And let's assume you have a side door or a loading dock for deliveries.

First, you put a solid door on the room that holds the server. Then you install a lock on the door that requires a pass code to enter. You also include an alarm that sounds if the door is opened without the pass code. That alarm also sounds if someone enters the wrong code more than twice.

Meanwhile, the side door or the door to the loading dock are also equipped with secure locks and they have alarms that go off if someone forces the door, enters the wrong code, or if the door is propped open longer than a set time. Those alarms connect to your security control center, but if nothing happens, then they automatically roll over to the police department.

Out front you still need to have a sleek, trendy reception area with comfortable chairs and a receptionist. The receptionist isn't an entry-level employee trained to smile, but rather an armed security guard who controls the locks in doors that lead farther into the building, and yes, those doors are also alarmed. Unless someone shows the right ID, or gets past the badge reader, they can't go in.

Here is the basic idea: While you can't prevent someone who is truly determined from entering, what you can do is make it inconvenient. If they decide to break into your building anyway, it will take them long enough that the local law enforcement agencies can be summoned. Meanwhile, most normal criminals will go to the office down the street that didn't take such precautions.

Here's what you don't do: You don't replace the receptionist/security guard with a phone on the desk where someone can just be buzzed in. You don't put a phone near the loading dock or the side door, either. If people who want in can't satisfy the security requirements, then they don't get in.

It pains me to say this, but a locked door and a security guard might well have prevented or discouraged the most recent terrorist attacks, and they certainly would have discouraged or prevented any number of low-level thefts that happen in every big city office building almost all the time. Yes, it's sad to wish ill on your neighbors, but it's also important to keep bad things from happening to yourself.

Wayne Rash

Wayne Rash

Wayne Rash is a freelance writer and editor with a 35 year history covering technology. He’s a frequent speaker on business, technology issues and enterprise computing. He covers Washington and...