|
Improving Physical Access Security
1. Install Biometric security devices on all pc’s in high traffic areas and on critical systems.
2. Do not allow employees to take zips, floppys, thumbdrives, or CDR’s home without first reviewing the contents of the media.
3. Require that all users use a randomly assigned passwords, preferably with a combination of numbers, capital, and lower case letters. Too often simply looking around someone’s office can reveal the users password. Either they have written it down on piece of paper taped to the bottom of the keyboard or something in the office is the password. i.e. a college football team poster could indicate that their password is Sooners.
4. Place backup media, whether tape, floppy or whatever in a locked area.
5. When employees leave their work area make them log off their computers.
6. Perform an audit of all software installed and remove anything that is not approved. Specifically instant messenger and file swapping software.
7. Never allow temporary employees or vendors to have unrestricted access to equipment.
8. Perform a physical review of all equipment and keep checking that all equipment that is in inventory is actually in the building/storage facility. (You would be amazed how many “old” computers just get up and walk away.)
9. Set specific access times to specific user accounts. Allowing access to the network only during specific hours. Do the same thing to all printers.
10. Question everything. If you don’t understand what Bob from accounting is doing in the sales directory. Ask. Make your employees ask.
|
