The world of business today relies on IT to function. Everything, from till systems to security products, are linked up and connected to the internet or a local network and with this connectivity comes a higher level of risk. It is becoming increasingly common for IT issues to cause global havoc, such as the incident in 2021 where several social media platforms went offline for many hours. This was caused by a programming bug affecting routine maintenance, disconnecting the servers from the internet. The reason it took so long for everything to get back online, was because engineers had to physically travel to a data centre and gain access in order to manually correct the issue.
What this shows us is that despite the seemingly virtual nature of the internet, physical presence is still required. Many of us use cloud storage for personal and business use, but this doesn’t mean our data is stored completely virtually, it just means it’s stored on hardware owned and operated by a third party. Yes, this means we can access it from anywhere, and we save on the costs of owning and running our own servers, but it removes the level of control we have over the storage of our data, turning it into someone else’s responsibility.
Whether you use cloud storage or have your own servers located in your own building, physical security is still an important consideration. If anyone can access your building from the street and simply walk into the server room and unplug everything (or worse, walk out with your server with all your data on it) you’re going to be faced with a huge problem. It’s not a cyber-attack as we know it, but it will have the same effect in your ability to operate and the trust of your customers.
At the very least your server room should have a physical lock with only nominated key holders allowed to access it. Even better than this basic step is to use an access control system which restricts access to your entire building, not just the server room. This gives you even more oversight as to who accesses the room and when. There have been cases of disgruntled employees tampering with hardware to cause a problem, and access control systems will reveal who was in the room when the issue happened.
If you’re using an access control system you can disable access to certain rooms if you believe an employee poses a threat, or you are about to sack them and this is far more secure than having unrestricted access or a physical key lying around. For very sensitive data storage, fingerprint scanning access control is the way to go, as no-one can steal a colleague’s finger like they could a key fob.
When you’re looking at your IT security from a physical standpoint, consider whether your network is available for people in the vicinity of your building. If hackers can access your network through your Wi-Fi service, they can cause havoc simply by sitting in the car outside your office, merrily conducting a cyber-attack that appears to be coming from inside the building. It is best to use a closed network and set stringent protocols for the devices that can access it.
We recommend using the services of cyber security experts to ensure that your data, whether held on site or in cloud storage, is secure. However, we must stress that you can have the best cyber security systems in place, but still fall victim to a cyber-attack conducted by someone physically accessing your servers and IT infrastructure. Call us to shore up the real-world side of your IT security.