← Return to Blog

8 Sep, 2023

Information Security Brief - September 2023

Unlocked and Unsecured

The Importance of Physical Technology Security

Financial institutions manage vital assets and information for their communities. An essential role of a financial institution is to protect its customers' private information,  monetary and physical assets. You wouldn't leave the cash register open and unattended while on lunch, and you especially wouldn't leave the vault and safe deposit boxes unlocked and unattended. As important, do not leave your computer unlocked while you are away. Physical technology security is the first level of defense and the most vulnerable layer. Many physical technology security attacks often prey on the hustle and bustle of your work day, convenience, and curiosity.

Simple Tips to Keep Data Physically Secured

Main types of physical security-related behavior [1]:

  • See Something, Say Something
    • Keep an eye out for suspicious equipment around the office and connected to your institution’s systems.
  • USB Practices
    • Do not connect unknown USB devices to your computers. This is one of the simplest and easiest ways for attackers to access your data. Many organizations choose to restrict USB access, a great practice, but users need to be conscious.
    • USB drives can be a quick and easy way to transfer information from one system to another or even for traveling, but they can be lost even easier.
  • Locking Workstations
    • Implement the same practices with a cash register; if you are out of view of your computer – lock it. Your workstation possesses more data and financial access than ever before.
  • Passwords
    • Do not let convenience overshadow security in regards to passwords. Ensure you do not share passwords with others and avoid keeping any physical copies of your passwords.

The Federal Trade Commission published tips and guidance, including some items shared in this article, focusing on protecting digital and physical assets. They have also created materials that can be shared with your customers to ensure they keep physical security in mind. Federal Trade Commission: FTC Physical Security PDF.

--

[1] Moody et al. (2018) "Toward a Unified Model of Information Security Policy Compliance"

← Return to Blog

Disclaimer

This publication attempts to provide timely and accurate information concerning the subjects discussed. It is furnished with the understanding that it does not provide legal or other professional services. If legal or other expert assistance is required, the services of a qualified professional should be obtained.

Related Posts

Information Security Brief - December 2024

Scammers are delivering phishing messages this holiday season During the holiday season, you might expect to get more de...

Read more

Information Security Brief - November 2024

Don't let scammers get in the way of your holiday shopping. As the holiday season approaches, there are more fake shoppi...

Read more

Information Security Brief - October 2024

Cyber Security Awareness Month In 2004, the President of the United States and Congress declared October Cyber Security ...

Read more