← Return to Blog

8 Sep, 2023

Information Security Brief - September 2023

Unlocked and Unsecured

The Importance of Physical Technology Security

Financial institutions manage vital assets and information for their communities. An essential role of a financial institution is to protect its customers' private information,  monetary and physical assets. You wouldn't leave the cash register open and unattended while on lunch, and you especially wouldn't leave the vault and safe deposit boxes unlocked and unattended. As important, do not leave your computer unlocked while you are away. Physical technology security is the first level of defense and the most vulnerable layer. Many physical technology security attacks often prey on the hustle and bustle of your work day, convenience, and curiosity.

Simple Tips to Keep Data Physically Secured

Main types of physical security-related behavior [1]:

  • See Something, Say Something
    • Keep an eye out for suspicious equipment around the office and connected to your institution’s systems.
  • USB Practices
    • Do not connect unknown USB devices to your computers. This is one of the simplest and easiest ways for attackers to access your data. Many organizations choose to restrict USB access, a great practice, but users need to be conscious.
    • USB drives can be a quick and easy way to transfer information from one system to another or even for traveling, but they can be lost even easier.
  • Locking Workstations
    • Implement the same practices with a cash register; if you are out of view of your computer – lock it. Your workstation possesses more data and financial access than ever before.
  • Passwords
    • Do not let convenience overshadow security in regards to passwords. Ensure you do not share passwords with others and avoid keeping any physical copies of your passwords.

The Federal Trade Commission published tips and guidance, including some items shared in this article, focusing on protecting digital and physical assets. They have also created materials that can be shared with your customers to ensure they keep physical security in mind. Federal Trade Commission: FTC Physical Security PDF.

--

[1] Moody et al. (2018) "Toward a Unified Model of Information Security Policy Compliance"

← Return to Blog

Disclaimer

This publication attempts to provide timely and accurate information concerning the subjects discussed. It is furnished with the understanding that it does not provide legal or other professional services. If legal or other expert assistance is required, the services of a qualified professional should be obtained.

Related Posts

Information Security Brief - January 2024

New Year. New Speed. New Risk. As technology continues to advance in our personal and work lives, technology plays an in...

Read more

Information Security Brief - December 2023

Holiday Tips: Keeping Digital Shopping Merry and Bright As we head into the busy shopping season for our loved ones, bel...

Read more

CEO Update - Q4 2023

Most financial institution CEOs do not believe their institution uses Artificial Intelligence. Their employees know diff...

Read more