← Return to Blog

8 Sep, 2023

Information Security Brief - September 2023

Unlocked and Unsecured

The Importance of Physical Technology Security

Financial institutions manage vital assets and information for their communities. An essential role of a financial institution is to protect its customers' private information,  monetary and physical assets. You wouldn't leave the cash register open and unattended while on lunch, and you especially wouldn't leave the vault and safe deposit boxes unlocked and unattended. As important, do not leave your computer unlocked while you are away. Physical technology security is the first level of defense and the most vulnerable layer. Many physical technology security attacks often prey on the hustle and bustle of your work day, convenience, and curiosity.

Simple Tips to Keep Data Physically Secured

Main types of physical security-related behavior [1]:

  • See Something, Say Something
    • Keep an eye out for suspicious equipment around the office and connected to your institution’s systems.
  • USB Practices
    • Do not connect unknown USB devices to your computers. This is one of the simplest and easiest ways for attackers to access your data. Many organizations choose to restrict USB access, a great practice, but users need to be conscious.
    • USB drives can be a quick and easy way to transfer information from one system to another or even for traveling, but they can be lost even easier.
  • Locking Workstations
    • Implement the same practices with a cash register; if you are out of view of your computer – lock it. Your workstation possesses more data and financial access than ever before.
  • Passwords
    • Do not let convenience overshadow security in regards to passwords. Ensure you do not share passwords with others and avoid keeping any physical copies of your passwords.

The Federal Trade Commission published tips and guidance, including some items shared in this article, focusing on protecting digital and physical assets. They have also created materials that can be shared with your customers to ensure they keep physical security in mind. Federal Trade Commission: FTC Physical Security PDF.

--

[1] Moody et al. (2018) "Toward a Unified Model of Information Security Policy Compliance"

← Return to Blog

Disclaimer

This publication attempts to provide timely and accurate information concerning the subjects discussed. It is furnished with the understanding that it does not provide legal or other professional services. If legal or other expert assistance is required, the services of a qualified professional should be obtained.

Related Posts

Information Security Brief - June 2024

Vacation Mode: Tips for you and your customers Whether you're headed to the beach or mountains, traveling by car or plan...

Read more

Information Security Brief - May 2024

AI: Who, What, When, Where and Why Technology is ever-evolving. If you have been on any social media or news outlets, yo...

Read more

CEO Update - Q2 2024

Apps For Transcribing Meetings May Seem Helpful, But They Come With Undesirable Consequences. Apps and devices that list...

Read more