While many organizations are beginning to be alert to the cyber dangers postured by malware and phishing, physical safety mustn’t be deserted. Without suitable defence measures, the organization is left susceptible to physical hazards. Some physical threats include first theft of documents; offices are likely to have documents and papers lying around various places, from printer stations to desks (Schneier, 2015). Vital and sensitive papers and documents can probably be unaccounted for and land to the wrong persons. Even if these documents and paper are not taken from the place, a visitor might see the data that holds some sensitive business information. The second threat is tailgating; tailgating means when an unapproved individual tails an approved individual into a protected place.
Another threat is the threat caused by unaccounted visitors. Suppose the organization has no means of knowing who was on the organization premises at a particular time. In that case, it is very challenging for the organization to have excellent physical security. Unaccounted visitors create significant risk because they will not establish who was present if anything happens.
Physical Security Strategies
Strategy 1- Using Rack-Mount Servers in the organization (Kralicek, 2016).
Strategy 2- Guard the portables such as laptops
Strategy 1- Perimeter Intrusion Detection Systems (PIDS)
Strategy 2- Security staff
Strategy 1- CCTV
Strategy 2- access control
Network Security Strategies
Network Perimeter Strategy
Strengthen organizations network like a fortress; for the organization to sustain integrity, availability, and confidentiality of its network, it should implement a strategy referred to as defence-in-depth (Fink et al., 2017). Bolt it down with DMZ is another strategy that the organization can use. Demilitarized Zone in-network is a defence place that splits organizations trusted internet from untrusted internet.
External and internal network traffic security strategy
Network security tools
Policy Recommendation 1- Information Security Policy
Policy Recommendation 2- Incident Response Policy
Fink, G. A., Edgar, T. W., Rice, T. R., MacDonald, D. G., & Crawford, C. E. (2017). Security and privacy in cyber-physical systems. In Cyber-physical systems (pp. 129-141). Academic Press.
Kralicek, E. (2016). Server Hardware Strategy. In The Accidental SysAdmin Handbook (pp. 109-119). Apress, Berkeley, CA.
Schneier, B. (2015). Secrets and lies: digital security in a networked world. John Wiley & Sons.