中文网站
  Advanced Search
Read the latest Blogs from IT professionals in the field. Read and write community created documents. Need IT help? Ask our staff. Connect with your peers. Check our Tech Shop for posters, books and software tools. Home
HomeInformation, Computer and Network SecurityPolicies and OperationsProtecting PERSONAL INFORMATION - A Guide for Business 3. Lock it - Protect the information that you keep

Protect the information that you keep - Physical Security

Many data compromises happen the old-fashioned way - through lost or stolen paper documents. Often, the best defense is a locked door or an alert employee.

  • Store paper documents or files, as well as CDs, floppy disks, zip drives,tapes, and backups containing personally identifiable information in a locked room or in a locked file cabinet. Limit access to employees with a legitimate business need. Control who has a key, and the number of keys.
  • Require that files containing personally identifiable information be kept in locked file cabinets except when an employee is working on the file. Remind employees not to leave sensitive papers out on their desks when they are away from their workstations.
  • Require employees to put files away, log off their computers, and lock their file cabinets and office doors at the end of the day.
  • Implement appropriate access controls for your building. Tell employees what to do and whom to call if they see an unfamiliar person on the premises.
  • If you maintain offsite storage facilities, limit employee access to those with a legitimate business need. Know if and when someone accesses the storage site.
  • If you ship sensitive information using outside carriers or contractors, encrypt the information and keep an inventory of the information being shipped. Also use an overnight shipping service that will allow you to track the delivery of your information.
‹ 3. Lock it - Protect the information that you keepupProtect the information that you keep - Electronic Security ›