Sometimes the line between cyber security and physical security when you're doing business on the internet isn't clear. It's increasingly harder to separate the two. Review how technology and the physical assets of your business are intertwined, and what you need to do to protect it all. It's not be as simple as a good lock or security system.
Threats Lurk in New Places and Ways
Before businesses took new form on the web, security had a literal meaning - locks, security alarms detecting intruders, and procedures to limit and detect losses, such as inventory and accounting. Technology brings new intangible and tangible assets to safeguard. If you don't cover all bases, physical losses could come from places and in ways you didn't expect.
Safeguarding Your Electronic Gear
Electronic and computer equipment is a physical asset you need to protect. Threats could come from a direct or indirect source. Equipment could be more susceptible to physical threats, such as temperature extremes, water or fire. Theft is a concern, too. Instead of machinery attached to your building, your new equipment is probably much more portable. Think of untethered laptops, or easily moved computer components. Value comes in small packages.
Protection is needed against more subtle threats, too. The force causing a loss to computer equipment might be electronic - computer worms are a good example. If your security measures don't stop this malware, it can invade your computer systems causing data or performance loss.
Computer Failure and Physical Effects
Automation and using computer technology to lighten the load in the physical world is everywhere. Automated routine tasks, such as climate control, precision tools in manufacturing and distribution are a few examples. Think about the effects on your physical assets if technology fails. Let's say the heating system breaks down. Without a plan, could your office, factory or inventory be at risk? Would your business be shut down due to damage?
Technology used to create products or deliver services can fail and cause losses. A computer-related error could cause defects in a product or service. Food, medicine or consumer product defects could mean product liability lawsuits, or costly recalls. Services could be impacted. Computer error could mean loss of materials, labor or damages if there's an error in providing service.
Controlling access is also part of protecting physical assets. Employee access rights need to be tailored to the need, and updated regularly. Employees could cause damage to equipment, or corrupt or access protected data. Control access for others, such as those providing services to your business, such as cleaning crews.
Be aware of laws requiring security for sensitive and personal data or "non-public information." For example, the Gramm-Leach-Bliley Act and related guidelines requires security in keeping and destroying records. Access and disposal of data and records in a secure way is required. The law and rules apply to an array of finance and insurance businesses, including tax preparers.
Changes in the way and where business is done mean changes in threats to physical assets, reducing risks and preventing losses. Review your needs and protect your business.
Questions for Your Attorney
- Does my duty to provide security for physical assets depend on the size of my business? Does my small business have the same duty as big company?
- If employees sabotaged my computers, machinery or products, would my business be liable if others were harmed, such as customers?
- Can you help me review my insurance coverage to make sure my business has what it needs?