• Skip to primary navigation
  • Skip to main content
  • Skip to footer
Logo of Agilient Security Consultants, Australia

Agilient Security Consultants Australia

Cybersecurity & Risk Management Specialists

Menu
  • Home
  • Services
      • Cybersecurity
      • Protective Security
      • Business Resilience
      • Building Security Consultants
      • Security Audits
      • Electronic Security
      • Security Consultants
      • CCTV and Security Cameras
      • Duress Alarms
      • Security Risk Assessment Consultants
      • Protection against Vehicles as a Weapon
    • training-1Services
  • Industries
      • Aviation
      • Defence & Defence Industry
      • Government
      • Health & Hospitals
      • Corrections and Detention
      • Maritime
      • Mining, Oil & Gas
      • Public Venues & Events
      • Rail
      • Research and Education Industry
      • Telecommunications
      • Utilities
    • advice-colleagues-communication-newIndustry
  • About
    • About Us
      We are an Australian owned and operated security company specialising in risk, cybersecurity, protective security, crisis and business continuity management services.
    • frequently-asked-questions-smallFAQ’s
    • bg-menu-government-institutionsConsultant Registration
  • Resources
    • The Tribe Resources Library
      The following resources are available for download to members of The Tribe, Agilient's free membership portal. Discover more about The Tribe
    • working-together-newJoin The Tribe
    • hacking-detected-shutterstock_newResources
  • Training
    • Training Courses
      Agilient's extensive experience has led to the development of the following security training modules. Prepare yourself or your staff with these courses ranging from personal & physical security to cyber & information security
    • managers-dealing-customer-agression-agilient-training-newAll Training
    • coach-newCoaching & Mentoring
  • Articles
  • Contact Us
Contact Us

Why Businesses Need to Refocus on Their Physical Security

You are here: Home / General / Why Businesses Need to Refocus on Their Physical Security

In a world where cybersecurity dominates the headlines and conjures up controversy every hour, it is clear to see how other elements of security can be overlooked. Unfortunately, in the age of social engineering, hacking, phishing and so on, physical security is being undermined by its more popular cyber counterpart. However, business must remember that physical security is unequivocally just as important when protecting employees, assets and data. physical security

These days, businesses are focusing more and more on technology-oriented security counter-measures including firewalls, cryptographs, Intrusion Detection Systems (IDS) and overall network security. Whilst getting caught up with the fanfare and alarmism around cybersecurity, physical security has arguably fallen to the wayside, becoming an afterthought despite the fact that a mis-step here can be just as damaging as any hack or breach. Indeed, any amount of cyber protection could easily be rendered useless if an attacker is able to simply gain access to an office and its devices and do as they please.

What Can Happen?

Physical or protective security focuses on protecting personnel, software, hardware, networks and data from physical actions or events that may cause significant loss or damage to an organisation. These tangible threats can include:

  • Malicious insider threat;
  • Service or utility interruptions;
  • Lost or stolen devices;
  • Natural disasters; and
  • Sabotage.

Over the past few decades, physical security has becoming increasingly difficult to address, especially as it blends more thoroughly with technology. Consider the proliferation of mobile work devices such as laptops, USB drives, tablets and so on; meaning an entire business could be compromised from a staff member simply losing a device or having one stolen. Indeed, physical security is becoming more vulnerable as technology becomes more complex.

In 2014, Coca-Cola faced a class action after several laptops were stolen, compromising the information of at least 74,000 employees, suppliers and contractors. In December last year, Australian telecommunications company Vocus made headlines when a man filmed himself entering the foyer of one if its data centres based in New Zealand as both the front gate and lobby had broken locks. In 2008, the U.S. Department of Defence network was compromised when an employee who had found a USB, then inserted it into a government laptop. The USB was loaded with malware that then spread, undetected, throughout the Department’s classified and unclassified systems, sending data back to remote servers elsewhere and leading to a Pentagon operation known as Buckshot Yankee.

Physical security threats are diverse: they can be man-made or acts of nature, internal or external, intentional or accidental. Attackers can enter secure areas through tailgating, stealing or hacking access control cards, or simply breaking through doors. All the cybersecurity measures in the world can be rendered worthless if someone can walk into your building and steal a drive, if an employee is careless or if you lose hardware after a natural disaster.

What Can Businesses Do?

In this environment, organisations are faced with the daunting task of safeguarding their data, personnel, equipment, facilities, systems and company assets. In tackling such a task, companies must have a layered approach to their physical security strategies, essentially ensuring attackers must bypass multiple, unique layers before reaching their objective.

These systems can include, among many others:

  • Physical Intrusion Detection Systems (PIDS) and motion detectors
  • CCTV
  • Alarms and locking systems
  • RFID systems and cable locks on remote company devices
  • Personnel emergency responses
  • Power back-ups
  • Security staff

There are key areas of physical security that must be assessed when a company is looking to mitigate their risks.

Layout

Site layout is essential in protecting your company from weather, crime, voyeurism and other emergencies. Companies can choose low-profile designs to attract less attention, or they can focus on having fewer access points or introducing keycard systems to secure and track entry into the building.

Layout can also come down to having sufficient lighting inside and around your building and adhering to strict lock-up procedures for an office. While this all may seem like common sense, its simplicity can often mean this area is gravely unprioritized.

Access

Introducing access controls that limit the accessibility of equipment and information is an important step in ensuring strangers, vendors, visitors and staff are unable to get their hands on anything they’re not supposed to. These types of controls can help quarantine breaches and ensure minimal impact. They can also effectively create an audit trail that can track malicious movement and locate its source.

Intrusion Protection & Detection

Often the first line of defence, equipment such as motion detectors and CCTV cameras can be an effective deterrent for physical attacks whilst also enabling a business to be alerted and respond more efficiently to trespassers.

Prioritising Physical Security Once Again

When considering physical security, a company must conduct a risk analysis catered to their unique responsibilities and requirements. This could involve evaluating crime statistics, conducting area background checks, assessing historical weather and so on, enabling your company to define and prioritise threats and develop appropriate responses. The products of a risk analysis must also be tested thoroughly and repetitively. To fine-tune physical security, measures need to be adopted company-wide, failure points must be rooted out and adapted, and employees should be trained on how to react to threats.

Managing physical security often comes down to understanding your company and its vulnerabilities and taking simple, yet effective, measures to safeguard them. Organisations have a responsibility to perform their due-diligence to locate the threats facing them and implement effective physical and cybersecurity systems to mitigate the risks.

Essentially, businesses can no longer undermine their physical security needs simply because it does not instil as much fear or create such a commotion as its cyber sibling. Companies must understand the critical role that physical security plays in their operations, and act accordingly.

Follow our LinkedIn page for all the latest security updates, and Contact Us to see how we can assist your business.

Author: Elsa Chapple, Agilient Consultant

Tweet
Share

General building security,  CCTV,  cybersecurity,  government,  malicious insider threat,  physical security,  resilience,  RFID systems,  security planning

Looking for a security partner? Get in touch with Agilient.

Looking for practical and cost-effective security and risk solutions for your government department, agency or company? Speak with Australia’s leading senior security, risk and resilience experts.



Footer

Agilient is a proud member of

Ai Group Defence Council
Australian Industry & Defence Network
Australian Security Industry Association
Sydney Aerospace & Defence Interest Group

Company and Licensing Details:

ABN: 37 157 911 441
NSW Security Master Licence # 410783087
ACT Security Master Licence # 17502184
Vic Security Registration # 878-460-40S
Qld Security Firm Licence # 3834422

Join The Tribe

Sign up to receive our regular Agilient newsletter including the latest security, risk and resilience updates

Sign up now

Copyright © 2019 Agilient · Level 3, 655 Pacific Highway, St Leonards, NSW 2065 · 1300 341 692