Protecting the walls / Premises that house your organisation's systems and resources is always underrated. Firms always focus on protecting their systems and software while neglecting the building or physical premises themselves. That's a grave error from the organisation, as that should be the first place an attacker will attack. With that being said, The following are the physical security controls that should be in place to make an organisation more secure:
Use of CCTV: The organisation should be invested heavily as it could be used to monitor the critical and sensitive places in the organisation. This CCTV should be stationed and positioned well so that it can cover all layers of the office premises. This way, the organisation have a good overview of all that is going on in the organisation.
For best practices, CCTV should be mounted on every entry and exit of the organisation. Also, the CCTV should be positioned in the organisation's strategic and sensitive areas and working areas. CCTV should also be stationed at all loading and delivery areas, i.e. car parks.
Use of security guards: Having security men stationed provides an extra backup for the CCTV already stationed. The security men see what the CCTV means and are also in charge of searching. The Security Guards will search all items in cars' boots coming into the organisation. The security guards should also be stationed at the stair cases and places where the CCTV does not cover them.
Use of Metal detectors and scanners: Now that a visitor, staff, or even clients have gained access to the building premises, what is left is gaining access to the office building. Another protective tip is to have a full body scanner at the gateway into the office premises or a metal detector. This helps to know what the person coming into the organisation is bringing before letting them have access to the building. This tip will help the security men stationed at the entrance of the office premises know whether you should be allowed into the building.
Using a visitor Log: A detailed log of all office building users should be taken daily. This, in a way, help account for everyone who is currently in the building, and it also serves accountability purpose. The Visitor log book should have the visitor's name, the purpose of the visit, point of contact, phone number, date, time in and time out, and also, a signature is essential. the organisation could go further to include a column which takes into account all asset the visitors is bringing into the organisation.
Wearing of Tags or Identification Badge: This should probably have come first as there is no best way to ensure security in an organisation than knowing who is who. This ID helps us identify who should have access to certain areas and who should not. In addition, Identification cards also help us differentiate the staff of the organisation from the visitors, clients or consultants. The organisation should ensure that all staff are always on their ID card. The organisations should go a step further to ensure that visitors are given a special badge to identify them as a visitor to the organisation.
Following all these tips will further help improve the security posture of the organisation and also, in a way, tighten security. Although there are many more things that could be put in place as they range from cabling to maintenance of the non-IT assets. That will be further discussed next time. Thanks for reading, and please drop your view