Jeff Cutler's Keys to Security

Jul 8 2014   1:42PM GMT

Keeping Your Data (and other) Doors Locked

Jeff Cutler Jeff Cutler Profile: Jeff Cutler

Tags:
Data
DDOS
doors
IT
keys
Security

The house next to mine is being broken into as I write this. Seriously. Some guy with a ladder walked around the entire house and then chose a window to enter through and set up the ladder and started to climb. Only when I emerged from my house – after taking photos of him and his pickup truck – and walked out onto my back deck did he pause.

“I’m looking at this house for some people,” he said.

IMG_9406

I just nodded. After a period of silence, he came down the ladder and moved – with it – to the side of the house where I couldn’t watch him. I went back to my computer and kept an eye on the house.

Then the realtor showed up and explained that the man was there to do a home inspection and I had nothing to worry about. In fact, I had a lot to worry about. Especially how easily it would be for masked men with ladders to breach any of the houses around me – or even mind.

Which makes me think about our lines of defense as homeowners and as data caretakers. If this guy with the ladder was a thief, would he have started in a place out-of-view? Would he have discovered a hide-a-key or other method of entry? Would he have been successful in breaching the defenses and borders of the home next door?

It was very likely. I didn’t see anyone else in the neighborhood challenge him. I didn’t see anyone else take note of his truck or license plate. When it comes to securing your facility and data, you probably have to take the same approach. It falls to YOU to make sure your doors are shut and locked and your client and corporate data is secure.

But then I thought about another scenario. What if I were the person with the ladder trying to access my own home? How much security would be daunting? What safeguards would I have in place so I could gain access in an emergency?

The same thoughts should go through your head when you’re securing the corporate assets. Is there a way in that only an inside circle of people know about? Is it foolproof and based on clear identity processes? Could someone pretending to be you get inside?

In the same way a key under a rock is pretty insecure, you don’t want to set up a simple gauntlet for thieves to traverse. You need something that’s secure and convenient at the same time. As our systems passwords are familiar yet complex, you should do the same thing with your door key and building access.

Here at home our system is to leave keys with neighbors and relatives. In a pinch, it takes some effort to get the key and enter the house, but it isn’t a process a thief would be able to do. At your organization, give the keys to a trusted department head in the form of an encrypted document. Or mail yourself access instructions – encoded of course – in the case of a system malfunction or attack where you need to get in through your own back door.

Further, having a set of physical keys to your facilities held with various trusted employees or locked up at a second facility is a method that can ensure you get access without too much hoop jumping.

If it were easy to breach our systems and crash through our front doors, it would happen more frequently. The trick is finding a way to secure your business and data so if you get locked out you can get back in without too much fuss.

What are your tricks for securing your home? Key in the grill, key on the dog’s collar, stuck behind the door knocker (a thief is probably not knocking), attached to your wind chimes?

Then, what methods are you using to keep your company secure but accessible?

I’d love your comments! See you next week!

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: