Physical security is one of the most important aspects of maintaining a business, especially when the company is handling large amounts of PII and NPPI. Any company handling sensitive information has to keep in mind all state and federal regulations that the business must adhere to, such as HIPPA and GLBA. Training and education of the employees is just as important to a company’s security plan as implementing safeguards and elaborate equipment. The whole team has to be on board with how important physical security is to the success of the company.
The first thing I noticed about this location it that it is downtown. This indicates that a lot of individuals will have access to the building, as well as data in the building. Furthermore, the location of this building could indicate that it would be more susceptible to other structure fire around that location. In more cases that one, when a fire occurs around closely grouped building other buildings with also catch fire. Something else I noticed about business is that the text mentions all the data being managed is under one central location, this could be problematic. I would suggest that the company invest in a cloud service …show more content…
At no point in time should any sensitive documentation be left unattended by personnel. Employees should be trained on how to identify PII and NPPI. Along with locking up any hard copies of sensitive documentation employees should always encrypt any sensitive information. All company computer need to be password protected and have a strong password standard of two special characters, two numbers, two capital letters and be at least 14 characters long. The password should be required to be changed every 30 days. Furthermore, the employees must be trained to not share passwords or write them down. The company could choose to use the smart card system mentioned earlier in the text for building access as well as computer
The first thing I noticed about this location it that it is downtown. This indicates that a lot of individuals will have access to the building, as well as data in the building. Furthermore, the location of this building could indicate that it would be more susceptible to other structure fire around that location. In more cases that one, when a fire occurs around closely grouped building other buildings with also catch fire. Something else I noticed about business is that the text mentions all the data being managed is under one central location, this could be problematic. I would suggest that the company invest in a cloud service …show more content…
At no point in time should any sensitive documentation be left unattended by personnel. Employees should be trained on how to identify PII and NPPI. Along with locking up any hard copies of sensitive documentation employees should always encrypt any sensitive information. All company computer need to be password protected and have a strong password standard of two special characters, two numbers, two capital letters and be at least 14 characters long. The password should be required to be changed every 30 days. Furthermore, the employees must be trained to not share passwords or write them down. The company could choose to use the smart card system mentioned earlier in the text for building access as well as computer