You may think that the term “physical safeguards” for your information technology environment apply only to the protection of your IT network and data from intrusion and theft; but did you know it is just as likely, if not more so, to be damaged from improper storage. What I mean is the possibility of fire or flood. Some organizations struggle with finding the funding or time to properly safeguard their IT environment, but there are some basic physical controls that can be used to help protect those organizations.
First, an organization should always perform proper backups of their accounting and vital data on a daily basis to either a tape or computer at an off-site location such as an external hard drive; not on a jump drive, which have a tendency to fail when you need them the most. External hard drives are now sold in computing units as high as terabytes and are getting larger and larger, as well as cheaper and cheaper every year. This simple control of backing up vital information at the end of the day, at a minimum, and storing it off-site should be considered, and probably implemented, by most all organizations.
If there are no safe offsite locations to store your data, investing in a fire proof, flood proof safe may be one of the best decisions you ever make as an organization. As tapes and hard drives continue to shrink in physical size, it has become more probable to purchase smaller safes as cheap as a few hundred dollars. It is also important to secure that safe to the ground; so be sure to purchase one that is capable of being fixed to the foundation of your building from inside the safe. This will ensure thieves can’t break in, place the safe on your rolling desk chair, and roll it out into their pickup truck for opening at a later date. Yes, we have seen that happen! It is also important to considered keeping all your servers, and IT backups in a locked, air conditioned climate room, with limited access to that room.
Starting with these small and affordable purchases that you can do yourself will be an investment that will insure the future of your organizations success for years to come.
Brian Hemmerle, CPA