Information Security Office

Physical Security

Although all forms of security are important, physical security is at the top of the list. Poor physical security can circumvent other controls and protections in place. Physical security measures are important to review regarding systems that contain protected information.

As with other security it is best to practice defense-in-depth which means have multiple layers of protection. In other words, don't depend on one protection as the entire defense strategy.

Use the following guidelines to physically secure data under your responsibility.

Keep usernames and passwords secret and keep them in secure locations. Passwords only known to you and in your head are the most secure. For strong password tips see Choosing a Secure Password.

Log out or turn off computer when leaving for long periods of time.

For short periods, lock your computer before going away or set screen saver with password enabled.

Lock door when you leave work area.

Use locks, cables & other security devices if computer is in public or insecure area. (Consider redacting or removing sensitive information under these circumstances.)

Never allow others to use your computer account.

Report suspicious people and activity to BGSU police in high security areas.

Know all that have access to your office. If necessary, require an attendance log for areas requiring high security.

Examine & limit viewing areas for workstation screens. Consider additional privacy screens if necessary. Viewing area should be limited to only those required.