Latest Guide by Security Consultants – Cyber Isn’t the Only Threat!

Businesses have only recently begun realizing the vicious impact of cyber-attacks. But in allocating resources for its prevention, they must not begin to neglect physical security. They might have a top-notch digital security mechanism in place, but it’s not going to stop physical attacks from harming the business. 

The question therefore arises; what physical security risks should businesses be looking out for? Well, we’re here to answer that for you. 


Almost all workplaces have some form of access control i.e. a mechanism through which employees enter/exit the building through the use of a locked door or a swipe-card access point. Tailgating is simply when an unauthorized person follows an authorized person into a secure area. 

This is most likely to happen when multiple employees pass through a door; the one in the front swipes their card or presents identification, and the others just follow behind – which means that sometimes someone unwanted or unauthorized could also pass through. 

To mitigate this threat, the smart thing to do would be to place anti-tailgating doors that make this rather impossible. These doors will only let one person pass through, and then require authorization again for whoever wishes to go next. 

If you’re not willing to spend that much, then just raising awareness amongst employees and providing them with a rigid physical security policy can go a long way in preventing this. 

Document theft

Offices are full of paperwork and important documents so there’s no surprise that sometimes they end up going missing (or being stolen). In the case of sensitive documents, however, you might open up your company to threats by letting someone unauthorized go over the information that you would not want them to see – at all!

Institute a clear-desk policy; ensure employees clean up their desks and put away all documents at the end of the workday. Moreover, employees should shred all important and sensitive documents after they’ve been used. Have them either keep them in locked areas that can only be accessed by authorized individuals if you don’t want to completely discard them. 

Unaccounted visitors 

If you’re unaware of who’s in your workplace at a particular point in time, then you’re not doing the right thing – unaccounted visitors can pose to be a serious threat, and the fact that you’re unaware of their presence makes it even worse. 

Make sure that all visitors are accounted for and are issued visitor passes – this helps identify who is a visitor (to ensure they don’t access restricted areas) and also gives you a log entry of who entered, and when they entered/left. 

Identity theft

An access control system is reliant on employees using their own identification – if someone is using someone else’s ID to go in and out of the premises, then it’s basically back to no access control. 

Educate your employees on the importance of protecting their IDs or access cards. Don’t let employees share their cards or lend them to other employees because that will hamper monitoring. Ask them to keep their ID on them at all times and report immediately if they misplace/lose it. 

Social engineering

Probably one of the hardest to combats – simply because it can come in multiple forms. These attacks rely on employee manipulation through misusing information that they might have gained to impersonate someone else or threatening employees to gain access to secure areas and networks. 

There might be no way to overcome all the social engineering threats, but one way could be the conduction of a thorough physical security risk management to consider how someone could get through the protections that have been put in place. Moreover, raise awareness amongst your employees about social engineering and help them understand risks so that employees are more alert to any suspicious activity or contacts.

Monitoring is key

At the end of the day, you need to make sure that you’re constantly and actively monitoring your premises and those that are on it – at all times. Ensuring that checks are in place, and also making sure that systems are reviewed on a regular basis can go a long way in making your environment that much secure.