Secure the perimeter

Create a secure physical perimeter to keep out thieves using:

• Locks.
• Self-closing doors.
• Window locks.
• Lockable internal doors between rooms.
• Security curtains or window shutters.
• Alarms. Ensure that each employee has their own unique alarm code.

Protect the server

• Keep servers in a locked room and control access to it.
• Individual servers should have their own lock and key to stop people opening them.
• Networking switch boards should be protected by a lock to control which ports are activated.
• Unplug unused network extensions.
• Consider fire and flooding risks as well as theft.

Protect information on paper

• Consider lockable filing cabinets.
• Shred personal information before throwing it out.
• Have a ‘clear-desk’ policy so that employees lock up sensitive papers when they are not working on them.
• Encourage users to pick up their documents from printers, faxes and photocopiers promptly.

Monitor visitors

• Don’t let visitors inside the secure perimeter without an escort.
• Vet contractors and support personnel.
• Restrict access to sensitive areas, such as server rooms or HR records.
• Staff should be encouraged to query unescorted strangers in secure areas.

Other advice

• Be careful about throwing out computer boxes that might advertise a delivery of new machines. Fold them down and disguise them or put them out when the bin men come.
• Security mark PCs and their major components.
• Log serial numbers of PCs so that they can be identified if stolen and recovered.
• Consider investing in a security cable for each computer.
• Keep backups offsite or (at least) away from the computer you're backing up.

More information

• Review the Metropolitan Police's advice on computer crime.
• Talk to your insurance company or local crime prevention officer.