Physical access

Protecting your data is not restricted to online sabotage only. The physical security of your workstation and mobile devices also plays a big part in keeping your data safe and secure against theft or malicious attack.

Physical Surroundings

When you arrive at the University, you probably enter through a secure door, pass a security camera, or you may need to swipe a card to access your building. When you leave work for the day, you may lock sensitive documents into a filing cabinet. The physical surroundings in your workplace are there to protect your workstation and the data stored in the office.

It’s essential to keep an eye out for people who may pose a security threat. There are a few common ways scammers will try to enter a secure building:

  • Tailgating – following you through a secure entrance without providing their credentials or using the excuse that their hands are full to get you to hold open the door.
  • Impersonation – scammers may try to gain access by impersonating a vendor, customer, or service provider.
  • Access request via phone or email - if you receive a phone call or email from someone requesting access, always double check the request is genuine.

If you see an unaccompanied visitor you don’t recognise, they may be perfectly harmless, but it doesn’t hurt to ask them if they need something. Report any suspicious behaviour to security immediately.

Ways you can ensure that physical security is maintained in the workplace:

  • Keys, Badges, and Fobs – Keep these items with you to prevent someone else from accessing buildings or systems.
  • Security Cards – store them safely, and don’t leave them around the office. Apply a security code that can’t be easily guessed.
  • Devices – Always lock your computer when you walk away from your workstation. Immediately report the unauthorised use of your computer or the loss or theft of a device.
  • Whiteboards – Make sure unauthorised people can’t see whiteboards. Erase sensitive information after meetings and at the end of the day.
  • Sensitive Documents – If you aren’t actively using them, secure any physical files that contain business, employee, or customer data. Collect printouts or faxes that contain sensitive data right away.
  • Server or Record Rooms – Keep these rooms locked to protect valuable systems or data from unauthorised people.

Shoulder surfing

Shoulder surfers are everywhere, not just in the workplace. A shoulder surfer watches you from behind while typing in passwords, PINs, and sensitive information. To prevent people from shoulder surfing, shield your screen or check behind you before entering any sensitive information.

Locking workstations when away

University workstations contain important emails, files, passwords, and University and personal information. Therefore, it is essential to take steps always to protect these devices.

  • Lock your workstation using Windows Key + L when leaving your office
  • Check your PC for any unknown devices connected
  • Lock your office door when leaving

All university workstations have antivirus software installed to minimise threats and unwanted attacks. It is encouraged to restart your machine frequently to ensure updates and policy changes apply to your device. Contact IT if you have any concerns that your workstation has been compromised.

Back to IT@ND: CyberSecurity