The holidays are a time of family, fun, and... vehicle break-ins?
Yes, personal larceny spikes in December, climbing up to 22% higher than an average month. Many experts attribute this annual spike to criminals targeting holiday shoppers, who often store high-priced gifts in their cars.
And mixed in with all those stolen presents and crushed holiday dreams are corporate laptops, mobile devices, and the sensitive data they contain.
While we talk often about human side of cyber security, it’s rarely more obvious than when discussing physical security. Many employees – not just executives – carry vast quantities of extremely sensitive data with them every day, even outside of work hours. And while technical controls like disk encryption are important “last lines of defense,” your employees play a critical role in protecting your data from falling into the wrong hands in the first place.
With this in mind, the holidays are the perfect time of year to remind your employees about the importance of protecting their company-issued devices and other intellectual property.
Customize the following email template for a friendly and holiday-themed physical security refresher for your employees:
Email Template: Corporate Physical Security
Thefts and vehicle break-ins peak during the holiday season. For this reason, it is critically important to follow proper procedures for maintaining the physical security of your company-issued laptops and devices. Please make sure that all [COMPANY NAME] property is secure when not in your immediate control, and do not leave your devices unattended – especially in a car.
As a reminder, each [COMPANY NAME] employee/contractor is ultimately responsible for the equipment and intellectual property in their possession. This includes laptops, mobile devices, keys, keycards, passwords, and hard copy materials. While all of our systems and devices are fully encrypted [OR CUSTOMIZE WITH OTHER SPECIFIC TECHNICAL CONTROLS], loss of company equipment still presents serious risks to the organization.
Please take a moment to review the following physical security best practices. For more information, please refer to the [COMPANY NAME] information security policy located on [COMPANY INTRANET, ETC.].
- Laptops and mobile devices should not be stored in cars. If a situation leaves no other viable alternatives, the device must be stored in the trunk or other locked compartment, such as a glove box.
- When outside of a secure [COMPANY NAME] location, do not leave your mobile device or laptop unattended for any reason, particularly when working from airports, train stations, coffee shops, and the like.
- Never leave your laptop screen unlocked when stepping away, even if the device is physically secured or it is at a secure facility.
- Data security controls, such as laptop and mobile device login passwords, should never be disabled for any reason.
- Unless absolutely necessary, do not carry paper copies of restricted information, client data, or the like.
- If you are aware of a situation in which you will be unable to take full security precautions (i.e., unusual travel requirements, etc.), please notify [COMPANY IT CONTACT] in advance so that additional and appropriate controls may be put in place.
- You are required to observe the physical security policies of our office (i.e., never allow unattended visitors into the office, never prop open locked doors, never share keys or keycards, etc.).
Should you discover that [COMPANY NAME] property is missing, immediately notify [CISO OR EQUIVALENT]. The sooner you report the missing equipment, the sooner we can implement our response procedures.
If you suspect or have evidence that [COMPANY NAME] equipment has been stolen, please immediately report the theft to local law enforcement as well and retain a copy of the police report, sending a copy to [CISO OR EQUIVALENT].
If you have any questions about the physical security of your company equipment or our physical security policies, please contact [SUPERVISOR, CISO, OR EQUIVALENT].
Want more awesome templates like this?
Subscribe to Focal Point's Risk Rundown below - a once-a-month newsletter with templates, webinars, interesting white papers, and news you may have missed. Thousands of your colleagues and competitors have signed up! You can unsubscribe at any time.