Asset & Data Security


The organisation carries its operations using assets to generate revenue or remaining efficient.

Electronic / software data has become critically important since manual processes are gradually moving to computerised data. Now-a-days, large information whether of past and present, is located in the hard-disks of the computers. The organisation would be exposed to considerable losses unless computer processes begin operations at the earliest in the event of any contingency like crashing of computer servers OR natural calamities (like earthquakes, floods, etc.) resulting in non-access / crashing of main computer servers.

Similar are the importance of physical documents. Physical documents could be contracts, agreements, vendors’ invoices, receipts for payments, correspondence, etc.

Security of both assets and data (digital and physical) are extremely important and can’t be compromised in any case. Imagine organisation losing precious data of unpatented formula or important machine being stolen. All these could lead to considerable losses for the organisation.

Precautions for security

    • General
        • Controlling the access
            • Security gets breached when unauthorised person has access to an asset or data;
            • Access management of physical assets through doors being opened with keys or biometric system or retina access or other means;
            • Access to soft data to be managed by putting firewalls → firewalls to have layers of security → certain layer access through rights management by data administrator (+) Passwords OR biometric OR retina access;
            • Preventing data copy or forwarding the information to third party
                • Certain organisations don’t allow mobile phones OR smart phones with camera OR CD drivers OR USB ports OR access to social sites / specific mailing sites (like gmail, yahoo, etc.).
        • Monitoring the access
            • Once the person enters the specific room or access the data → monitoring the activities of the person;
            • Monitoring using CCTV camera or analysing computer activities (i.e. number of files opened, number of times a particular file opened over a period, etc.).
        • Monitoring the movement
            • of person OR vehicle, etc. using GPRS or CCTV cameras, etc.;
            • of goods using RFID tags, etc.;
            • of inter-factory movement of goods or movement of goods to customers by insisting gate entry details (+) receiver’s signature & details.
    • Soft data
        • Re-verification of passwords / codes
            • Access verification codes / passwords can leak → to expire after a period and to be created again → re-verification through SMS on registered mobile phones OR email on registered mail ID OR giving answers of security questions.
        • Moving the old data
            • Computer data → keeping data of previous years in separate hard disks OR computers at different location.
        • Back-ups
            • Back-ups of computer data regularly;
            • Preserving old back-ups;
            • Prices of hard disks have come down drastically allowing storage of back-ups for longer period.
        • Restricting the deletion / moving of soft data
            • Above restrictions to avoid permanent loss of data.
        • Using reliable Cloud services
            • For storing the data and using third party firewall controls.
    • Physical assets / documents
        • Moving the old data
            • Moving the old data to separate place to prevent misuse and creating permanent storage;
            • Physical documents → retaining current records at the organisation’s working place and moving old ones at the different place;
        • Verification of old data
            • To be secured against pests, rodents, rains, etc.
            • Regular verification of records for checking the present state of the location and records.
        • Physical verification of assets
            • Periodical physical verification of assets → updating the asset location → matching with the books → analysing the variance.
        • Assets recovery when people leaves the organisation permanently
            • Recovery of assets lying with a person (mobile phones, laptops, vehicles, etc.) or selling the assets to him / her before settling full and final dues.
        • Digitisation of documents
            • Preventing permanent loss of physical data and loss due to handling of documents.

Leave a comment