« Keep users scared... err... informed, that is | Main | One SOX to rule them all »

How are your security procedures working in case of an emergency?

If you like it here, please consider subscribing to the RSS feed or spreading the news among your friends who also care about security.

Been a while — if I said it's been a very busy end of the year, would you possibly believe that? Anyways, I'm here again, so stay tuned!

Imagine a fire alarm. How much would it take to trigger one in your building? Use an alarm button? Trick like three smoke sensors at a time? Make a small campfire of your own maybe?

Of course, in case of fire, all occupants need to leave the building. And they need to do this immediately. They will obviously crowd in tight staircases, halls and doorways. There is going to be really lots of them. Way to many to notice if everyone has their ID card on them. Not to mention, in a hurry it’s so easy to lose one.

To let people safely leave the building, all the doors need to get unlocked. No-one gets in, but everyone has to get out.

Doesn’t it sound ridiculously easy for a cleaning person to leave the building with the CEO’s laptop full of confidential data and just vanish once they’re out?

So, maybe it’s worth having a closer look at emergency situations that lower the physical security level? Worth not less, then the information that may be stolen when the emergency situation is abused.

Posted by Michał Sobiegraj on January 18, 2007 12:02 AM | | Digg It

TrackBack

TrackBack URL for this entry:
http://sobiegraj.com/blog/mt-tb.cgi/29

Listed below are links to weblogs that reference How are your security procedures working in case of an emergency?:

» Divide et impera from Sobiegraj on Security
Enforcing desired level of confidentiality of specific data takes preventing unauthorised people from tampering with the data. It boils down to separating sensitive assets from people who have not been granted access to them. The proper separation need... [Read More]

Tracked on February 20, 2007 1:14 AM

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

© 2006-2007 Michał Sobiegraj. All rights reserved. The views expressed here are my own, and not necessarily endorsed by any former or current employer.

Search


About

This page contains a single entry from the blog posted on January 18, 2007 12:02 AM.

The previous post in this blog was Keep users scared... err... informed, that is.

The next post in this blog is One SOX to rule them all.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type 3.34