Law Articles
To search for a particular term please use the following search box.
Law Topics
Click on a Topic to see available articles for that topic.
- Accidents
- Administrative Law
- Admiralty Law
- Articles
- Banking
- Bankruptcy Law
- Canon Law
- Case Law
- Civil Law
- Civil Rights
- Class Action Lawsuits
- Commercial Law
- Common Law
- Comparative Law
- Constitutional Law
- Consumer Law
- Contracts
- Corporate Law
- Courts
- Criminal Law
- Cyber Law
- Dispute Resolution
- Employment Law
- Equity
- Evidence
- Family Law
- Fiduciary Law
- General Practice
- Government
- Health Law
- Immigration Law
- Insurance Law
- Intellectual Property
- International Law
- Jurisprudence
- Labor Law
- Law and Economics
- Maritime Law
- Military Law
- Natural Law
- Personal Injury Law
- Philosophy of Law
- Property Law
- Public Law
- Real Estate Law
- Social Security
- Space Law
- Statutory Law
- Tax Law
- Traffic Law
- Trusts and Estates
- Water Law
Return to Law Dictionary Index
Physical Security Measures
What should one consider when choosing appropriate physical security measures?
With physical security measures, like notice measures, one needs to pick those measures that are right for one's own business. Determine how information flows into, through and out of one's company. Place physical security barriers wherever reasonable. Seek to preclude access by all those who do not have a need-to-know the information. The more comprehensive the security measures one uses, the less likely one will encounter a breach in security. Moreover, if a security problem develops, one will be in a better position to recover the sensitive business information. Consequently, over-protection is better than under-protection.
One may use any physical security measure that restricts access of the information to those who have a need-to-know the confidential information. The information cannot be taken by those who cannot gain access to the information. Below are some suggested physical barriers.
What are some procedures for direct control of the information?
The location of information should be separated into different areas (e.g., file cabinets, rooms or buildings). Only people that have a need-to-know the confidential information should have access to the relevant area and hence the information in that area. As an example, the accounting department or accounting books can be locked up in a room or drawer. Only people having a need for the information should have a key. Signs stating "employees only", "authorized personnel only", "restricted access", "private" or similar phrases will help discourage people from getting into these restricted access areas.
A variant of this procedure is used when out-sourcing. Companies that out-source various portions of their business often separate the confidential information among multiple vendors. No one vendor is given sufficient information to be able to recognize or use the confidential information.
Computers provide several methods by which confidential information can be restricted to those people who have a need-to-know the information. Passwords are one method. Separate computer systems are another. A computer system may give off a warning when someone tries breaking passwords, identifying both the problem and the computer terminal being used.
Confidential information should be put away when not in use. A blanket may be thrown over a machine. A drawer may be closed and locked. The company may require that desks be cleaned at the end of every day.
The disposal of confidential information should be carefully handled. Don't forget that garbage can be inspected by people looking for your information. A shredding machine should be used on confidential documents. Machines built according to trade secret knowledge should be disassembled.
How should visitors be treated?
Remember visitors to your company do not necessarily know your procedures. Checking people in with a log book at the receptionist's desk suggests to the visitor that they will be monitored. Consider recording name, company, date, time, purpose and person the visitor is seeing.
Some companies do not permit visits absent an appointment. This permits the company to schedule visits at times known to all employees and allows everyone to be prepared for the visit.
All visitors to your company should be escorted at all times. The escort should keep the visitors eyes off confidential information, which preferably is maintained out of sight. The escort may wish to ask the person to treat all things they see and hear as confidential.
In large companies visitors are difficult to distinguish from employees. Visitors should wear badges identifying them as a visitor.
Employees should be instructed to approach any non-employee that is not being escorted and offer assistance in finding the person they seek.
Confidentiality agreements may be warranted depending upon the extent of access.
How should the premises be controlled during off hours?
Smaller companies often do not enjoy the benefit of having 24 hour in-person security at every door. All doors should be locked when and where in-person monitoring is not possible. Lights that activate based upon movement, cameras, and alarms are also good deterrents both inside and outside the facility. Check these systems regularly. Employees have been known to deactivate these systems for convenience, such as blocking open a door for the convenience of smokers.
About the Author:
N. Paul Friederichs, founder, started practice as a patent attorney in 1992 at a major Minneapolis, Minnesota law firm where he was the highest performing associate. In 1993, he started and developed Friederichs Law Firm with his father. Throughout this time Paul�s experience was heavily weighted toward litigation. He served such clients as Tonka Toys, American Harvest and Boston Medical.
He can be reached at http://www.angenehm.com/