By Gary Lara, Marketing Assistant at Charter Global
The spectrum of security for financial institutions has changed over the years given the significant shifts in technology and information technology.
With more devices such as smartphones and laptops becoming the norm of modern-day life, this inevitably influences the way users interact with financial services. And with such, comes a fundamental need to protect information especially driven by the large amounts of data regarding personal information, account details and figures, and online banking information that financial institutions handle.
Accordingly, cyber security has successfully advanced its capabilities over the years for data protection, offering an array of software and services. However, how are these financial organisations’ physical infrastructures protected? Physical security should be given the same level of attention as digital security, and in some cases, this is even required for legal compliance.
Physical threats have not faded into the past. Institutions such as central and commercial banks, credit unions and investment banks are still at constant risk of physical threats against their facilities and assets (employees, customers, cash, vaults and data servers). The means of cyber security will have no purpose regarding the organisation’s safety if intruders are able to gain access and possession of valuable assets. Keeping strong protective physical measures in place is key.
Physical security is defined by using various layers of systems and mechanisms that serve to protect people and property. These measures can include, surveillance, security personnel, protective barriers such as security shutters, locks, intrusion detection and deterrent systems, among many others. The aim of an integrated physical security system is to deter or convince prospective attackers that the success of an attack is unlikely, detect and monitor intrusions, and trigger appropriate incident responses.
Although banks already have protocols against physical breaches in place, many security gaps may appear if these measures are not tailored to the specific requirements of every location. Reports regarding bank robberies showed that frequently attacked institutions had security countermeasures in place at the time of the attack, yet there was also a high failure rate.
Security managers should consider questioning if existing policies and measures are sufficient for the risk of each location, and if potential threats can be reduced by implementing new technology. In the following section we have collated advice on physical security for financial institutions:
The first tier of security for financial institutions leverages crime prevention through structural designs to deter threats. Examples include warning signs, fences, security shutters, vehicle barriers and height-restrictors, restricted access areas and lighting. They serve to prevent intrusions by making the infrastructure seem difficult to enter, and potentially delay attacks in action. Does management authority have means of controlling access to the facilities? Are there ways of reducing the amount of access points? Review, assess and improve where possible.
In-house physical measures for restricted access
Areas that store valuables such as cash, servers and back-ups should be appropriately guarded. Restrict the entrance of these areas to a small number of individuals, and then constantly monitor their activity regarding entrance and exit.
Take advantage of modern security technology. For example, in case of an unfortunate attack where time is critical to mitigate further access and damage, consider utilising security shutters that feature automation, rapid deployment and self-locking mechanisms. You can install them not only for perimeter purposes but also inside your facilities’ high-risk areas. Depending on the identified potential risks, you can even opt for security-rated shutters that protect against bodily force, power tools or ballistic threat.
Video surveillance and alarm systems
Video surveillance also plays an essential role. It serves to detect, respond and mitigate criminal activity once intruders are in. Recorded footage of an attack may serve as evidence in court when needed.
Alarm systems can serve to alert security personnel of unauthorized access attempts. Modern systems may feature contact, motion and perimeter sensors. Consider installing alarm systems capable of integration with other security measures to trigger physical barriers and mechanical systems.
Endpoint management protocols
If an attempted attack or information breach could not be avoided, security managers must act quickly by wiping stolen devices that store valuable information through an endpoint management solution.
Additionally, if your facilities offer guest Wi-Fi services, it is vital this is a password-protected and encrypted network fully separate from the organisations network.
Pay attention to physical security as much as you would cyber-security when protecting financial institutions. Even if security measures are already set in place, constantly run function assessments and analyse if they are sufficient for the property, or if there are gaps that need attending. Consider opting for newer security technologies, keeping response time and automation in mind. This will reduce failure rates and reduce losses in the event of an attack.
Gary Lara, Marketing Assistant at Charter Global is motivated to constantly research activity and changes within the physical security realm to provide valuable insights for an array of industries.