Many companies have asked how to develop their Physical Security Policy for a remote team. Drata consulted our auditor partners and developed the following list of ideas to consider including:

-Do not leave work devices in an unsecured place. Follow the same physical security habits that you would in a work setting: lock your screen when away from your computer, lock your doors, and do not leave your devices in the car.

-Do not let friends and family use work devices.

-Enable password protected screen savers to avoid accidental exposure of potentially confidential or sensitive information;

-Do not leave the laptop unattended in any situation, and place it in a secure location when not in use to prevent unauthorized disclosure;

-If traveling, the equipment must remain in the possession of the user as hand luggage at all times;

-Exercise caution with laptops in airports, especially at security screening checkpoints;

-All media is to be stored in a locked safe, furniture or a similarly secure location when not in use;

-Immediately report lost or stolen laptops to the Information Technology Department.

-Any paper documents containing sensitive data should be locked away in a secure location when the employee is not not in close proximity to their workspace.

-When traveling away from your home for an extended period of time, work equipment should be taken with the employee or locked away in a secure location, such as a safe, at the employee's home.

How can I apply the above guidance to my policy?

We recommend is the following: