Breadcrumb navigation

1. Ten Office/Factory Security Measures!

2. Why are Office/Factory Security Measures Necessary?

In offices and factories, the reasons for being targeted by criminals lie in the “location” and the “assets” being handled. First, we will explain why security measures are necessary for offices and factories.

(1) Offices

There are two major reasons why offices are vulnerable to theft. One is the location and structure of the office. Business districts lined with office buildings are crowded with people during the daytime on weekdays, but are very deserted at night and on holidays. Therefore, if someone breaks into a building at night, there is little chance of being noticed, making it an easy target for thieves. In addition, in office buildings with many tenants, anyone can enter through the common entrance. If the entrance is not secured properly, it is possible for an outsider to sneak into the office area and infiltrate the office with the employees. The office is then too vulnerable. Another reason is that offices contain many valuable assets. It is not just cash, checks, stock certificates, and other money. Nowadays, all kinds of information are subject to theft, including employees' personal information, customer information, confidential business manuals, and confidential data stored on PCs. If such confidential information falls into the hands of a malicious third party, the company loses public trust and, in the worst case, may face legal action. It is no exaggeration to say that a company's credibility depends on its security measures.

(2) Factories

There are two reasons why factories need security measures. The first is the impact of an intrusion from the outside. For example, what would happen if an outsider broke into a factory that handles food products and contaminated it with a foreign substance? It would be a major social problem, and the damage could amount to tens or hundreds of millions of yen. What would happen if highly toxic chemicals were stolen from a chemical factory? The chemicals could be used as tools to commit a crime and trigger another incident. Another characteristic of factories is that they are prone to secondary damage due to break-ins.The second is that factories are becoming smarter and smarter, so that every machine and piece of equipment in a factory is at risk of cyber-terrorism. It is now commonplace for factory production equipment to be connected to the Internet via IoT and to be operated and managed remotely. At the same time, the possibility of being targeted by malicious viruses and software (malware) via the Internet is increasing. If a virus should infect a facility and cause the leakage of confidential information or the shutdown of facilities, the damage is immeasurable. The increasing number of routes to be targeted by criminals is another reason why security measures are required.

The Bio-IDiom KAOATO face recognition package software, which is equipped with the industry's top-class* face recognition engine and achieves high recognition accuracy, can be used for access control in offices and factories. Access control by face recognition can prevent unauthorized access to offices and factories while enhancing convenience.

Contact

3. What Two Risks Should Be Considered in Security Measures?

(1) External Attacks and Intrusions

There are two types of external attacks and intrusions that require attention.The first is theft due to physical intrusion. According to government statistics, there were 7,254 cases of office burglary and 799 cases of factory burglary in one year (2016). The items stolen include safes, office equipment, employee computers, confidential documents, checks and stock certificates, factory materials and parts, and many others.Another is information leakage via the Internet. There have been many cases in which data was leaked from stolen PCs and distributed on the Internet, or spyware was installed on employees' PCs and information was stolen without their permission. It is said that the average amount of damage caused by information leaks is 637.67 million yen per incident (2018), and there is no doubt that it causes significant damage to companies.

(2) Internal Fraud

Internal fraud is fraud committed by employees, former employees, or outside collaborators. A typical example is an incident in which an employee dissatisfied with the company introduced a foreign substance into a product at a factory. There are also many cases of retirees who have some kind of grudge against the company, taking customer information on USB memory sticks and selling it to competitors when they leave. There are also cases where employees of cooperating companies remotely control PCs to steal confidential information of the companies with which they do business.Looking at the causes of internal fraud, 58% of cases are due to negligence, “violating the rules without knowing them” or “inadvertently violating them. However, 42% of the cases of intentional misconduct, including “dissatisfaction with the company,” are also considered to be the cause of misconduct. It is impossible for a company not to take some kind of countermeasure.

4. 10 Office/Factory Security Measures (intrusion from outside)

From here, we will introduce five actual security measures each (10 in total), divided into the perspectives of “preventing external intrusions” and “preventing internal fraud. First, security measures to prevent external intrusions and attacks.

(1) Strict access control

Access control refers to managing the entry and exit of people and restricting access as necessary. For example, it is effective to use IC cards or facial recognition systems at building entrances and offices to identify individuals and prohibit the entry of outsiders.While PIN numbers and IC cards (employee ID cards) are commonly used as authentication systems for access control, we recommend the introduction of a biometric authentication system, which has a higher level of security. Biometric authentication is a system that authenticates individuals using their innate fingerprints, face, and other information. Among these, “face recognition systems,” which identify a person by features such as eyes, nose, and mouth, have an extremely high level of security and are now being introduced by many companies. Faces are difficult to forge and difficult to impersonate, making them highly effective in preventing crime. It is important to prevent intrusion by third parties through waterfront measures using advanced authentication systems.

(2) Installing Cameras

Installing cameras in areas that are vulnerable to intrusion by outsiders or in rooms where important information is handled is another important security measure. Some of the latest cameras use motion sensors to detect suspicious persons and alert the security office. It is important to use cameras with a high level of security to prevent outsiders from entering the building.Cameras can be used in conjunction with facial recognition systems to further enhance security. Only registered persons are allowed to enter, preventing unauthorized persons from entering together with registered persons.

(3) Installation of Detection and Alarm Systems

It is also effective to install a combination of “infrared sensors” and “lighting” to detect people. For example, sensors can detect when a person passes by and cause lights to blink, or lighting can be installed on windows and doors to intimidate people. According to a survey by the National Police Agency and the Urban Crime Prevention Research Center, about 70% of burglars give up after “five minutes. It is important to buy time to prevent break-ins, even if it is only a few minutes.

(4) Identity Authentication of PCs

(5) Network Security Measures

There are various network security measures to prepare for attacks via the Internet.One is to prevent unauthorized access through firewalls and anti-virus software. Especially in factories, malware attacks can be launched by exploiting vulnerabilities in outdated applications and operating systems. Therefore, it is also essential to provide “patch measures” to reinforce vulnerable areas. It is also effective to divide the network into several layers so that if a virus invades, it can be confined to a specific layer.

5. 10 Office/Factory Security Measures (internal fraud)

The following are five ways to prevent internal fraud by employees and related parties.

(6) Recording Entry/Exit Data

It is said that an important point to prevent internal fraud is to “create a situation where it is difficult for a criminal to commit a crime. One of the best examples of this is the aforementioned “access control. Access control systems have the ability to accurately record the time employees enter and leave a room, as well as to determine “when, in which room, and who is in the room. In other words, even if an employee commits fraud, a clear record is kept. In order to deter internal fraud, it is important to strictly control daily access control.

(7) Strict PC Management

It is also important to manage PC log-on status as strictly as possible to prevent personal information from being taken outside.For example, NEC offers a service called “Face Recognition Logon Set,” which keeps employees logged on as long as their faces are recognized by the PC, and automatically locks the PC when they leave their seats and move away from the PC. This prevents a third party from logging on, and also deters unauthorized behavior by the employee.Physical measures such as attaching a wire to the PC to prevent it from being taken out of the office or attaching a peep-proof filter may also be effective in preventing unauthorized access.

(8) Server Network Access Restrictions

(9) Paper Log Management

Although the office is becoming increasingly paperless, there are still many cases where information is taken out of paper documents. Therefore, it would be effective to introduce a system that can manage the printing history of the printing machine. If a log is kept showing “when, by whom, and what kind of material was printed,” it will deter the easy printing of confidential information.

(10) Restrictions on Taking Information Outside the Company

It is also important to establish rules to prevent confidential information from being taken outside the company.There are two major aspects to this. The first is to enforce the rules for employees while they are still in the company. For example, prohibiting the use of USB memory sticks and private PCs within the company, and requiring employees to have permission to take company PCs outside the company.Another aspect is to ensure that information is not taken out of the company by departing employees. It is not uncommon for customer information to be taken out of the company by retirees who are dissatisfied with the company. Therefore, it is important to sign a non-compete agreement with departing employees to prohibit them from taking confidential information out of the company.

6. What are the Key Points of Security Measures?

The following are four points to keep in mind when implementing security measures.

(1) Start with an Inventory of Assets

The first step in implementing security measures is to take inventory of the assets to be protected by the company. For example, let's consider access control. For example, consider an access control system: “A high-security facial recognition system should be used in the server room or document room where confidential data is handled,” or “A simple IC card authentication system should be installed on other office floors. Once the assets to be protected and the priority level are known, it will be easier to consider countermeasures.

(2) Start Small and Incorporate

It is difficult to suddenly and drastically raise the security level of an entire company. Therefore, it is important to start small and take action in areas that have high priority. For example, “First, we need to reinforce the weak points in the control system,” or “We are constantly receiving unauthorized logon attempts on PCs, so we are going to introduce facial recognition. Gradually increasing the overall security level should make it easier to implement measures.

(3) Proceed with the Cooperation of Employees

The cooperation of employees is essential for thorough implementation of security measures. For example, if you establish new rules for taking data out of the office, be sure to publicize and inform employees about them.Also, different departments may have different views on security.
For example, in a factory, the information system department and the control system department are in charge of different areas, so there may be conflicts of opinion regarding countermeasures. In such cases, the company needs to coordinate opinions from the perspective of overall optimization and proceed in such a way that no conflicts arise.

(4) Combining Tools to Increase Security Strength

Security tools can be combined to increase security. In the case of access control, a face recognition system by itself is sufficient to provide a high level of security. However, the combination of authentication tools such as IC cards and chameleon codes (bar-coded employee information) can further improve the accuracy of authentication. Such “double authentication” will further increase the level of security in offices and factories.Click here for an overview of the Bio-IDiom KAOATO face recognition package software, what it can do, and fields of application for face recognition.

7. Summary

It is important to select the best security measures according to the company's current situation and issues. However, there are a wide range of measures that need to be taken, and many people may not know where to start. NEC Solution Innovator offers a wide range of security measures, including Bio-IDiom KAOATO, a face recognition package software that uses the NeoFace face recognition engine, which boasts the world's highest level of accuracy, We offer a variety of security tools to meet your needs. If you have any questions about security measures, please feel free to contact us.

Click here to contact us about face recognition system and Bio-IDiom KAOATO.

Contact