top of page

The importance of having an Environmental Security plan.

If your business activities have been disturbed because of a cyclone, fear not, it is normal. But your business’ information system should never be paralyzed because of a cyclone.

On the 22 November 2021, we published an article on the difference between physical security and environmental security, and highlighted the importance of environmental security.

As a reminder, the annex 11 of the ISO 27001 emphases on physical and environmental security. Environmental security are measures put in place to safeguard information and resources from any environmental hazard like cyclones.

Here below are some examples of Environmental security measures:

  • Protection against lightning, wind, and building collapse.

  • Protection against water damage from water supply lines, sewer systems, and roof leaks must be implemented (e.g., plastic sheets are available and master shutoff valves are accessible, working properly, known to operations personnel, and automatic where feasible).

  • Additional temperature and humidity safeguards to monitor and maintain acceptable levels.

  • Protection against flooding, earthquakes, or other natural disasters (e.g., drains are installed below the computer room floor).

  • Fire detection and suppression equipment (e.g., smoke and heat detectors, handheld fire extinguishers, fixed fire hoses, and sprinkler systems).

  • Fire detection and suppression equipment must automatically notify the organization and emergency responders.

  • Additional power (electricity) safeguards:

  • A short-term alternate power supply to ensure proper shutdown in the event of a power interruption.

  • A long-term alternate power supply to maintain minimal operational capability in the event of a power outage.

  • Automatic emergency lighting systems to illuminate emergency exits and evacuation routes in the event of a power outage or disruption.

  • Surge protection for all information resources.

  • Redundant power feeds and redundant communications paths for critical information technology sites.

These measures are examples and not limited as mentioned above.

Do you think that your company has a proper Environmental security? Contact us if you want to know more.

bottom of page