Rhonda, the regional sales manager of a mid-sized cable & conduit manufacturer and installer, was alarmed when she called her office and was told that three laptops worth about $6,000 had been stolen. Three members of her sales team had left their offices unlocked when they went to a meeting. When they returned, they discovered that three laptops were missing, apparently taken by a thief who simply walked into the offices, picked up the machines, and left, unnoticed by the other people in nearby offices.

Since the members' personal folder files were stored locally on the hard disk of the laptops, the sales team lost eight weeks of e-mails and sales logs, not to mention the loss of their customer contact lists and detailed product specifications files.

The monetary loss was significant. Rhonda's company couldn't submit an insurance claim because the sales offices weren't locked. They also faced the loss of a significant amount of important data stored on the laptops, data estimated at $65,000 in value.

What steps can an organization take to increase its physical security? Who is responsible for physical security? Are there aspects of physical security in your organization that need improvement?