Contact Us
Name *
Email *
Job Title *
Company *
Industry *
Message
Send

Joomla Forms makes it right. Balbooa.com

Information Security Preservation In The Event Of Relocation

By | Ahmad Sirhan, Ahmad Khabir, Nurfaezah Hanis & Adam Zulkifli


In the event of office migration, movement or relocation to a new building, an organisation should ensure that the information assets which support the organisation’s business processes and services are managed, protected and secured. Information security controls and measures should be in place to preserve the confidentiality, integrity and availability (CIA) of information assets as well as uphold the organisation’s reputation and integrity. 


All relevant parties should maintain the information security of an organisation’s information assets, including documents, files and paper records by handling them properly throughout the stages of packing, storing, carrying and unloading at the new premises. Unintended disclosure of information must be avoided at all costs and the secure moving of confidential information should be practiced during all relocation phases.


Responsibilities


Each employee shall be responsible for protecting all information assets during the execution of relevant processes and activities against unauthorized access, disclosure, modification, destruction and interference.


Relocation Phases


Relocation generally includes planning, identifying, handling and placing the information assets in the new premise. Information security is observed to ensure the preservation of information asset CIA.


Things To Consider Pre-relocation


Pre-relocation covers activities taking place before the information assets are transferred to a new location.


  1. Determine the type of movement or relocation, for instance whether it involves the whole office, department or unit. Different types of relocation call for different resources, measures, controls and standards by which to comply.
  2. Appoint the right personnel in charge (PIC) in the department to ensure a successful move of information assets. Activities that may necessitate PIC involvement during relocation are identifying, handling and escorting the information assets.
  3. Each employee shall make certain all information assets are backed up to ensure business continuity at the new location.
  4. Appoint qualified movers for the relocation activity. The movers shall adhere to the organization’s information security management practices in facilitating the relocation process.
  5. All information assets undergoing relocation should be identified, registered on a checklist, labelled and handled according to their classification level as outlined in the organization’s policy statement.
  6. The respective departments shall initiate a full security risk assessment of their information assets by entering, updating and reviewing the corresponding assets, possible threats, vulnerabilities, impacts and likelihoods via risk registers to minimise security risks.
  7. Information assets shall be packed, sealed and labelled according to their classification level (i.e. top secret, secret, confidential and restricted information) in the provided box prior to the relocation. Public information shall be packed and labelled as well.
  8. The PIC of each department shall monitor the packaging and wrapping of documented information by the mover and only endorse the necessary forms and checklists once the process has been verified and completed.
  9. Confidential equipment and lab instruments shall be dismantled by the departments’ PIC and packed, sealed and labelled accordingly.
  10. Unnecessary documents, loose pages and miscellaneous documents shall be disposed of according to their classification levels and based on document handling procedures.
  11. Do not trade, sell, donate or recycle any digital information asset that has value until it has been wiped clean. Properly dispose of such assets from the respective servers, computers, laptops and other devices based on classification level.


Things To Consider During Relocation


Activities during relocation comprise the transitioning process of information assets from the former place to the new one.


  1. PIC shall escort and assist with the relocation of classified documents and information assets to the designated location.
  2. PIC shall ensure the successfulness of information asset movement.
  3. Make sure that every electronic storage means containing confidential data is secured and access by unauthorized persons is not possible.
  4. All documents shall be kept and handled in their respective boxes according to classification level.
  5. PIC shall ensure classified documents are unpacked at the new location by authorised personnel from the respective departments.


Things To Consider Post-relocation


Post-relocation activities should be conducted in a manner that ensures business operations can be resumed as usual by catering and adapting to the current location’s requirements.


  1. Ensure the mover places the documented information directly in the new designated secure areas. Ensure the assets are stored in secure locations with limited access. Every entry and exit should be recorded, even if the person entering is pre-approved personnel.
  2. All employees shall ensure their corporate workstations and mobile devices (if applicable) are functioning as expected.
  3. The respective departments shall ensure all documents and records have been reviewed and updated to reflect the current business operations.
  4. The lab manager shall ensure all SOPs for new laboratory setups are adhered to and comply with the organization’s applicable policies and procedures.
  5. Risk assessment needs to be conducted by all risk owners to identify any new risks and potential threats and vulnerabilities at the new site. All existing risks need to be reviewed, re-assessed and re-evaluated to check if the risks are still relevant and the selected security controls are still applicable and effective.
  6. The respective departments shall review their policies and procedures to reflect the current arrangements and requirements of the new building.
  7. Departmental level Business Continuity (BC) procedures shall be reviewed correspondingly by consulting the BC coordinator to ascertain the alignment of the departments’ BC procedures with the corporate BC procedures.
  8. Each employee shall ensure the new Local Area Network (LAN) and Wifi connection is tested and then confirm that corporate e-mail and intranet systems (if any) can be successfully accessed via the connection.

Conclusion


Securing information is one of the main stages to be highlighted in the relocation process. The confidentiality, integrity and availability of information must be preserved to ensure the most valuable data and other corporate assets are securely transferred without any incident. Thus, moving forward business functions can resume effectively and efficiently with no problems.

Ready to elevate knowledge and

strengthen defense?
 

Talk to our cyber security expert.

Talk to us
Name *
Email *
Job Title *
Company *
Industry *
Message
Send

Joomla Forms makes it right. Balbooa.com

Read insights from our experts to your inbox

 

We use cookies

We use cookies and other tracking technologies to improve your browsing experience on our website, to show you personalized content and targeted ads, to analyze our website traffic, and to understand where our visitors are coming from. By browsing our website, you consent to our use of cookies and other tracking technologies.