Working in information security I’ve seen my share of flagrant violations of best industry practices. One that I shutter to see is a dearth of physical security. Physical security is one of the most basic steps any organization should take to ensure the security of its people, resources and technology. It never fails that organizations take the basic steps of bollards, locks, proximity cards, and the like. Even with the most complex and integrated of physical security controls most organizations fail on physical security. They fail for supernumerary reasons but most frequently for lack of staff training, staff policy/procedural compliance and regular physical security audits. Is your organization making physical security a priority? How?