For example, data processing equipment, as well as other important equipment, should be placed in the premises safely and with consideration. Placement should restrict unauthorized access to devices.
Access to areas where confidential information is handled or stored should be restricted to authorized individuals through appropriate access control, e.g. using a two-step authentication mechanism such as an access card and a passcode.
Irrespective of the form in which the information is presented, personal data or other confidential information shall be processed in such a way that the information isn't disclosed for outsiders.
Conversations concerning personal data or other confidential information shall not be conveyed to adjacent premises to those who do not have the right to information.
Electronic devices such as cables, monitors, copiers, tablets and smartphones leak electromagnetic radiation, from which it is possible to find out the original transmitted data with the right hardware and, for example, steal the entered username and password.
Openings in the premises' structures (windows, doors, air conditioning) are protected to prevent radiation from escaping. In addition, equipment handling confidential data is located so as to minimize the risk of leakage due to electromagnetic leakage.