Security containers and cabinets

Choose the right containers and cabinets to keep information and assets secure.

You must secure official information, valuable physical assets, and money in containers that are appropriate to their Business Impact Level (BIL).

Evaluate your security needs first

When you’re selecting security containers and cabinets, evaluate the potential risks to the information or assets they will hold. Risks such as theft, damage, or unauthorised access.

Factors that will affect the class of security container you need include:

• the level of protective marking on information or assets
• the BIL
• the location of the information or physical assets within a facility (refer to Zone requirements)
• the structure and location of your building
• your access control systems
• other physical protection systems you use (for example: locks, alarms, and outer zone security).

More guidance on choosing secure containers

• Table - Selecting security containers or rooms for storing official information
• NZSIS guidelines on equipment selection

Carefully consider where to put containers 

Whenever possible, avoid placing security containers against security zone perimeters with lower levels of protection. Doing so could allow an intruder to bypass the additional security features of the more secure zone.

Protect in line with the highest BIL

Ensure valuable physical assets that contain official information, such as computers and other ICT equipment, are protected from whichever has the higher BIL:

• the compromise of aggregated information in the physical asset
• the loss of the physical asset itself.

When possible, store protectively-marked information separately from other physical assets. This separation will:

• lower the likelihood of information being compromised if physical assets are stolen
• help investigators determine the reason for any incidents involving unauthorised access.

More information:

• Table - Selecting security containers or rooms for storing official information

Using NZSIS-approved containers

NZSIS-approved security containers are designed for storing protectively-marked information. Use an approved container when the level of protectively-marked material requires it.

NZSIS-approved security containers provide:

• a high level of tamper evidence from a covert attack
• a significant delay in the event of a clandestine attack
• limited protection from a forcible attack.

More information:

• Using NZSIS-approved products

Container classes

NZSIS-approved containers come in three classes according to the level of protection they give.

Class A containers

These containers are designed to protect information with a BIL of extreme or catastrophic in high-risk situations.

Class A containers are extremely heavy and may not be suitable for use in buildings with limited floor loadings.

Class B containers

These containers are designed to protect information with a BIL of:

• extreme or catastrophic in low-risk situations
• high or very high in higher risk situations.

Class B containers are broadly of two types:

• heavy types suitable for use where there are minimal other physical controls
• lighter models designed for use along with other physical security measures. 

Consider where you will position Class A and B containers, as weight may be an issue, particularly in older buildings.

Class C containers

These containers are designed to protect information with a BIL:

• up to extreme BIL in low-risk situations and information
• of medium in higher risk situations. 

These containers must be fitted with an NZSIS-approved restricted keyed lock or padlock.

When you don’t need an NZSIS-approved container

Your organisation should, where your risk assessments indicate, use lockable commercial containers for:

• information with a low-to-medium business impact
• higher level information within an NZSIS-approved secure room.
   

Page last modified: 26/10/2018