5 common security risks and how to solve them

advertisement
5 common security risks and how to solve them
Most facilities executives approach employee
safety and security by ensuring that a good
physical security infrastructure is in place
including access control and video surveillance
systems. They may also hire security guards
to patrol their facilities, respond to alarms, act
on automated alerts when access systems are
breached, and manage the security systems.
With all of this in place, it’s easy to leap to
the mistaken belief that your physical security
needs are adequately covered. In reality, there
are additional steps to be taken that don’t
require additional infrastructure or resources.
These include strong policies and procedures,
holistically integrated systems, and properly
trained professionals who understand your
business, can make sense of the systems and
data, and support the feet on the ground
during an incident.
Here are a sample of the many security risks
that companies commonly encounter, and the
most cost efficient ways to mitigate those risks:
1. Your investments in physical security
systems are not properly managed and
monitored.
Putting surveillance cameras and access control systems in place are
logical steps in setting up a physical security system. However, such
systems quickly become dysfunctional if they are not professionally
configured, maintained and monitored, rendering the investment
useless. To wit, discovering a surveillance camera is malfunctioning
after critical laptops have gone missing. It usually takes such a security
breach for companies to realize their security system does not live up to
expectations.
So, how do you ensure your security systems are protecting you against
future risks? It’s crucial you know what you have in place works before
adding more to your systems, and then making sure those existing
systems are monitored and supported properly so that system or
component failures are corrected quickly. This should all be done
through a central security operations center. Such a 24/7 security
operations center would be staffed by highly qualified professionals
who can understand signs of trouble, know how to interpret the data,
and respond accordingly.
2.
Your physical security systems are not
kept up to date.
EEven with good security equipment in place, there must be an
ongoing process to manage and monitor your physical security systems.
In many cases, companies that have had security systems in place for
a period of time inadvertently ignore or fail to regularly attend to keeping those systems updated and regularly monitored. What
happens when contractor badges are not controlled or managed? How do you know when equipment is malfunctioning, making it
impossible to either detect risks or perform after-the-fact forensics?
When your systems are not integrated and kept up to date, you can experience an increasing number of false alerts that may drown
out important signals, causing your security team to miss a critical situation. You can ensure that all your systems are operating at
peak effectiveness by outsourcing systems management to professionals that continually monitor, triage, and correct “false” alarms
while enabling accurate detection and action against real events.
3.
Your security operations personnel are overwhelmed by a flood of security
signals, making it difficult to identify and quickly respond to real incidents.
On any given day, there can be thousands of alarms, alerts, phone calls, or emails that come into your security operations
center. Companies often spend security budgets on expensive equipment, but may then hire inadequately trained guards or
rely on IT to monitor the massive amounts of data coming in.
Rather than rely on outsourced guards who periodically scan surveillance feeds on computer monitors when not circling
the grounds, companies need properly trained security operations professionals to monitor events from card readers,
environmental sensors, system alarms, and emergency response systems. These professionals are the ones who should
dispatch guards when merited, manage users, provide security device triage, and maintain security devices. Such professionals
should be trained in all facets of security management, and they should have the expertise to manage and respond to security
events quickly and calmly.
4.
Your security policies and procedures are not in place, out of date, or
improperly implemented.
Many companies have security policies and procedures in place at headquarter facilities, but may not have such policies in place
across branch offices and locations. With different security people in place at different locations, many potential risks can go
unattended and properly coordinated responses can become ad hoc. For companies with global reach, the absence of localized
policies and procedures further amplifies your physical security risks.
Having documented policies and procedures is an important step in efforts to safeguard your people, assets, and brand, but when
were they last reviewed? How many of your security team members actually know them and follow them? It’s essential to get all
security personnel on the same page about security, because your policies and procedures are only as good as the people who
follow them.
Best practice policies and procedures should integrate technology, operations, and people to ensure that you see and act on verified
alerts swiftly and effectively while eliminating errors and inaction. Outsourced security professionals can bring best practices
learned from their experiences with other firms to you. These professionals will work with you to regularly review and update
your policies and procedures across facilities. Security professionals will also have the discipline to ensure that your policies are
consistently followed.
5.
You are not thinking holistically about your security operations.
It’s easy to view physical security as something “nice to do” or a box to be checked off among many day-to-day security tasks. While
many companies are sensitized to cyber-security risks from hackers, they may be less rigorous about physical security risks. But
physical security is all about protecting your people, your brand reputation, your assets, and your intellectual property…the lifeblood
of your business.
All physical security systems should be integrated and working together. Disparate systems inherited from company acquisitions
or the addition of new facilities demand to be integrated. Systems in place for awhile must be continuously managed to ensure that
breakdowns do not go unnoticed until something seriously goes wrong.
Outsourcing your physical security operations center and the professionals needed to manage them can be done for what most
companies are paying today for undertrained guards tasked with these responsibilities.
Contact Northland Controls today to schedule your free security audit at
(510) 403-7645 or gmorgante@northlandcontrols.com.
T: +1.510.403.7645
•
44150 S. GRIMMER BOULEVARD
|
FREMONT, CALIFORNIA 94538
|
USA
•
WWW.NORTHLANDCONTROLS.COM
Download