5 common security risks and how to solve them Most facilities executives approach employee safety and security by ensuring that a good physical security infrastructure is in place including access control and video surveillance systems. They may also hire security guards to patrol their facilities, respond to alarms, act on automated alerts when access systems are breached, and manage the security systems. With all of this in place, it’s easy to leap to the mistaken belief that your physical security needs are adequately covered. In reality, there are additional steps to be taken that don’t require additional infrastructure or resources. These include strong policies and procedures, holistically integrated systems, and properly trained professionals who understand your business, can make sense of the systems and data, and support the feet on the ground during an incident. Here are a sample of the many security risks that companies commonly encounter, and the most cost efficient ways to mitigate those risks: 1. Your investments in physical security systems are not properly managed and monitored. Putting surveillance cameras and access control systems in place are logical steps in setting up a physical security system. However, such systems quickly become dysfunctional if they are not professionally configured, maintained and monitored, rendering the investment useless. To wit, discovering a surveillance camera is malfunctioning after critical laptops have gone missing. It usually takes such a security breach for companies to realize their security system does not live up to expectations. So, how do you ensure your security systems are protecting you against future risks? It’s crucial you know what you have in place works before adding more to your systems, and then making sure those existing systems are monitored and supported properly so that system or component failures are corrected quickly. This should all be done through a central security operations center. Such a 24/7 security operations center would be staffed by highly qualified professionals who can understand signs of trouble, know how to interpret the data, and respond accordingly. 2. Your physical security systems are not kept up to date. EEven with good security equipment in place, there must be an ongoing process to manage and monitor your physical security systems. In many cases, companies that have had security systems in place for a period of time inadvertently ignore or fail to regularly attend to keeping those systems updated and regularly monitored. What happens when contractor badges are not controlled or managed? How do you know when equipment is malfunctioning, making it impossible to either detect risks or perform after-the-fact forensics? When your systems are not integrated and kept up to date, you can experience an increasing number of false alerts that may drown out important signals, causing your security team to miss a critical situation. You can ensure that all your systems are operating at peak effectiveness by outsourcing systems management to professionals that continually monitor, triage, and correct “false” alarms while enabling accurate detection and action against real events. 3. Your security operations personnel are overwhelmed by a flood of security signals, making it difficult to identify and quickly respond to real incidents. On any given day, there can be thousands of alarms, alerts, phone calls, or emails that come into your security operations center. Companies often spend security budgets on expensive equipment, but may then hire inadequately trained guards or rely on IT to monitor the massive amounts of data coming in. Rather than rely on outsourced guards who periodically scan surveillance feeds on computer monitors when not circling the grounds, companies need properly trained security operations professionals to monitor events from card readers, environmental sensors, system alarms, and emergency response systems. These professionals are the ones who should dispatch guards when merited, manage users, provide security device triage, and maintain security devices. Such professionals should be trained in all facets of security management, and they should have the expertise to manage and respond to security events quickly and calmly. 4. Your security policies and procedures are not in place, out of date, or improperly implemented. Many companies have security policies and procedures in place at headquarter facilities, but may not have such policies in place across branch offices and locations. With different security people in place at different locations, many potential risks can go unattended and properly coordinated responses can become ad hoc. For companies with global reach, the absence of localized policies and procedures further amplifies your physical security risks. Having documented policies and procedures is an important step in efforts to safeguard your people, assets, and brand, but when were they last reviewed? How many of your security team members actually know them and follow them? It’s essential to get all security personnel on the same page about security, because your policies and procedures are only as good as the people who follow them. Best practice policies and procedures should integrate technology, operations, and people to ensure that you see and act on verified alerts swiftly and effectively while eliminating errors and inaction. Outsourced security professionals can bring best practices learned from their experiences with other firms to you. These professionals will work with you to regularly review and update your policies and procedures across facilities. Security professionals will also have the discipline to ensure that your policies are consistently followed. 5. You are not thinking holistically about your security operations. It’s easy to view physical security as something “nice to do” or a box to be checked off among many day-to-day security tasks. While many companies are sensitized to cyber-security risks from hackers, they may be less rigorous about physical security risks. But physical security is all about protecting your people, your brand reputation, your assets, and your intellectual property…the lifeblood of your business. All physical security systems should be integrated and working together. Disparate systems inherited from company acquisitions or the addition of new facilities demand to be integrated. Systems in place for awhile must be continuously managed to ensure that breakdowns do not go unnoticed until something seriously goes wrong. Outsourcing your physical security operations center and the professionals needed to manage them can be done for what most companies are paying today for undertrained guards tasked with these responsibilities. Contact Northland Controls today to schedule your free security audit at (510) 403-7645 or gmorgante@northlandcontrols.com. T: +1.510.403.7645 • 44150 S. GRIMMER BOULEVARD | FREMONT, CALIFORNIA 94538 | USA • WWW.NORTHLANDCONTROLS.COM