Security Assessments


The first step in determining what tools your organization needs to protect its assets is to perform a security survey.  There are many types of surveys, from a short “walk through” of your facility that may take an hour to an extended in-depth assessment that could take weeks to perform.  A consultation by an experienced professional, along with any restrictions you may have (funding, manpower constraints, project deadline, etc…) will allow you to determine what is best for your organization. 

 

Understand that the performance of the security survey itself is a deterrent to criminal activity.  When performed, the survey sends a clear message to employees, management, shareholders and anyone else who is aware of the survey that your organization cares about its protection and is willing to expend resources to protect its assets. 

 

Secure Strategies has performed hundreds of security surveys across New England. Our satisfied clients include small, medium and large corporations as well as government agencies and infrastructure locations such as water treatment plants, wastewater plants and power plants.  Allow us to assist you with your security needs.

The Benefits of a security survey include:

  • Providing a road map to align your security objectives with a well thought out plan

  • Reducing your vulnerabilities to numerous criminal activity

  • Increasing awareness of security by all staff members, and allowing them to become part of the solution, not a roadblock

  •  Assuring that the dollars you spend on future security needs is in line with your new security plan and not a haphazard expenditure

  • Determining if your current security program (if you have one) addresses your needs

  •  Allowing you to state in a court of law that you took responsibility to protect your employees, visitors, products and other assets should a liability issue arise

A security survey should not be a single, one-time only event.  

Criminals and terrorists get smarter to foil countermeasures that are put in place.  They perform many activities that established companies perform in order to steal your valuables: they plan for contingencies, they think about resources to be used, they inspect their target, and they learn from their mistakes.

 

To foil criminals and terrorists, we must constantly improve our methods and stay one step ahead of their thought process.  An annual security survey will allow you to take advantage of the latest in hardware and software technology, and will allow you to learn the newest techniques to foil the bad guys!

Why perform a Security Survey?

  • In today’s world of elevated stress and a heightened apprehension of terrorism, a survey will address these concerns and put in place countermeasures to reduce your risk

  • You may have a change in your business such as a new building, modifications to your facility, a change in your labor force, an impending layoff or strike, or a merger or acquisition

  • There may be a government or industry-specific requirement (such as the chemical industry or water treatment plant industry) that a survey is compulsory

  • You may realize that your employees are actually increasing the risk to your facility or product by their unsafe activities (propping doors open for a cigarette break, allowing unauthorized visitors into a secure area, etc…)

  • A security incident has already occurred, and you wish to prevent another occurrence

Who should perform the Security Survey?

There are two schools of thought on this topic: the survey can be performed by in-house security personnel, or by external consultants.  The vast majority of the security profession agrees that to receive the most effective and superior survey, an external party should conduct the security survey.  Here are some pros and cons:

  • Internal resources – available 24/7 and knowledgeable about the facility

  • Internal resources – they have to live with the recommendations, so they may have more stake in the results

  • Internal resources – usually costs less than an outside consultant

  • Outside resources – Almost always have more experience conducting vulnerability assessments

  • Outside resources – The results of the survey are almost always accepted at a higher level of the corporate structure

  • Outside resources – The survey results are more likely to generated additional funding for security in the organization

  • Outside resources – There is a neutral set of eyes that has not been desensitized to the vulnerabilities of the facility.  This is the most important reason to perform a security survey with external resources. Time and time again, we have seen that company employees bypass obvious security vulnerabilities because they have become oblivious to the issue; they pass by the same unlocked door day after day, year after year, until they do not see it as a vulnerability waiting to be exploited by a criminal. 

What are the steps to a security survey?

Although there are many ways to perform a security survey, there are some basic functions that must be performed to ensure a proper assessment:

  • An analysis of the facility - A basic overview of the location is necessary to understand its mission, scope of activities, workforce makeup and culture.  It's also imperative to find out the physical layout, the rate of visitors or subcontractors that visit the site, any history of incidents, the area crime rate and the composition of the neighboring community.

  • Determine what the critical assets are - This is important to understand the targets that any criminal may be seeking to acquire.  These could include company assets such as computers, customer lists, cash on site, research and development documentation, new or existing products, data, people or a number of other items.  Once the assets are identified, it is important to rate them for criticality, meaning how important they are to the operation of the facility.  It is less important to protect an asset that is not vital to the operation or survivability of the company than one that is.

  • Determine the threats that may place the facility in danger - These threats may take many forms, and could include some that you are not even aware of.  They include external risks from burglars, terrorists, animal rights or environmental extremists, angry neighbors, vandals and transients, as well as internal risks from disgruntled employees, cleaning crews, fired or laid off workers, domestic violence issues that spill over from personal situations, and subcontractors that have access to the building, to name a few. 

  • Identify the existing countermeasures - It is important to review what existing defenses you have in place to protect your assets.  They may be adequate, or they may need strengthening to increase your security condition.  Countermeasures may include fences, gates, padlocks, locked doors, paper shredders, proper policies and procedures, trained employees, access control systems, burglar alarms, CCTV cameras, parking lot lighting and others. 

  • Identify the security variance - At this point it is possible to identify the gap between what assets are protected with existing security countermeasures vs. what assets are vulnerable. 

  • Develop countermeasure recommendations - At this point on the security survey a qualified professional can develop recommendations to counteract each threat that may pose a risk to the organization's assets.  The recommendations are varied, and could include a number of low cost, high cost or free solutions, including employee training, fences, security officers, locked departmental doors, a badge program for visitors, locked safes and desks, a receptionist at the front door or other solutions.

Whatever the recommendation, it should be in harmony with the atmosphere, culture and organizational goals of the company. A major reason that security plans fail is due to the diverging goals of the security plan and the company's business or cultural environment.  If the security plan calls for a major change in the way employees access the building, as an example, don't make them change everything on the first day; educate them, train them, make them see the purpose for the change. Once the security plan goals are in harmony with the business and cultural environment, results will be realized.

 

Copyright 2006 ©Secure Strategies