|
A security device is a good investment, but it can do only so much. We offer excellent security devices, and we want you to get the most from your purchase. The following tips will help. We sell some security devices to consumers, so first some tips for those customers. Then some tips for our corporate customers.
Home security. You may have heard the expression, "When seconds count, the cops are only minutes away." Cameras and other detection devices are great, but what's the execution plan? Don't think "detect and report," think "detect and protect." The most effective home protection device is a shotgun. Typically, it doesn't need to be fired to have the desired effect. But this isn't the only protection measure. You can also have an escape and assembly plan, a safe room, or some other measure. Yes, install those detection devices. But don't think that simply knowing your perimeter is breached makes you safe.
Corporate customers. Your situation is similar to that of the consumer, except there are more people involved and the property values are significantly greater. Also, consumers tend to be home at night and corporate customers are on the other shift so to speak. Corporate security specialists must also protect information, not just property or people. Not only do you need a perimeter breach detection system, but you need a high level of employee education on a wide range of security subjects. And this is where most corporate security bites the dust.
For example, consider usernames and passwords. Most employees think it's OK to give out one as long as you don't give out both. But there's a reason why you have both. And if you give out one, the other is probably easy to guess. Yes, you need to use technology wherever practical to counter theft and espionage, and to protect people from physical dangers. Don't stop there.
Put together a presentation on each security aspect (e.g., passswords would be one aspect; keycards another; suspicious persons another) and meet with all employees in a series of meetings consisting of small groups. The small group approach helps ensure people are fully participating. Absolutely do not use PowerPoint, which tends to render any attempt at actual communication a failed example of PowerPointlessness. Keep the meetings to about 10 minutes or less, so that people completely focus. Sure, this is not the typical meeting methodology, but then the typical meeting is a complete waste of time. Make your time count and get your message across.
Successful security planning. Fads come and go. We see it all the time. Manager who try launching a new program, often get that respons from employees. Anyone remember "Vision 2000?" The problem is that people see the plan as the end rather than a means to an end. So they polish the plan and forget why they are planning in the first place.
When plans roll out, they often seem absurd to the rank and file. And why is that? Because they are absurd! That is often true of security plans. These plans suffer from several different maladies. Sometimes all at once. These include the following.
- Overplanning. Never get started, because the plan isn't done.
- Underplanning. Going full bore, without a roadmap.
- Changing directions, midstream. This really confuses people. It happens because planners are still learning.
- Complexity. A simple plan, after all that work, seems like a letdown. The solution? Make things complicated. Add stuff that doesn't make sense. The more complex, the better, right? Wrong. Greater complexity just means more ways it can fail. Aim for simplicity.
- Covers too much. Can't leave anything to chance, right? Wrong. The more you try to cover, the more you dilute your resources. Focus on that which is most dangerous or costly. Let some things go, so you can do the job right on what matters.
- Apes someone else's plan. Just because it worked for someone else doesn't mean it will work for you. The idea of best practices is not copy and paste.
- It's top down. Your plan will fail if it assumes your people are the problem. Make them part of the solution. Form an advisory board that includes people from different parts of the company. You get insight from many angles, that way. And you have advocates for your plan at all levels, that way.
Avoid the problems listed above. Also, we suggest working your plan out in stages. Get started by addressing the most obvious or dangerous problems. For example, it doesn't cost much to purchase a hidden camera detector and plug that kind of leak. Ditto for bugs.
Rather than roll out some big plan, roll out a series of smaller ones. Make them modules for a larger plan. Module 1 might be bug detection. Buy a bug detector, and learn how to use it. Learn what to do about bugs. Fully develop that plan as you work through the module. Then you can apply the lessons you learned to the next module. Whatever that happens to be.
Once you've picked the low-hanging fruit, you can assess the need for calling in a security consultant. This person can evaluate your existing modules and suggest improvements. He or she can also suggest what module to develop next. And how best to go about it.
This approach allows you to get the highest return on your effort. And the fastest results. And good compliance.
|
