The security week that was: 06/10/11 (7 corporate security lessons)

Seven Corporate Security Lessons

Earlier this week, I had the fortunate opportunity to enjoy a behind-the-scenes tour at some significant corporate establishments in the southern United States. I wanted to take the opportunity in this Friday's weekly recap column to share with you some of the key lessons that I felt could be seen in place at these facilities. I'm going to leave the names out of this, because while I was certainly in prominent facilities, the lessons that I'm trying to elucidate are applicable to any corporate security role.

Lesson number 1: No matter how amazing your buildings may appear to an architect, they probably don't seem that amazing to the skilled security professional. Let's face it, architects aren't thinking about your needs when they start to envision glass towers or complex atriums or disjointed elevator stacks. They're thinking about marble and the wow factor, not worrying about the boom factor. One facility manager told me recently: "I used to think this was the most amazing building and thought how cool it would be to work there – that is, until I actually got a job here and had to secure this place."

Lesson number 2: Video gets all the hype, but it's the ingress/egress/access system that does the heavy lifting. Sure, you go into any major building and somewhere in the basement you will find a bank of video monitors. But quietly ticking away are access control readers, turnstiles, and retractable bollards. This stuff may not have the wow factor of HDTV or 5 megapixels of 100x zoom video surveillance so that you can see the sweat bead on the head of a mosquito, but access/ingress controls are what most of your constituents (the employees or customers) interact with everyday.

Lesson number 3: You don't have to have the newest stuff, although it certainly is nice. I was in a security control room, and on the wall was a bank of older Pelco monitors to watch a bunch of older Pelco cameras. I can tell you right now that some of this stuff was from the 1990s, and probably some of it was from the early 1990s. Yes, the security supervisor was jealous of equipment systems that some of his colleagues at other buildings had put in place, but he recognized something. He knew that if he maintained that existing video system and used it properly, he would receive value from it, all without having to invest capital during tough economic times for his firm. Where the system had been upgraded, it had been upgraded very selectively.

Lesson number 4: Biometrics isn't tomorrow's technology. You would have been surprised how often I found biometric technology being used as part of the access control and identity management program. I think there is a perception in our industry that the stuff doesn't work or that it doesn't work well enough. Now admittedly, I was looking at only a couple different solutions put in place, but I was looking at a fairly high through-put set of doors, and I can tell you right now, it was working.

Lesson number 5: Video analytics is gaining acceptance. I was standing at a rack of monitors and noticed a video analytics algorithm running. I started asking the video supervisor at this console about the analytics, and here, in short, is his attitude about the analytics system. First, he thought it worked pretty well. Second, he thought it was sufficiently easy to use for his monitoring staff. Third, he said the false alerts are more than balanced out by the ability of the system to detect the actual occurrences it was designed to spot.

Lesson number 6: Watch your back doors, and by that I mean you really need to watch your loading docks and visiting contractors. In all of the facilities I visited, one of the common attitudes I heard from talented security managers is that if they could do away with loading docks at their facilities, they would do away with 80 percent of their work. It was dealing with those deliveries, especially the unscheduled ones, that put them at risk, and loading docks by nature mean the arrival of massive vehicles. Ever since the bombing attempt on the the north tower of the World Trade Center in 1993 and then the attack on the Oklahoma City federal building in 1995, vehicle access points have been under heavy scrutiny. The motto of security is that we can't hinder business, but at the same time, we have to protect business. Loading docks put that interplay into full effect: On one hand, you have no interest in that unknown truck arriving at your street level, and at the same time, you know that if it's a legitimate delivery, you need to facilitate its access to your constituents. Ah, what fun…

Lesson number 7: Outsourcing of your security staff can be a huge plus. I know there are two camps of you, my readers. There are those who think every security staffer should be a direct corporate employee, so that their allegiance is first and foremost to your firm. Then there are those of you who see the economic and training benefits of outsourcing officers. I saw a couple sites that were using a prominent security guard service firm, and I was blown away by the quality and skill this outsourced firm had provided. The military and corrections backgrounds were impressive; the officers' knowledge was thorough; the outward appearance of their officers was impeccable. The outsourced provider had also managed to match each applicants skill set with the specific duty at the employer. I honestly don't know that the corporation could have done half as well if they had tried to do it in-house. They had turned it over to a specialist who really knew what they were doing.

The plug for ESX
It's a great show! Plan for it in 2012!

OK, that's enough of the lessons from this week's tours. I want to mention also that I swung by the 2011 Electronic Security Expo this week and was impressed by the show. This is one of those tradeshows where you will not be stunned by the size of the expo hall or the number of attendees. Yes, business was being done on the floor, but the amazing part of this show was the quality of interactions and the networking. Make it a point to visit this show in 2012 when it's back in Nashville and being hosted by the Tennessee Burglar & Fire Alarm Association (an ESA state chapter).

In other news
Comcast expands security offering, bank crime on the decline, more

Cable television firm Comcast announced this week that it will be offering its Xfinity Home Security service in additional U.S. markets including several large cities such as Philadelphia, Portland, Jacksonville, and Nashville. The company launched the service last year in Houston. ... Bank robberies were down slightly during the first quarter of 2011 in comparison to the same time period in 2010, according to bank crime statistics released by the FBI. ... ADT has officially opened its new North American headquarters in Boca Raton, Fla. The new 117,000-square-foot facility, which consists of a three-building campus, will also be the home of ADT Latin America, SimplexGrinnell and some Tyco corporate employees. ... The Security Industry Association announced that it has officially begun the search for its next CEO and is asking candidates to submit their resumes via e-mail. ... Citigroup became the latest victim in a recent string of cyber attacks against corporate networks as the company announced this week that hackers were recently able to gain access to the account information of about one percent of its customers.