Security Articles/Blogs From Our Members

We welcome comments to any of our blog entries by any visitor to the website.

Posts in Information Security

If you believe your organization needs a qualified Security Manager, but your budget cannot support another salary, consider this alternative. Security Management Services International, Inc. (SMSI Inc.) is offering security management support services as an exclusive and unique service primarily to those clients who have availed themselves of a SMSI Inc. Security Assessment. SMSI fully understands that many enterprises cannot cost justify the hiring of a fulltime, qualified, security manager. Nevertheless this fact does not mean that most business enterprises do not need the expertise of a qualified security manager. Most enterprises need security expertise throughout the course of the year, but albeit, not on a daily bases. The validity assumption is supported by our extensive security litigation experience. The potential for liability claims against an organization that does not have security management expertise managing their security programs is greater than those organizations that maintain full time security management presence.

Alternatively, we will also offer this service to clients who have not contracted for a SMSI Security Review and Assessment. For those clients who wish to participate in our Security Management Support Program (SMSP) for at least one year, Security Management Services International, Inc. will perform an initial assessment at a 20% discounted fee.

Effective security programs must have two pervasive missions: the protection of property and the protection of people. The degree that any enterprise has a responsibility to protect property or people from a liability perspective varies from one industry to another. For example, those companies that provide third party warehousing in support of supply chain operations, bare responsibility when product go missing. The same logic applies to freight companies such as rail and trucking operations Businesses the serve the public such as shopping malls, parking structures, hospitals, daycare centers, hotels and schools (public & private) are all expected to maintain dynamic security operations.

Anecdotally, the odds of being sued for an inadequate security program are much higher for schools and those business enterprises such as hospitals, malls and high-rise buildings when there is an absence of in-house security management. However it is understandable that many business enterprises cannot justify the $100k to $200K+ salary that a well-qualified in-house security manger would demand. Our SMSP offers an effective alternative. The SMSI Inc. Security Management Support Program will protect your interests when dealing with those who provide security products and service such as contract security services. Additionally, our SMSP will continually monitor those security vendors by ensuring they live up to their commitments.

Many enterprises may not need a security manager on a daily basis, but a security professional will be needed several times throughout the year. Remember security is a situational discipline, meaning one size does not fit all. Additionally, security is a proactive discipline aimed at deterrence and prevention. This means that security programs are not amenable to universal solutions. Security programs must be promulgated on the basis of need, and that need may not be static. This means that security programs must be nimble by constantly adjusting to emerging changes in the threat environment. It is especially important that security programs achieve a reasonable standard of care for environments such as schools and healthcare facilities because of vulnerability exposure of the clients being served, patients and children. Adverse security events in schools and medical facilities are likely to be played on the six o’clock news nationwide.

SMSI, through its Security Management Support Program (SMSP) program is able to fill this void. This program will be customized to meet the needs of each client we serve. In many cases, a comprehensive security assessment may be required prior to the provision of Security Management Support services. If a security assessment is deemed advisable, SMSI Inc. will perform these services at a preferred rate for those clients who commit to a SMSP Contract.

If your organization presently has and in-house security manager who is light on experience, the SMSP will support that manager until such time he/she can function independently.

Security Management Support Services may include, but are not limited to:

• Security vendor selection & oversight
• Security design and project management
• Security Incident tracking and trend analysis (Remote monitoring & analysis)
• Professional guidance in the selection and application of security systems
  • Access management systems
  • Video surveillance systems
  • Lighting
  • The application of CPTED (Crime Prevention Through Environmental Design)
    • Lighting
    • Natural barrier usage
    • Signage
    • Landscape application
    • Housekeeping & Maintenance
    • Graffiti eradication programs
• Visitor control
• Management of Aggressive Behavior (MOAB®) training.
• Hiring and background checking protocols
• Asset protection programs
  • Inventory control audits
• Student, patient, guest & employee safety programs
• Crimecast data & reports
  • UCR Reports
• Staff crime prevention strategies
• Police liaison services
  • Community relations/crime prevention officer involvement
• Employment Bullying Mitigation
• Sexual deviancy awareness
• Overnight Building security
  • Alarm system design and supervision
  • Security lighting
  • Locking systems
  • Surveillance system
• Neighborhood Watch
• Gang sensitivity awareness
  • Graffiti awareness
• Workplace Drug detection and prevention
• Staff security awareness training
• Year round security awareness program
• In-persons visits to be determined on a need basis by SMSI security professionals
• Unrestricted Remote Management Support
  • Problem solving
  • Crisis management support
• Neighborhood outreach

Terms & Conditions

1. Four visits per year included in annual contract (Extra visits on per diem basis)
2. Reimbursement for reasonable and documented expenses
3. Unlimited remote support
4. Minimum of one year contract
   1. Initial retainer
   2. Monthly billing of balance
   3. Flat rate billing for visits in excess of four

All SMSI Inc. personnel will be Board Certified Protection Professionals and/or will be former law enforcement veterans. These professionals may also be Spanish bilingual. Remember, the cost of reaction is always three to four times the cost of mitigation.

For information, contact Bill Nesbitt, CPP: bill@smsiinc.com or call 805-499-3800.

I recently took the occasion to peruse some security assessments we did some 25 years ago for a number of varied and diverse clients. I was struck how far we have come, in so many ways, over that passage of time. I thought it might be useful to focus on four factors that have had a profound impact on how we all do our job, assessing the efficacy of our security programs today as compared to 25 years ago.

First, no matter what segment of the security industry you are in, the 9/11/01 attack on the World Trade center in New York in the wake of the attack on the Alfred P. Murrah Federal Building by Timothy McVeigh, April 19th, 1995 has impacted every aspect of the of our industry worldwide. It has redefined physical security, established new reasonable standards of care and spawned and further legitimized emerging disciplines such as CPTED (Crime Prevention Through Environmental Design). These events have sharpened the anticipatory aspects of our professional focus. Proactive mitigation is now more critical than ever.  We can no longer afford to wait for a breach to happen and then act.

Second, but not unrelated to the first, is the exponential advancement of technology. Technological advances are moving with wrap speed and those security professionals who do not keep pace will lose their professional edge. Just look at the changes in the use of video and systems integration. Concepts such as "virtual patrol” were nonexistent just a few years ago. The application of computer technology and electronic system has made security systems more responsive, and much more cost effective. In many cases, it has reduced the level of the manpower requirement, while at the same time making remaining security personnel much more effective.

Third, security professionals are now required to become intimately conversant with the views, values and goals of those who occupy the C-Suite. They must understand the persona of the corporations they serve (both for profit & not for profit). Their decisions and recommendations must be driven by ROI and should endeavor to have a five year shelf life. In many cases, security managers need much more business acumen today than was required 25 years ago. The ASIS International Security Management course in conjunction with the Wharton School at the University of Pennsylvania is one program that enables security managers to meet these kinds of objectives, and a program I wholeheartedly recommend.

Fourth, but not least, is the rise of security derived litigation, mostly in the United States. Security lawsuits are filed against businesses for what they do and for what they don’t do. When suits are filed for intentional torts, they may include assertion of false arrest, excessive use of force, false imprisonment and/or invasion of privacy. When businesses are sued for an omission, they often include the assertion of inadequate security. The majority of both of these categories of litigation, more likely than not, affect enterprises that affords public access (Hospitals, Shopping Malls, Apartment Complexes, HOAs, the Lodging Industry, Entertainment Venues, etc.). Although most of the aforementioned examples are largely personal injury cases, we are seeing number of similar lawsuits resulting from property losses against trucking companies, supply chain facilities, etc. More and more, security managers are finding they need to be conversant with litigation trends within their respective industries, and within their respective geographies.

The challenge is to stay current. We can never stop learning. When must never rest on past laurels. We must continually seek divergent sources of information. It is incumbent on each of us to determine the legitimacy of the information we acquire. Finally, we must continue to talk with one another.

William H. Nesbitt, CPP
President
Security Management Services International, Inc.

There are a number of security consultants listed on this Website. Most of the security consultants that are members of Security Source Online are competent, well experienced and maintain a high degree of integrity. They bring a wide range of expertise to the clients they serve whether on the factory floor, a hospital, shopping center or in the courtroom.

The value of Security Consultants is that they are able to bring an objective point of view to the clients they serve. In order for them to bring objectivity to the table, security consultants should be independent professionals without ties to the vendor side of the industry. For those of you outside the security consulting world, you may be surprised to know there is a good deal of friendship and mutual respect among these professionals. You will find that most have several years of multifaceted experience prior to hanging out their shingle. Most security consultants hold the CPP designation, along with other certifications.

What benefits are derived through the use of Security Consultants?

As mentioned, the first benefit is objectivity. Many of the organizations we work with have experienced security professionals running their security programs, yet they avail themselves. One may question why an experienced security manager would go outside and hire a consultant. In almost all cases, the reason given is they are seeking a fresh objective perspective. Because experienced security consultants have worked for a variety of diverse clientele, they have a wide range of experience to call upon. They understand many vertical industries and they understand the need to ensure that each security programs is responsive to the situational environment at hand. This objectivity is also useful in helping clients choosing security vendors. Not all vendors are created equally and some vendors who may be strong in Peoria may not be so strong in Sacramento.

Because of their breadth of experience, security consultants have a good understanding what works and what doesn’t work. Their perspective is also buttressed by the fact they frequently communicate with one-another. This knowledge helps ensure to that scarce resources produce will optimal ROI for the clients they serve. They understand that most security programs most meet the corporate goal of management. Security consultants understand the need to ensure that each security program fits within the framework of the organization as determined by the C-Suite.

Finally, our role as security consultants is a positive one. The best security consultants do not come into an organization with the preconceived notion to find fault and with the intent to rebuild the security program in their own image. Rather our role is to come into an organization to discover what is right and what is working, and then determine how to make it better. This concept is generally referred to as positive consulting as opposed to coming to a project with the predisposition to find fault.

As we said at the onset, there are numerous security consultants here at Security Source Online. Most security consultants are driven, to one degree or another, by a certain sense of altruism. If you doubt this, contact some of the consultants on this website. You will find them forthcoming and willing to have a discussion on a wide range of concerns you may have. You will also find that of you raise an issue outside the realm of their expertise; they will refer you to one or more of their colleagues.

Security consultants provide comprehensive security assessment, provide security management support, develop security system RFPs, provide security designs as well as project management support. Many security consultants are active in the forensic area as court qualified expert witnesses.

I hope this topic evokes some discussion form our members and other interested parties. I hope we can elicit differing points of views from other consultants and well as the pros and cons from those who have used security consultants. All security professionals strive for excellence and forums like this advance that cause.

Recently, I have had several opportunities to gain business from potential customers that I was not able to close before. Their projects were shelved due to unforeseen budget demands and priority shifts away from security. Sometimes your efforts will appear to go nowhere.

All efforts leads to something though, right? even if you don’t get that job opportunity the first time, you will learn something at least. I should hope so. Business isn’t always about knowing exactly what to do every time. Much of the time, it is about learning what NOT to do. Avoiding huge pitfalls will allow for steady learning and growth. In those efforts that appear worthless, we should be viewing the opportunity to gain knowledge. What sort of knowledge can we learn in the physical security business? Plenty. Lets go over a few examples.

Communication. I have written about this before. The importance of good communication with your potential customer cannot be over-rated. There are plenty of pitfalls to avoid and you can learn many of these by really talking and just as importantly, listening to your customer. One of the big things you should try to establish early on is the customers budgetary range.

It is common for small business customers and non-chain customers to react in two ways. One way is to feel like you will try to soak up that budget by charging the most and providing the cheapest possible equipment and service. The other way is to give a knee-jerk reaction number that is somewhat lower than what they are really willing to pay. Both of these reactions can occur within minutes of each other and either one can deal a hard blow to your sale.

Why? Why would they do that?

Two main reasons come to mind…one- it’s their nature, and two- they don’t trust you enough to give you the truth. The first scenario is a tough one to get past but it is far less common than the second. The second scenario is actually an indicator for you. This is a flag that says loud and clear,” You haven’t spent enough time getting to know me, the customer.”

It is important to recognize this scenario so you can correct for it on that visit and prevent it in future visits. Without a good level of trust, you might never learn the true nature of their project budget. You should take care to introduce your company and yourself in a fashion that lets the customer be at ease. They should see you as a partner in solving their problems, not just another security vendor. Try to get on a familiar ground with the customer without being that dreaded, disliked "sales guy”. After all, you are hoping for repeat business aren’t you… or haven’t you been reading my articles?

OK. On to that budget. Your expenses start on your drive over to the customer site. You need to included all of your efforts in the cost of doing business or your ROI numbers will always be incorrect. I mention this because nobody wants to throw good investment efforts at a dry well. There is such a thing as a bad job. This type of job is the killer of small businesses. It is the type of job taken out of desperation or implied promise of bona-fide paying work in the future. It can typically show up in the form of a simple job, but as the job progresses, the job scope changes and not in the ways that pay but in the ways that don’t. Extra labor for out-of-scope wiring requests or forgotten equipment or job results that are unsatisfactory to the customer. Communication is the name of this game. The budget is the tool that keeps all the ducks in a row. It keeps you from expanding the job too much, and it allows you to make accurate hardware and labor goals for an expected, stated, outcome.

Nobody wants to arrive at a customer site and go through the entire site survey. Learning, observing, talking about capabilities and solutions for an hour or more; then come up with an estimate that might take 1-3 hours to create in software and logistics; only to have the customer get sticker shock and say "Twenty two thousand? I was thinking more like five grand!”

Now you’re really in a jam. They think you might be out to milk them, and you are already 2-4 hours in the hole with your visit and estimate etc. Now you have to decide if they will even entertain a lesser number from you and whats worse, you have an even smaller profit portion from which to recoup your existing time investment.

It could all have been avoided in the beginning. Establish a good rapport with the customer. Get them to understand that you want to help them. Inquire about their budget early. If they balk at the request, let them know that you need a money limit to stay under or you will likely just waste their time, and you don’t want that. If they are an inexperienced buyer, you may need to coax them along. It’s OK to do that. Remember that you are providing a genuine service here, and part of that service is education. Let them know that this is standard procedure for this type of B2B interaction. Some people are uncomfortable with talking about larger amounts of money. No problem. We all start someplace. Take the opportunity to make them feel at ease, and then move in again and get that number. You need it.

The larger or more experienced customers understand all this. They realize it is just part of the language or dance or whatever term you want to use to denote the early portion of an estimate scenario.

Budgets come and budgets go. One minute you are happy to spend 6 hours creating the perfect system installation, and then you hear that bad news…”Our snow removal budget was completely used up and we have to use the security budget for something else now, so…maybe next year.” It happens. But, if you have played it right, they call you up in the spring and say "Hey, we have our new budget and we are ready to go. Can you give us an updated version of the estimate?”

That’s how you know you have done it right! They call you and tell you stuff just like that.

At InSightCCTV, we work smartly to make sure our customers get the best possible outcome. Thank you for reading!

Dave Johansen of InSightCCTV www.insightcctv.com

There is an evolving trend toward a middle ground between having no Security Manager and employing a fulltime Security Manager/Director. Every business or organization either cannot justify a fulltime security management position or they believe they cannot afford the cost of employing a fully qualified Security Manager. Some companies that use contract security services will pay extra for and onsite security supervisor as part of the total package being provided by the contracting guard company. To the extent this site manager is qualified to take on the role beyond that of supervising contract security officers is questionable and may present a conflict of interest. Yet, in the real world, when one inquiries "who is in charge of security?” the onsite supervisor is often named.
 
Stepping into this void is a number of fully qualified and certified security professionals who assume the role of Security Management Support. These professionals operate under contract to oversee and monitor all aspects of the security operations including oversight of guard force operations, physical security vendors and investigative services. They often write and oversee a wide range of RFPs and participate in the vendor selection process. The expertise provided by these professionals is at least equal to that of a fulltime security manager minus the expense of payroll, taxes and fringe benefits. Every enterprise does not require a fulltime security manager, but most enterprises require some security management expertise.
 
What is your opinion on this matter? Does this approach have merit? What are the pitfalls? What are the advantages? Are you familiar with this alternative approach?

Some organizations require a consultant, a security system integrator and/or a video surveillance vendor in addition to many other service providers. Finding the proper assemblage of security providers is a daunting task. It is even more difficult if multiple site locations are involved. This task would be infinitely simplified if these customers were able to turn to a single resource that would be capable of meeting their varied needs. SSO provides that resource.

Security Source Online (SSO) is stepping into this void by providing a single source for a diverse grouping of security professionals, products and services. Security Source Online is the brain-child of William Nesbitt, CPP, a well seasoned Board Certified Security Professional. In addition to Bill, the website’s advisory board members are all Certified Protection Professionals. These individuals are profiled on this website.

This website is also unique in that it offers one year memberships to security providers for a single annual fee. A distinctive aspect of SSO is that the website is also a blog where members only can post informative articles. However, any visitor to the website has the ability to make commentary to any posted blog thereby making SSO interactive.

Security Source Online provides those with security needs direct unfettered access to their vendor of choice. Additionally, SSO members are encouraged to form collaborative relationships with fellow members in order to best serve the collective needs of their clients and to provide clients with a single source for a plethora of security products and services. Over time this website will become the gold standard as a reliable resource for security products and services. Interested parties will be able to find everything from access control system providers and manufacturers to forensic security expert witnesses. This website will become a resource for finding security guard companies, system integrators. IT security specialists as well as forensic security experts.

Security Source is a unique website that is intended to provide a resource for those needing solve security challenges. This site is rapidly becoming an international resource for a wide range of diverse security providers. As our membership grows, visitors to Security Source will be able to have direct access to security integrators, security consultants, forensic security experts, security systems companies and contract security providers. Visitors are able to have direct unfettered access to any of our members. Our members are represented by organizations that have regional, national as well as international capability.

A unique aspect of the Security Source Website is that it is also a Security Topic Blog. SSO members have the exclusive rights to post informative blogs. However, any visitor to the SSO has the ability to comment to any blog. The blog portion of the website is to encourage an open dialogue between those seeking security solutions and our diverse group of security pros. We encourage visitors to SSO to suggest topics for our members to address through the SSO blogosphere. If any visitor to our website is unable to find the expertise they are looking, contact Bill Nesbitt, CPP the Director of Security Source Online (bill@securitysourceonline.com). We will endeavor to refer you to an organization that can meet your needs.

Many of our members have national as well as international name recognition within the security industry. If a visitor is unable to find the security provider they are looking for, there is a very good chance that one of our members can put you in touch with the provider who will fill the bill. You will also find the many of our members are willing to work collaboratively when needs dictate. This is especially true of those security professionals who are members of the Security Source Online Roundtable.

Security Source is the place to find workplace violence prevention experts. SSO also has a growing number of experts who understand mitigation strategies for the protection of information. Other professional are experts at security program assessment and development. Our technical experts are able to help clients maximize the return on investment with limited security budgets. These professional are able to provide security design support and help their client develop RFPs.

If you are a user of security equipment such as access management systems, video surveillance systems or contract security guards, Security Source Members are here to help you meet those needs. If you are unable to find the service provider you need, please contact us and we will refer to the appropriate vendors. If the service provider is not yet represented on our website, try contacting one of our security consultant members for suggestions.

If your business provides security services or security equipment, consider joining the Security Source family of professionals.

Finally, if you wish to see articles posted that deal with specific security challenges, contact us and we will alert the most qualified SSO Member to contribute an article. We also invite you to vote our current poll questions. Come back and visit us again as we continue to grow.

You may also contact our webmaster at: brandi@securitysourceonline.com

www.SecuritySourceOline.com (SSO) is open for business. This marketing/informational site is unique because the site is managed and overseen by seasoned security professionals, not marketeers. Security Source Online provides the vehicle for the marketing of a wide range of security services and products on one hand, and on the other hand a source for practical information aimed at the mitigation of security threats. The SSO advisory board consists of security professionals representing the breadth and width of the United States and can be found on the website.

This website is unique because it serves two purposes. First it is a resource for security information. The site contains an ever growing number of blogs that address variety of security subject matter. SSO blogs are responsive to problems and questions posed by those seeking answers to difficult problems. No legitimate security topics are ignored. The site also provides links to a number of current security news stories. All blog postings are screened to ensure they are truly informational as opposed to being thinly veiled advertisements. The best way to advertise is to provide usable information for those looking for answers. We want visitors to the site to return again and again, not only to locate problem solvers and security equipment when needed, but to also find ideas for mitigation security threats.

Second, as mentioned this site is intended to be a resource for those truly need professional security problem solvers. As our membership grows SecuritySourceOnline.com will become the place to go when security expertise is needed. SSO members will consist of security integrators, security consultants, forensic security experts, alarm companies, security equipment providers, contract security providers, fraud investigators and information security experts. As this site grows, you will find security expertise representatives from all over the world. SSO members represent such disciplines as hospitality security, healthcare security, retail security, information security, supply chain security and many other security disciplines.

The Security Source Online Group had been on LinkedIn for only about a year and has more than 1300 members. Within this group there have been numerous and diverse discussions. SSO on LinkedIn is testimony to the wide range on interest in this unique approach. The Security Source Online Group on LinkedIn continues to attract a diversified group of international security expertise, as well as those seeking answers to difficult challenges, and will continue to do so. On LinkedIn about half of the members of Security Source Online Group members are security providers with the other half being security services users. One of the goals of the SSO LinkedIn group is to encourage thoughtful interaction between users and providers with a minimal amount of commercialism. SSO will provide access to regional providers as members with both a national and international presence as well as those providers who serve local markets.

Our security provider members are encouraged to address the issues of the day by posting topical and thoughtful articles on our blog. We want visitors to SSO to consider the site to be a resource of current security management and security program development information. Those seeking security products or services will be afforded direct access to any of our members with no middle-man interference. Any member who does not maintain high ethical standards will be removed from the site immediately.

The site also hosts a Speaker’s Bureau for those members who provide special insights within the ever-changing world of security services and security technology my making educational public presentations. The SSO Speaker’s Bureau consists of individuals who regularly making presentations of ASIS Internationals and other prestigious trade organizations. Those members of the SSO Speaker’s Bureau understand that our role is to inform as opposed to making forty five minute sale pitches.

Finally, the Security Source Online Roundtable is comprised of individuals who hold widely recognized professional certifications in the various security discipline members. A condition of Roundtable membership is a willingness to form strategic partnerships other Security Source Online Members, in order to meet the synergistic needs of clients they serve. These partnerships will afford SSO member clients with a single point of contact as well as the capability to serve many geographic locals in a coordinated and cohesive manner.

Those interested in becoming a member of the Security Source Online family are now able to do so at a very low annual fee. These low introductory sign up fees will be available on a very limited time basis only. Our goal is to provide an international security resource for those individuals and organizations seeking security information and providers of security related services.