The '5 Ps' of a Top-Notch Security Strategy
By Luis Orbegoso, President of ADT Business
Research from the U.S. Small Business Administration found that the average small business owner allocates between $10,000 and $80,000 toward startup costs. And that's just cash (usually that of the owner and his or her relatives). Other considerable resources such as physical space, digital assets and inventory go into a startup. Add it together, and that's a pretty compelling case for the need for a good security protocol—that's a lot to protect!
Selecting the right security protocol can certainly be overwhelming, but doing so helps lend stabilization to a risky and ever-changing office environment, regardless of the industry. Being proactive is the first step.
At ADT, I've developed what I call the "Five Ps," a list of the five pillars of a secure business. Keep in mind that your security protocol will vary based on your industry and other unique attributes of your business, but this list can get you started on the right track.
As you do with any other business decision, you must first identify your security objectives before you can implement any actions.
To do this, ask yourself questions that will identify the most important areas to your particular business, including:
What are you most concerned about securing (e.g. inventory, client information or data)?
Is the ability to remotely check in on your business important to you?
What kind of work environment and relationship with employees do you want to have? (You want your workplace to be secure, but not have employees feel like Big Brother is watching.)
Once you know your priorities, you can craft an all-encompassing security policy. You'll likely include everything from what sort of background check you do before hiring, to how you will monitor inventory, to your response to workplace violence. Other factors you'll want to cover are changes based on the time of year (such as the holiday season, which his often the busiest season for retailers) and emergency preparedness.
Remember to assess each step against that list of priorities you made. Do the pieces of the policy support your objectives? If not, get rid of them.
Once you have those policy details ironed out, put them in writing and create a handbook for your employees. But don't just hand it out. Every employee should sign a document to show that they received and read it. Keep an additional copy in a communal place.
To secure both your physical and digital environments, you'll want to work with an expert. Companies like ADT have been in the security business for years. As a result, our team of professionals can both identify potential problems and suggest solutions you perhaps haven't considered.
As you evaluate your workplace with your security expert, you'll determine what security and automation solutions are needed. For example, a retail business should take precautions against shoplifters. However, a medical clinic must secure sensitive patient information and medications.
It is also important to consider both the internal and external spaces. You'll want good lighting, security signs and stickers, fences or other barriers and, of course, good deadbolts in addition to an alarm system. When installing interior security cameras, think about positioning them in a way that helps identify individuals as they enter a given area.
Automation can be particularly helpful, especially for small businesses without the budget for a 24-hour security guard. Tools like key cards can monitor comings and goings and allow remote access to authorized people when you are not in the office. You can even set up e-mail or text alerts to notify you when the business has been opened or a delivery has been made, without ever interrupting the flow of business.
Digital "places" need to be secured as much as physical ones, as cyber attacks have real bottom-line impact. One Cyber Security Alliance survey found that 20 percent of small businesses surveyed experience a cyber attack annually, and 60 percent of businesses that were the victims of such attacks close within six months of the incident.
Your protocols must include details to prevent these attacks when possible and recover from them if they happen. This includes procedures for using and changing passwords, downloading virus protection, erasing old hard drives and locking laptops and tablets when not in use.
Your employees are your first line of defense in creating a truly secure workplace.
The more time you spend on the outset—hiring people you trust and training them so that they know the security policy—the better equipped they will be to help you deal with problems as they arise.
Educate your staff, not just about your policies and expectations, but also about how theft and loss can affect them personally. Explaining how lower profits due to theft can result in fewer opportunities for raises and company expansion can help employees work to prevent theft for the common good.
Finally, employees should know what to do if they spot suspicious behavior. They need to know what the protocol is for reporting it, how the information will be used and how they will be protected during the process.
A system is only good if it works. You need to evaluate the performance of your security systems on an ongoing basis and make adjustments as needed.
To do this, use a cloud-based or DVR video storage option to analyze any security threats that took place over the past month.
Reviewing your video footage and security history can help identify any weaknesses or problem areas, in addition to providing insights into areas such as staffing levels and foot traffic analytics. Once you have identified areas of concern, make necessary changes to your protocol and set up automated alerts to help you closely monitor those areas.
Try to revisit this entire process once in a while, even if only once a year, to help keep you, your employees and your many investments secure.
About Luis Orbegoso: As president of ADT Business, Luis Orbegoso is responsible for developing and executing the company's strategy to grow the security and automation segment serving small and mid-sized business owners.