Physical security integration
13
Physical Security Integration Jon Nakapalau,CHSO,CPO
-
Upload
jon-nakapalau -
Category
Documents
-
view
318 -
download
2
description
Transcript of Physical security integration
Physical Security Integration
Jon Nakapalau,CHSO,CPO
How “deep” is your security program?
??????????????????????????????????????????????????????
Often the depth of a security program is never tested…this leads to a lot of false assumptions about what you will find “down there.”
Looks frie
nd
ly from
h
ere
…
However, it can be deceiving if you fail to take a closer look…
D = DESIGN
E = EVALUATION
E =ENVIORMENT
P = POLICY
DESIGNWhat kind of design are you going to look at as a foundation for your security posture? Does executive management support the security posture you are proposing or are you “designing above” your level of support? Will the design need to be modified in the near future? Do you rent or own the buildings? Do you have a dedicated staff to work with you or is security a shared function? Should you design systems around a BAS or should you build a separate security system? Does the system you are looking at have an expandable platform to build on? Have you worked out specs with your IT department? Who will decide these questions?
EVALUATIONWhat are the threats? Different nets? To a liquor store? To a biopharmaceutical
company? To a school? To a hospital? To a library? To a fast food restaurant?
(24/7) To a pawn shop? To a coin shop? To a check cashing service? To a supermarket? To a bar?
ENVIORMENTRemember that each security posture has to exist in a given environment; while that environment may be beyond your control there are certain things you can do to mitigate the security breaches that might occur by constantly being the “security barometer” of your organization. But be careful! There are security managers and directors that want to “forecast” from inside their office. If you really want to be accurate you have to leave your office and walk around your area of responsibility. Your forecasting is one of the areas you will be evaluated on when it is review time and when you have to fight for next years budget. So get out there and see where the wind is blowing!
POLICYIf your policy is hard to follow then all the other good work you have done is for naught; policy can be looked at as the “muscle” of any security program: the “skeleton” is made up of all the security equipment you have in place…you can have a strong skeleton, but if there is no muscle to connect the skeleton it becomes brittle. Our friend the diver knows that before he dives there are policies he must follow if he wants to survive. When would be a good time to follow those policies? Before he dives or after? If he fails to follow procedures before he dives how much harder will it be to rectify a problem when his attention has to focus on all the other problems he will encounter the deeper he goes?
THE END!
