One big trend in contract security is the idea of value added services. Usually these consist of activities that have nothing to do with security (i.e. janitorial, valet,). I find this repulsive. I do not feel that these jobs are beneath me or anyone else, there is not such thing as being too good for an honest job. I just feel that security officers are supposed to be proffesionals and should be performing duties related to their proffession. I do, however, favor expanding the duties of security officers beyond "keeping an eye on things." I also feel that the more we do for a client, the more respect we will get and the higher pay we can expect. I also think that covering more aspects of the clients security/safety can help streamline their protection, thus lessing confusion/red tape. My question to all of you is: what kind of security related services should companies be offering?
A few that have come to me include:
Fire extinguisher checks/maintenance
Reception (I currently perform this task, and am extremely grateful for it)
Alarm maintenance
Key, I.D. Access card production
Pre-employment Background checks + Investigative reference checking
Red Teaming
Threat assessments
Book Checking
Inventory
I know these are often done by security staff, but is seems very rare outside of proprietary security.

Can a contract security provider really perform background checks and investigations without a private investigator's license?

I think this is why some firms do it in house, a third party company that performs investigations needs a PI license, just like a third party company that performs guard services needs a security license.

Can a contract security provider really perform background checks and investigations without a private investigator's license?

I think this is why some firms do it in house, a third party company that performs investigations needs a PI license, just like a third party company that performs guard services needs a security license.I think it depends on the state.

To those of you who don't think checking fiore extinguishers is part of your job, you better hope like heck that the person whose job it is has been doing it if ever you need to use one. The Montreal Fire By-law (probably from NFPA recommondatioons) say that fire extinguishers have to be visably inspected daily. As they get tampered with a lot in hotels my staff are required to check them evry patrol.

To those of you who don't think checking fiore extinguishers is part of your job, you better hope like heck that the person whose job it is has been doing it if ever you need to use one. The Montreal Fire By-law (probably from NFPA recommondatioons) say that fire extinguishers have to be visably inspected daily. As they get tampered with a lot in hotels my staff are required to check them evry patrol.
HotelSecurity if you are going to be held accountable for these inspections, commit those by-laws to memory. Several NFPA publications you might peruse 10, Standard for Portable Fire Extinguishers; 72, National Fire Alarm Code; 101, Life Safety Code. Make sure your corporate counsel is aware of these extra safety duties. If you have to seek advice, route your written requests through your leadership and counsel. Don't wind up having to eat a pig's breakfast!
Enjoy the day,
Bill

Actrually Bill the City By-Laws supersede the NFPA "recommendations" although most by-laws come from them. And I do know the by-law. BTW when I was the Fire Marshal of the Windsor Hotel in Montreal I was a member of the NFPA. Now it is too expensive.

The visual inspection is to verfy that the extinguisher is where it is supposed to be. That there is nothing blocking it. That in all but the CO2 types, the pressure is within the operating range, that the seals are in place on the CO2 tyoes & that there is no damage. We don't do the monthly offical inspections such as weighing the CO2s.

I don't think we need legal advice to do what we are doing.

Neil

Fire exinguisher checks are just something I do automatically, without being asked. I wish I could check the fire hoses. A couple have been used and I have no way of knowing if they were properly drained and dried.

My staff regularly checks the fire equipment.

Not to sound stupid, but what is Red Teaming?

I was wondering that myself.

I would make a blanket statement such as, "security personnel should know and regularly check the fire suppression equipment, and note the findings on the daily log," but I have actually worked sites where the client didn't want the guards caring about or touching the fire extinguishers. The client will put the fire out. The guard will just write in his little book that the client did so, and not worry about it.

When a fire did occur, the client personnel ran out without even sounding the alarm. The Guard on duty wrote, "FIRE!!!!!!" in huge letters in the log book, forgot everything he was supposed to do, and ran too.

It was funny to come onto that post that night for the mid shift, and read that in the book. Next day, we were to check fire suppression equipment once a shift, and maintenance was no longer our "boss."

At the post I currently work we do check and maintain the fire extinguishers, but, I have worked many posts where we were not expected to do more than check the dials whilst on patrol. Also on most sites I have worked it was not security's job to have the empty ones refilled/replaced, nor did the person who's job it was replace/refill them until after his own scheduled check.
As to background investigations, in Illinois, any PERCed employee may perform the duties of a private investigator as long as their company has a licensed private investigator holding a position of licensee‑in‑charge, and the employee has passed a state certified PI training program.
Red Teaming is slang for a particular type of security testing. This invovles members of the security staff intentionally trying to breach security to test it's effectiveness. I use to have a Captain who would do this often. He would sneak on site during third shift to see how lont it would take us to find him.

We would check FEs and eyewash stations. Checking an extinguisher was a matter of making sure the pressure was good, the hose clear and not damaged, no significant rust or dents, and a dusting. Some states require a license to do other maintenance.

These value-added services are OK, as long as there is sufficient coverage from other security personnel to handle the primary functions required of security. This is where most companies "drop the ball," IMO.

There is a very interesting article in the latest (September 2007) issue of "Security Products" magazine entitled "Get To Work", which discusses the role that security monitoring systems such as CCTV can play in helping companies improve their operations, as opposed to being strictly focused on security issues. Surely, this is the ultimate in "value added" when you can help your company/client improve their business processes!!

For instance, take the CAM-V, which can be installed in 5 to 10 minutes at a construction site to provide a live feed of activity on the site. Sure, there's an obvious security application here, especially at night when everyone's gone home from the site...but what about during working hours? If you turn around and think about this in terms of process monitoring, you can see lots of applications, ranging from safety violations (people without their hard hats) to recording the delivery of materials and supplies.

Install a CAM-V at several sites, and one project manager can keep an eye on all of those projects while he's in the office taking care of the administrative aspects of his job.

As another example, you install cameras to watch the register and the other "security points" in a pizza restaurant...but what about installing a couple of Web cams so the manager can watch the production area when he's not there?

Finding such opportunities can be as simple as thinking about security systems in a different way...meaning, asking how the information provided by the system could help answer questions besides just "who accessed what, and when". Sometimes, the security system itself as designed strictly for security only provides some of the information, when a bit more thought would reveal that another camera or a bit more sophisticated system could be much more helpful with respect to this value-added application.

What operational efficiencies, etc. might be gained from data-mining the information that access control systems generate?

Knowing something about the full range of available information-acquisition, imaging and other systems is obviously very helpful, too. Knowing that INEX sells a portable license plate reader, for instance, suggests all sorts of possibilities with respect to parking facility management, such as the collection of overtime parking fees, etc.

Security is one of the most ubiquitous functions in many businesses, with both systems and personnel that operate throughout the organization in both a functional and physical sense. If the security program can contribute useful operational information, perhaps merely by thinking about security systems and procedures from that angle, you're talking about CEO's who should be easily transformed from reluctant to eager supporters of the security program.

SecTrainer I have preached for many years: Anything that interferes with the ability of any organization to fully fulfills its stated mission statement is a security concern. From watching the till to the parking lot, security has a role and "things" can be used as force multipliers.
Thank you for expressing and sharing your insight with the rest of the memberfs in this forum.
Enjoy the day,
Bill

Security/Loss Prevention should be considered as "preventing ANY loss to the company" If security can monitor such things as HVAC systems, refridgeration units, etc. losses can be prevented by finding problems when they require a small, $5 part instead of a new HVAC unit a month down the road. If there is a food service area, why shouldn't security monitor things that the health dept would check on an inspection? this could not only prevent fines, but also the ensure the health and safety of patrons, thereby preventing lawsuits. As Mr. Security pointed out, these things should not interfere with more traditional security duties.

Security/Loss Prevention should be considered as "preventing ANY loss to the company" If security can monitor such things as HVAC systems, refridgeration units, etc. losses can be prevented by finding problems when they require a small, $5 part instead of a new HVAC unit a month down the road. If there is a food service area, why shouldn't security monitor things that the health dept would check on an inspection? this could not only prevent fines, but also the ensure the health and safety of patrons, thereby preventing lawsuits. As Mr. Security pointed out, these things should not interfere with more traditional security duties.
Andy, all these things are traditional security duties. We have suffered from managers and clients who want security to walk around with blinders on looking for flashing neon signs marked "SECURITY."
Enjoy the day,
Bill

This is a very interesting thread and should stimulate us to think about the question from a variety of angles. One of the things I realized is that what security officers and security management can contribute depends to no small extent on what knowledge and training that security personnel have beyond the "principles and methods of security".

For instance:

1. A few of the responses have addressed security's potential contribution to the safety posture of the organization (e.g., checking fire extinguishers, overloaded electrical outlets).

Security managers might certainly consider the value of obtaining cross-training in safety management, and then providing appropriate cross-training (probably at the "awareness" level) for their officers.

This does not require the security manager to seek a degree in "industrial hygiene" or safety, although he might. The National Association of Safety Professionals, for instance, has a number of comprehensive safety programs, both "in-class" and distance-based, up to and including the management level.

2. "Convergence" is the "new normal" in security these days, particularly the convergence of physical and information security.

Security managers can contribute more to the organization if they get some training in the principles and methods of information security and, again, provide "awareness" training for their officers. If nothing else, it positions the security agency or department to partner with the IT department more effectively when the security manager and IT manager can talk the same language about infosec. There's lots of non-degree training in IT security available from many sources, and much of it does not require you to be a "computer geek".

3. Most businesses today would agree that while they suffer from a glut of data, they never have enough knowledge. The security manager who is educated in the principles of business management, and who takes a keen interest in the intimate details of his own company's operations, corporate strategy, and the environment in which it operates (legal, competitive, geographic, social, regulatory, technological) can position himself to provide meaningful contributions to the corporate knowledge base, perhaps in unique ways.

The secondary benefit here is that a security manager with such knowledge is also better able to align his annual security budget requests with the corporate mission.

Again, this does not require the security manager to seek a degree in business management. The American Management Association offers distance-based (and college-affiliated) certificate programs in a wide array of both general and specialized management areas. In addition, there are a jillion colleges and universities that offer "in-class" and distance-based certificate programs in both general and specialized business subjects, at both the undergraduate and graduate levels. This includes some very prestigious universities such as Villanova, Wharton School of Business, Princeton, Stanford, etc. as well as highly-regarded state universities. Of particular note are certificate programs in contract management, corporate strategy and planning (the language of the executive suite), etc.

4. Besides "convergence", "compliance" is part of the "new normal" in business. More than ever before, businesses of every size and variety are coming under increased regulatory scrutiny. While this would normally be the specialized domain of corporate counsel at the highest level of the company, functional unit managers must also get "up to speed" in this area, and there are a growing number of training opportunities in this field as well.

5. Rapid-assessment computer forensics. You don't have to be an expert, especially when it comes to corporate issues, to learn how to do rapid computer assessments in support of corporate policies regarding computer usage. For the most part, this only requires such things as knowing how to access the history log that browsers maintain, how to do keyword searches, etc. In some cases, it is desirable to install monitoring software. This should always be done with the full knowledge of employees, of course - preferably, you have them sign a policy statement to the effect that company computers may not be used for personal web-surfing, game-playing, shopping, or instant messaging, etc...and that exmployees are expected to be engaged in their duties while they are at work.

Merely the knowledge that the company has both the capability and the intent to regulate and monitor the use of its assets is sufficient to put serious brakes on the appalling waste of time that is now occurring in some companies with personal Web activities.

6. Intelligence. From purely an OPSEC standpoint, and regardless of how unlikely you believe it to be that your organization would be an intelligence "target", security managers should acquire skills in intelligence, surveillance, counterintelligence and countersurveillance. Obviously, this concern is heightened for certain organizations, but ALL businesses should understand the importance and the role of both security-related and business-related intelligence.

Although we now think of this in terms of "Homeland Security" after 9/11, the attacks on 9/11 did not create, nor did they necessarily increase, what had been a neglected issue in most businesses and industries since long before 9/11.

This is NOT about Al-Qaeda! It is about a general posture of situational awareness with respect to the potential activities of both internal and external criminals, foreign and domestic terrorists, competitive adversaries and other hostile or adverse possibilities such as adverse regulatory actions and policies.

There is no company, for instance, that has no interest in knowing what employees might be saying about the firm on blogs and forums. There is no company that would not be interested in knowing that OSHA, the IRS or ICE has targeted its industry for increased audits. There is no company that would not be interested in knowing that a prominent university researcher in their industry has just been hired by a competitor. There is no company that would be indifferent to the fact that there is a nearby perch from which competitors, criminals or terrorists are watching the company's deliveries, shift activities, etc. without being noticed or encountering any form of interference. There is no company that should be indifferent to the fact that employees frequent a popular "watering hole" after work and talk loudly about company business. There is no company that should be indifferent to learning that a close business partner, whose employees must have access to the company intranet, is not exercising proper security measures of its own. There is no company that should be indifferent to the fact that one of its sole-source suppliers is facing union contract negotiations soon, which are not predicted to go well.

...I'll have more, I'm sure!

SecTrainer,
That was a very well organized and informative response. I doubt anyone would disagree that merging security with other effected systems in a corporation or diversifying the skills base of security managers would beneficial if for if not essential to providing total security. I am personally amazed at how few companies actually have an integrated security structure.
Thank you for your insight.

It all comes down to the clients return on investment. Unfortunately, security services are an expense that most clients see as a burden or strain on the bottom line. And I know the argument that security should be treated as a type of insurance or a way to lessen liability but because "people" are involved most clients don't see it that way. I just read an article in security director news that a Toyota car dealer switched to security cameras because they were not seeing a return on their investment. Increased guards, loss continued. Cameras installed, loss stopped. That in it self speaks volumes. Warm body security is costing the industry jobs.

It all comes down to the clients return on investment. Unfortunately, security services are an expense that most clients see as a burden or strain on the bottom line. And I know the argument that security should be treated as a type of insurance or a way to lessen liability but because "people" are involved most clients don't see it that way. I just read an article in security director news that a Toyota car dealer switched to security cameras because they were not seeing a return on their investment. Increased guards, loss continued. Cameras installed, loss stopped. That in it self speaks volumes. Warm body security is costing the industry jobs.

Working p/t security as a young`un I was assigned to a grocery chain store 1 Saturday to watch the checkout chicks (cashiers). As it was getting busier, I moved a dozen trollies (carts) into the store area and repeated this a few more times in quieter periods. At the end of shift the manager asked me why I did this and I said it meant the area was cleared, the trollies could be used again and it was safer if I had to get to the checkouts in a hurry. He promptly thanked me and offered me the Saturday shift and then told me the last person told him "I am not a trolley boy" before walking out.

At my last ever LPM role, I was manning the Customer Pickup / Security Office during a break at a pre-xmas sale. An elderly lady came to collect her 4 massive quilts, she stored with us and I offered to get her a taxi and carry them for her (30 feet). Outside a photographer spotted us and took some pics of us (unknown) and our I was in the weekend newspaper in the society pages with an article about Old Fashioned Service (her family were very wealthy and powerful). I was asked to EXPLAIN about this by mgt (I hate retail) and eventually was summoned by the CEO (President) who thanked me for making the company look good and I reminded him I did not know who the customer was - just that she had just spent over $3k with us and was in need of some assistance at the time.

My staff regularly checks the fire equipment.

Not to sound stupid, but what is Red Teaming?

penetration testing of facilities you are guarding, typically by an employee who works there... although where I work now we occassionally have a federal RT come through and try stuff.

It boils down to the fact that someone who is employed there knows the systems, and knows the vulnerabilities. Unfortunately, some companies do not see doing this as a valuable thing to do... afraid of exposing weakness.

It also does not help when your presence is federally and state mandated, and the company contracting the security really could give a rats arse about the level of security.