SecTrainer
05-29-2008, 02:58 PM
Hi, everyone - a little potpourri of thoughts for today:
"The Old Reliable": A standard (nonwireless) telephone, with the handset connected to the base by wire, is still one of the most reliable emergency communication devices in existence because they will still function during power outages (unless the phone network has been taken out, of course).
Your residential and commercial clients should be urged to have at least one phone of this type, and for businesses it should be on its own line that doesn't run through the PBX.
Add A Dimension To Your Consulting Practice: Do you address the client's supply/value chain in your risk assessments and recommendations? Many security consultants do not, although we know from the aftermath of both 9/11 and Katrina that chain disruptions might actually constitute your client's greatest aggregate risk factor. Businesses very far from the actual location of a disaster can be literally bankrupted if their supply chains are disrupted. Given this interdependence of many (most?) commercial enterprises, a hula-hoop manufacturer whose plant is located in Bugtussle, Tennessee might actually have a risk profile that more closely approximates the risks of large centers like New York or Chicago if he is intimately linked with business entities, banking and credit card payment processing centers, transportation facilities, etc. in those areas. Considering credit cards alone, few businesses don't have some vulnerability with respect to major financial centers.
Supply/value chain risk evaluation and management represent an added revenue stream for your consulting practice, assuming that you're not already integrating such assessments in your "standard package" (and if you are, you might consider "unbundling" this as a separate service, since such assessments can be time-consuming and add distinguishable value compared with a normal, more limited "site-based" assessment).
If you need to come up to speed on this topic there's an excellent treatment of this subject by Joseph L. Walden entitled Velocity Management in Logistics and Distribution: Lessons from the Military to Secure the Speed of Business (http://www.amazon.com/Velocity-Management-Logistics-Distribution-Military/dp/0849328594/ref=si3_rdr_bb_product) (click link to Amazon--and no, I don't have any financial interest).
The title is a little obtuse, unfortunately, and would likely cause this book to slip under your radar screen, as few of us in security probably equate a company's speed of execution with its supply chain. However, the title does indicate the major premises of the book:
1. A company's supply/value chain is what largely determines its speed of execution.
2. A company that suffers a break in its supply chain will suffer in terms of its speed of execution, and for business in the year 2008, any loss of speed translates directly into real $$$ loss.
3. Securing the supply/value chain is "the other half" of protecting a business from loss.
The opening pages (a discussion of the fundamentals of risk assessment) will be a little obvious to most security professionals, but rest assured that the material gets much more interesting and thought-provoking thereafter.
"Virtual Patrol" vs Continuous Monitoring and Guard Patrol: Could the placement of additional cameras, at relatively little additional marginal cost to the client, in conjunction with "smart systems" that alert the monitoring center to events, permit a better model than continuous monitoring and guard patrol provide? In some cases, the answer would be "yes".
Virtual patrol usually requires greater camera coverage, and higher resolutions, than continuous monitoring. For one thing, there would usually need to be more coverage of the property perimeter (and even nearby areas) and internal open spaces than the traditional model, which often emphasizes specific risk targets, would require. And, the coverage would need to be more contiguous than target-based monitoring would employ.
However, especially in "campus" settings with significant amounts of open space and distances between buildings, virtual patrol might not only be appropriate but permit much more effective use of security personnel.
Visual patrol can be married to a host of remote control center response capabilities, of course, such as lockdown, automated messaging, and even evacuation announcements.
Homeland Security/Emergency Management: Every security business should have an aspect of their business plan that is focused on meeting the concerns of clients and potential clients with respect to HS and EM issues.
Questions to consider are: Is your Web site optimized for "key phrase" searches on HS/EM topics? Do your sales and marketing materials address them? Have you or members of your staff acquired specialized knowledge or training about them? What link could there be between HS/EM concerns and public service opportunities that would put your business in the public eye? Is there some way that your firm could support the efforts of local HS/EM agencies? (Obviously, the answer to the last question is "Yes - about a million ways!")
Here's one suggestion, for instance: Most families do not have an emergency communication plan in place. Could your firm host a free emergency web-based notification and response system for families in your operating area or zone of influence? (This would be hosted outside your geographical area, of course.) There are probably lots of ways to implement and finance this. For instance, the Web site could be supported by local business ads (like, YOUR OWN, maybe?!)--or, you could do it on a "freemium" basis whereby businesses would pay to establish notification lists but the service would be free for personal notification lists. You could also do a "mashup" by integrating local weather/EM bulletins and Google maps, or something interesting like that. The idea I have in mind would probably be based on sending SMS (simple message service) messages to family cell phones, etc. The critical functionality would be an "I'm OK and received the message" response function. These days, there is probably even a way to hook in to FaceBook or similar social networking sites. Families set up their groups there for other purposes, and there's some sort of hook to the notification service...that kind of thing. Be inventive!
...oh, and by the way, do you have an emergency notification system in place for your own family and your own business?
"The Old Reliable": A standard (nonwireless) telephone, with the handset connected to the base by wire, is still one of the most reliable emergency communication devices in existence because they will still function during power outages (unless the phone network has been taken out, of course).
Your residential and commercial clients should be urged to have at least one phone of this type, and for businesses it should be on its own line that doesn't run through the PBX.
Add A Dimension To Your Consulting Practice: Do you address the client's supply/value chain in your risk assessments and recommendations? Many security consultants do not, although we know from the aftermath of both 9/11 and Katrina that chain disruptions might actually constitute your client's greatest aggregate risk factor. Businesses very far from the actual location of a disaster can be literally bankrupted if their supply chains are disrupted. Given this interdependence of many (most?) commercial enterprises, a hula-hoop manufacturer whose plant is located in Bugtussle, Tennessee might actually have a risk profile that more closely approximates the risks of large centers like New York or Chicago if he is intimately linked with business entities, banking and credit card payment processing centers, transportation facilities, etc. in those areas. Considering credit cards alone, few businesses don't have some vulnerability with respect to major financial centers.
Supply/value chain risk evaluation and management represent an added revenue stream for your consulting practice, assuming that you're not already integrating such assessments in your "standard package" (and if you are, you might consider "unbundling" this as a separate service, since such assessments can be time-consuming and add distinguishable value compared with a normal, more limited "site-based" assessment).
If you need to come up to speed on this topic there's an excellent treatment of this subject by Joseph L. Walden entitled Velocity Management in Logistics and Distribution: Lessons from the Military to Secure the Speed of Business (http://www.amazon.com/Velocity-Management-Logistics-Distribution-Military/dp/0849328594/ref=si3_rdr_bb_product) (click link to Amazon--and no, I don't have any financial interest).
The title is a little obtuse, unfortunately, and would likely cause this book to slip under your radar screen, as few of us in security probably equate a company's speed of execution with its supply chain. However, the title does indicate the major premises of the book:
1. A company's supply/value chain is what largely determines its speed of execution.
2. A company that suffers a break in its supply chain will suffer in terms of its speed of execution, and for business in the year 2008, any loss of speed translates directly into real $$$ loss.
3. Securing the supply/value chain is "the other half" of protecting a business from loss.
The opening pages (a discussion of the fundamentals of risk assessment) will be a little obvious to most security professionals, but rest assured that the material gets much more interesting and thought-provoking thereafter.
"Virtual Patrol" vs Continuous Monitoring and Guard Patrol: Could the placement of additional cameras, at relatively little additional marginal cost to the client, in conjunction with "smart systems" that alert the monitoring center to events, permit a better model than continuous monitoring and guard patrol provide? In some cases, the answer would be "yes".
Virtual patrol usually requires greater camera coverage, and higher resolutions, than continuous monitoring. For one thing, there would usually need to be more coverage of the property perimeter (and even nearby areas) and internal open spaces than the traditional model, which often emphasizes specific risk targets, would require. And, the coverage would need to be more contiguous than target-based monitoring would employ.
However, especially in "campus" settings with significant amounts of open space and distances between buildings, virtual patrol might not only be appropriate but permit much more effective use of security personnel.
Visual patrol can be married to a host of remote control center response capabilities, of course, such as lockdown, automated messaging, and even evacuation announcements.
Homeland Security/Emergency Management: Every security business should have an aspect of their business plan that is focused on meeting the concerns of clients and potential clients with respect to HS and EM issues.
Questions to consider are: Is your Web site optimized for "key phrase" searches on HS/EM topics? Do your sales and marketing materials address them? Have you or members of your staff acquired specialized knowledge or training about them? What link could there be between HS/EM concerns and public service opportunities that would put your business in the public eye? Is there some way that your firm could support the efforts of local HS/EM agencies? (Obviously, the answer to the last question is "Yes - about a million ways!")
Here's one suggestion, for instance: Most families do not have an emergency communication plan in place. Could your firm host a free emergency web-based notification and response system for families in your operating area or zone of influence? (This would be hosted outside your geographical area, of course.) There are probably lots of ways to implement and finance this. For instance, the Web site could be supported by local business ads (like, YOUR OWN, maybe?!)--or, you could do it on a "freemium" basis whereby businesses would pay to establish notification lists but the service would be free for personal notification lists. You could also do a "mashup" by integrating local weather/EM bulletins and Google maps, or something interesting like that. The idea I have in mind would probably be based on sending SMS (simple message service) messages to family cell phones, etc. The critical functionality would be an "I'm OK and received the message" response function. These days, there is probably even a way to hook in to FaceBook or similar social networking sites. Families set up their groups there for other purposes, and there's some sort of hook to the notification service...that kind of thing. Be inventive!
...oh, and by the way, do you have an emergency notification system in place for your own family and your own business?