SecurityAdvisoryCouncil.com
Security Risk Analysis - Issues - Strategies - Solutions - Resources
Security Risk Advisory Consultants - Advanced Security Planning
Security MostWanted For America!
BUSINESS SECURITY
Safety & Security Issues - Strategies - Solutions
Small Business Security: What You
Don't Know Could Cost You Everything!
There are many misconceptions in the small business community as to what constitutes business security. It is more than just having locks on your doors and an alarm system to protect your business assets. There is no one size fits all in the security world, even if you have two businesses that are the same but in different areas of a city, they will still have varying types of threats and vulnerabilities to security issues.
This is why each business, no matter what the size, whether it is a brick and mortar location or home based business, needs to have security measures and risk assessments specifically for each location.
You've heard that location, location, location is the most important part of a business. Criminals see it the same way. Most business crimes are that of opportunity, if you give them the opportunity they will steal anything they can from you or find a way to make you a victim.
The big issue for businesses in the security assessment should be that of physical security of the location. This has to do with the location you're in business at, it includes at a minimum:
Hazards in and around the outside of the building for anyone on site
Crime in the area that could affect your business or people on site.
Parking Areas, Lighting, Landscaping, Access and Egress Points.
Doors, Windows, Locks, Cameras, Visibility day and night of inside.
Routing of highways, truck traffic, ease of escape routes, possible accidents
The next issue is the protection of people; this includes at least the following areas:
Background Checks for employees before hiring and annually after hiring.
Training in Operations, Emergencies and Security Issues for the business.
Written Policy and Procedures to cover the above issues.
Identifying and reducing possible risks and threats to your business.
The last issue is protection of information to include at least these areas:
Policy's for handling information safely.
Storage of electronic information of customers, employees and vendors.
Access to information in the business and who can access it for what reasons.
Backups of all business information stored off site.
Annual reviews of information security to include web based uses.
There are many more issues that need to be addressed in more detail as a security assessment is completed, but these few areas will get you started in understanding what the bare minimum is needed to provide security for your business.
It doesn't make a difference whether the business is a storefront or home based, they still need to be looked at; storefronts just mean more areas to look at and assess overall.
Please feel free to contact us through our website here, email us, or call us directly at 727.657.3339 to help you in your security risk planning.
Small Business Security
Protecting Your Business
Against Fraud and Theft
When many entrepreneurs start a business, they usually do not spend much time thinking about security. Many are too busy trying to get everything else done. This can change quickly when you decide to raise money from venture capitalists who many times will insist that your business security be increased to protect their future investment.
In general, here are a few tips for reducing threats:
Check out your employees before you hire them, check references and do a background check. Like most preventative measures, it is less expensive than dealing with the consequences, but it does take time.
Limit access that employees have to data and to your server. If your server room is locked, but the person in charge of the backups keeps the key in his desk in his cubicle - your server is not secure! If your HR person has access to all the digital employee files, but keeps his or her password taped to the side of the computer, that data is not secure.
Require that your employees use strong passwords and changed them regularly. This will cause much grousing, but it's your business and their jobs, so they will have to live with it.
Backup your data regularly. You should back up your data daily. Every week you should have a week end backup that is taken off site and stored. Annually backup your data and keep it in a safe deposit box or with your attorney.
Have virus protection software and digital intrusion detection software installed and reviewed regularly. If you outsource your IT, the company providing these services should be able to provide this for you.
Lock your doors, even during business hours. This is why Home Depot sells those wireless door bells. They are cheap. I am always amazed when I can walk into a business with no receptionist and wander the halls freely.
Get security cameras. This is both security for your business and for your employees.
Assign one of your senior management as security officer. This person is in charge of understanding possible threats and determining the best prevention. He or she should also receive training in what to do in case of an intrusion, digital or otherwise.
Another area of security is internal fraud, specifically employees stealing from you. As the security officer of one previous company,
Some employees are required to take a class on internal fraud. The characteristics of the offender tended to be (1) male, (2) in his 20s, (3) college educated, and (4) had never committed a crime before. Not to say that a 50 year old female, high school drop-out criminal will not commit the crime, but statistically those were the characteristics that came up most often.
Usually what happens is the perpetrator is in a bind, can't make a car payment, rent, doctor's bill, and he starts with just "borrowing" money or items to pawn from the company. He has full intentions of "paying it back." But the reason he got stuck in the first place still exists, so he have to steal more to cover up the first crime, and on and on it goes.
To prevent this type of fraud, have strong accounting policies and procedures. Have revenue checks come to a PO Box. Have a different person sign the checks than the one who creates them. Allow only one person to do the ordering for the company and keep an inventory of what each employee has. For instance, memory sticks disappear really easily. Yes, an occasional one gets lost, but some one who loses them constantly may have a problem.
Ask a security professional, in concert with your accountant for assistance and security risk planning to create these policies and procedures and have your books audited or reviewed at least twice a year and at the absolute least, annually.
Although it is possible to go overboard on security, very few companies actually do and most don't even come close to basic security. Make sure your company is not one that gets caught saying "but she seemed so trustworthy, I can't believe that she stole from us."
Please feel free to contact us through our website here, email us, or call us directly at 727.657.3339 to help you in your security risk planning.
By Signing Up For Our News Letter, You Will Receive The Latest Security News
Once-A-Month!
Security Watch Education For Your Life, Businesses & Property
SecurityMostWanted.com - SecurityAdvisoryCouncil.com - The Security Most Wanted Group ALL RIGHTS RESERVED
