The Achilles heel of all security designs is the lack of attention to three things:
Without systematic attention to these matters you are sabotaging your plans. It’s not the criminals that defeat your systems. You do.
Testing — Things break and no one tells you. A phone line is cut or discontinued for lack of use. A communication cable is cut by lawn maintenance. You will not be told.
Top sites test their systems on a monthly basis. The best do it weekly.
This happens to everyone, even us.
One of the layers of security we installed in our prior HQ was a panic alarm for the receptionist. Two years later we asked if we tested it weekly, as we recommend to our customers. We didn’t. When tested, it failed due to a simple installation mistake made two years ago! This was a humbling experience.
Maintenance — Preventive maintenance ensures the reliability of your security systems. Some questions to ask:
Retraining — A security system that operators don’t know how to use is worse than no security at all. You will think you are protected when you aren’t. Sites sweat over the initial training. But what happens when those people leave and a new team shows up? It is unlikely that HR has security system training built into your on-boarding plan. It should be.
The best sites get testing, maintenance, and retraining built into the contract with the vendor. Failure to adhere to this ASIS standard means you will pay an extra 20% for this work.
If you don’t have a systematic approach to testing, maintenance, and retraining you are sabotaging all your security efforts.
A Site Risk Assesment by Electric Guard Dog is a good place to start.