The Five Pillars of a Secure Business

Research from the U.S. Small Business Administration
found that the average small business owner allocates
between $10,000 and $80,000 toward startup costs. And
that's just cash (usually that of the owner and his or her
relatives). Other considerable resources such as physical
space, digital assets and inventory go into a startup. Add
it together, and that's a pretty compelling case for the
need for a good security protocol—that's a lot to protect!
Selecting the right security protocol can certainly be
overwhelming, but doing so helps lend stabilization to a
risky and ever-changing office environment, regardless
of the industry. Being proactive is the first step.
At ADT, I've developed what I call the "Five Ps," a list of
the five pillars of a secure business. Keep in mind that
your security protocol will vary based on your industry
and other unique attributes of your business, but this list
can get you started on the right track.
1P: Priorities
As you do with any other business decision, you must
first identify your security objectives before you can
implement any actions.
To do this, ask yourself questions that will identify the
most important areas to your particular business,
including:
What are you most concerned about securing (e.g.
inventory, client information or data)?
Is the ability to remotely check in on your business
important to you?
What kind of work environment and relationship with
employees do you want to have? (You want your
workplace to be secure, but not have employees feel like
Big Brother is watching.)
2P: Policy
Once you know your priorities, you can craft an all-
encompassing security policy. You'll likely include
everything from what sort of background check you do
before hiring, to how you will monitor inventory, to your
response to workplace violence. Other factors you'll
want to cover are changes based on the time of year
(such as the holiday season, which his often the busiest
season for retailers) and emergency preparedness.
Remember to assess each step against that list of
priorities you made. Do the pieces of the policy support
your objectives? If not, get rid of them.
Once you have those policy details ironed out, put them
in writing and create a handbook for your employees.
But don't just hand it out. Every employee should sign a
document to show that they received and read it. Keep
an additional copy in a communal place.
3P: Place
To secure both your physical and digital environments,
you'll want to work with an expert. Companies like ADT
have been in the security business for years. As a result,
our team of professionals can both identify potential
problems and suggest solutions you perhaps haven't
considered.
As you evaluate your workplace with your security
expert, you'll determine what security and automation
solutions are needed. For example, a retail business
should take precautions against shoplifters. However, a
medical clinic must secure sensitive patient information
and medications.
It is also important to consider both the internal and
external spaces. You'll want good lighting, security signs
and stickers, fences or other barriers and, of course,
good deadbolts in addition to an alarm system. When
installing interior security cameras, think about
positioning them in a way that helps identify individuals
as they enter a given area.
Automation can be particularly helpful, especially for
small businesses without the budget for a 24-hour
security guard. Tools like key cards can monitor
comings and goings and allow remote access to
authorized people when you are not in the office. You
can even set up e-mail or text alerts to notify you when
the business has been opened or a delivery has been
made, without ever interrupting the flow of business.
Digital "places" need to be secured as much as physical
ones, as cyber attacks have real bottom-line impact. One
Cyber Security Alliance survey found that 20 percent of
small businesses surveyed experience a cyber attack
annually, and 60 percent of businesses that were the
victims of such attacks close within six months of the
incident.
Your protocols must include details to prevent these
attacks when possible and recover from them if they
happen. This includes procedures for using and
changing passwords, downloading virus protection,
erasing old hard drives and locking laptops and tablets
when not in use.
4P: People
Your employees are your first line of defense in creating
a truly secure workplace.
The more time you spend on the outset—hiring people
you trust and training them so that they know the
security policy—the better equipped they will be to help
you deal with problems as they arise.
Educate your staff, not just about your policies and
expectations, but also about how theft and loss can
affect them personally. Explaining how lower profits due
to theft can result in fewer opportunities for raises and
company expansion can help employees work to prevent
theft for the common good.
Finally, employees should know what to do if they spot
suspicious behavior. They need to know what the
protocol is for reporting it, how the information will be
used and how they will be protected during the process.
5P: Performance
A system is only good if it works. You need to evaluate
the performance of your security systems on an ongoing
basis and make adjustments as needed.
To do this, use a cloud-based or DVR video storage
option to analyze any security threats that took place
over the past month.
Reviewing your video footage and security history can
help identify any weaknesses or problem areas, in
addition to providing insights into areas such as staffing
levels and foot traffic analytics. Once you have identified
areas of concern, make necessary changes to your
protocol and set up automated alerts to help you closely
monitor those areas.
Try to revisit this entire process once in a while, even if
only once a year, to help keep you, your employees and
your many investments secure.