A Security Perspective

Corporate IT manager pushing SECURITY AUDIT on an interactive virtual touch screen monitor. Business challenge metaphor and information security concept for vulnerability scan and network analysis.

Security professionals have a lens through which they see the world and this blog will, hopefully, provide you with some understanding of their viewpoint.  Those of you who operate your own business should understand the concept of risk, the uncertainty of financial loss, the difference between actual and expected results or the probability a loss will occur.  Security professionals think in terms of risk.

More specifically, what assets do I have which need protecting?  What kinds of risks might affect the assets involved?  What is the probability of an adverse risk occurring?  What would be the impact or effect of a loss?  Using this framework, we can make decisions based on risk and reward.

Let’s examine the first part determining what assets we have which we need to protect.  Well, obviously our inventory, our facilities, our employees, and our customers.  What are the potential risks to each of these assets?   Inventory can be lost, stolen, or misplaced.  Our facilities can be flooded, set on fire, have the windows broken, can be damaged by windstorms or other natural disasters.  We are also susceptible to manmade hazards.  These collectively are called threats.

The last part involves what policies, procedures, and practices do we have in place in order to protect our assets from any and all reasonable threats.   We need to determine as accurately as we can what the likelihood is from any of the possible threats and what are the likely costs to the organization.  Basically, what I’m describing is the process of a Security Audit/Survey.

The process starts with creating a General Security Checklist specific to your company, your location, and your business model.  Some of the areas we can choose to examine include:  what security policies do you have in place currently, are they published, does each manager have specific responsibilities for enforcing and updating the policies?  Who is ultimately in charge of your Security Program?  Are policies enforced uniformly?  How are the policies and procedures communicated to all the employees?  How well do they understand what you are trying to accomplish with the security program?

These all are critical aspects of how successful your program will be, as well as how much buy-in you have from the employees and the organization.

Belcastro Security Services can evaluate the programs and policies you have and help you determine if you need additional security measures, which ones, and how much can you spend for the protection your organization needs.

Call us today!


About Belcastro

Leave a Reply