A look at security tech from all angles
One morning in August, Joe Hoppis, a downtown real estate representative for The Muljat Group, arrived at work to find his office violated. A burglar broke in during the night and stole everything electronic.
Hoppis said physical security for his office had crossed his mind when he moved to the corner of Railroad Avenue and Maple Street several months ago.
“There is a lot of activity down here, which is good; that is why we moved down here,” Hoppis said. “But you’ve got to be smart and protect yourself.”
In business, security takes on a multi-faceted definition that includes not only protection for the brick-and-mortar storefront but also protection for employees, data files, customer information and the myriad of monetary and electronic assets that can be found around the workplace.
Hoppis said as he began his business, his attention was taken with other important details, and a security system moved to the back burner.
“I just thought I would get to it later on,” Hoppis said. “But we had only been here for three or four months. You don’t expect to get hit that fast.”
Proactive vs. reactive security
Chris Lieb, lead salesman for Security Solutions, said a lot of businesses think because they aren’t in retail, they don’t need to worry about theft.
“They think because they don’t have gold and jewels laying around that they are not at risk,” Lieb said.
In fact, Lieb said, businesses have paper and computer files and confidential customer information that thieves would be able to sell to identity-theft rings.
Theft is profitable for the thief and investing in security can be profitable for the business. Lieb said a local lumberyard owner was losing lumber to thieves every month, but with a $10,000 investment, the company’s profitability rose $30,000 annually.
Lieb said it is human nature to be reactive about security, but he is seeing more businesses becoming educated on the issue.
“As the public and business owners become more educated, a larger percentage of businesses are being proactive,” Lieb said.
To be more proactive, Lieb said, employers should start with a low-tech evaluation of the building and its security fixtures, such as doorknobs, locks, doors and lighting. He said a business should also look at its closing security protocol to make sure someone shuts off the lights, locks the doors and activates whatever security system is present.
“This is always essential in any security measures for a good business,” Lieb said.
Tobey Vos, a security systems engineer for Security Solutions, said many times people come in and they want a full surveillance system because they are concerned about burglary. But he said those systems are relatively expensive and an alarm would be more effective at preventing a robbery, whereas a surveillance system would mostly just film the break-in.
“Lock and alarm systems are always the first step because if you have a camera system and a faulty lock system someone could break in and steal the camera and now you’ve got nothing,” Vos said.
Migrating technology
Jamie Vos, general manager at Security Solutions, can simply pull out his iPhone to show how physical security has evolved over the years.
His phone is wirelessly linked to a digital surveillance camera perched quietly above a construction site somewhere in Whatcom County.
Security Solutions has helped small retail outfits, large industrial businesses and everyone in between to better understand the various security solutions available to meet the variety of business needs.
“We are continually working to provide an array of options, so there are some very high-end systems, but we are always looking for entry-level, budget-minded solutions for people that don’t have a ton of money,” Jamie Vos said.
Security technology has been evolving over the last decade, Tobey Vos said, as businesses move away from analog surveillance cameras and VHS recorders to completely digital systems.
“That technology opens up a whole new world for us because now we have mega-pixel cameras and we can get up to 10 times the resolution on one camera view than we could a year ago,” Tobey Vos said. “We can store higher frame rates and for long, long periods of time and have access to that locally.”
Lieb said digital camera surveillance is clearly on the rise.
“Digital camera surveillance is growing at all levels, from the entry level user who wants a camera to watch his carport all the way up to sophisticated systems that use object-motion tracking to identify vehicles and people on a large facility,” Lieb said.
But the more things change, the more they stay the same. Lieb said regular burglar alarms are just as effective and popular as ever.
“Alarm has been around for a long time and everyone understands its value,” Lieb said.
Hoppis has since purchased a burglar alarm but he won’t soon forget the break-in.
“There are so many costs,” Hoppis said. “You can’t put a number on it.”
With all of his business electronics gone, Hoppis said he lost countless E-mails, critical business data, computer memory and communications capabilities.
“All the lost data set us back for at least three weeks,” Hoppis said.
Coordinating a data defense
An intruder doesn’t have to be wearing a ski mask while running through the night; they could be sitting at a remote computer while ransacking a company’s digital information stockpile, which can have social security information, credit card data, banking numbers and other personal information.
Bart Pestarino, a business technology professional and leader of the Technology Alliance Group’s Security Interest Group, said more than 84 percent of companies have unstructured data such as random spreadsheets, presentations and document files with no rhyme or reason to their placement on their networks.
“If the information is just there then people who don’t need to look at these kinds of files start looking at them,” Pestarino said.
Pestarino said someone stealing data from within the company has always been the biggest threat, but cyber criminals are always getting more and more clever.
“People have whole business models set up to get data and then sell it on the black market,” Pestarino said.
The easiest way to measure the magnitude of a data breach, Pestarino said, is by watching what happens to publicly traded companies, which see an average 40 percent stock hit upon reports of a data breach.
Pestarino said sometimes a company grows faster than its processes, which can lead to a data breach and eventual negative growth in the company.
“If you have an overall process in place to address these things as they come up, it is a lot more effective and efficient and less expensive,” Pestarino said.
Bringing it back to security basics
It starts with old-school security management principles. Pestarino said businesses should update or implement a data classification procedure, which determines who can see certain data and who is responsible for managing the data.
Instead of managing different types of security, such as information security, personal security, technical security and privacy, Pestarino said it is better to take an integrated controls approach that combines these tasks into one overall security offensive.
“You can’t just fight fires as they come up,” Pestarino said.
If a company experiences a data breach, Pestarino said, the majority of its customers either leave or consider leaving for another company.
“People definitely look at how you do business,” Pestarino said. “They may not directly see complaints but people definitely take their business elsewhere.”
If poor security can lose customers, then surely great security can attract customers.
Pestarino said while security is a cost, it is something, when properly marketed, that can make money.
“Customers are willing to vote with their dollars and feet, and if a company does a good job of talking about the processes they have in place to prevent these things — Customers are going to be more apt to use those businesses rather than competitors,” Pestarino said.