Developing a physical security plan for a new customer can be a daunting process. After all, this document means to be a comprehensive plan for securing an entire facility or organization—which certainly requires a lot of insight and technical knowledge.
However, by avoiding some of the more common mistakes that often make their way into a security plan, you will be well positioned to provide your customer with the highest level of security to meet their needs.
Here are five of the most common physical security plan mistakes that you should avoid:
1. Taking a one-size-fits-all approach.
No two facilities and no two customers are exactly the same, so each new project requires its own unique security plan. Be sure to take the time at the beginning to sit down with the customer; tour their facility; and ask questions to fully understand their security goals, challenges, and other factors. This information should guide the development of their security plan.
2. Piling on unnecessary systems.
When it comes to security, more is always better, right? Not when you consider the day-to-day use of video surveillance, access control, and other systems.
Some value-added resellers (VARs) overdo it by recommending a wide variety of systems and devices, when the customer really only needed a simple, streamlined solution. Of course, this might benefit the VARs’ bottom line, but it might backfire in the long run.
Over time, customers will grow to understand which security systems are unnecessary and can be sidestepped. After all, they are using it every day, and unnecessary technology can become annoying and time-consuming. And if your customers are sidestepping security measures, their facility might be at risk—and that would definitely reflect poorly on your physical security plan.
Instead, recommend a level of security that actually suits the facility and the security threats that it faces.
3. Limiting access control to outside doors only.
Of course, it’s important to secure all perimeter doors in order to prevent unauthorized individuals from gaining access to a facility. But have you also considered any areas or rooms within the building that need an additional layer of security? This might include server rooms, labs, and supply rooms.
Interior access control is especially important in high-tech fields, within scientific facilities, and in companies that need to protect proprietary information. However, even corporate offices often need to secure a room or two. Be sure that this is a point you raise during the development of your physical security plan.
4. Letting the customer undermine security.
Many VARs have experienced difficulties when their own customers try to establish different rules for various groups of employees. For example, if upper management doesn’t want to have to badge into the building using the new access control system. Or if the operations department knows that it will be welcoming delivery people several times a week, so it wants more flexibility in the company’s visitor management system.
These types of situations can put VARs in an awkward position, but be sure to make your case. Tell your customer that allowing certain groups to sidestep security creates a dangerous precedent. Their best bet is for all employees to take the time to grow accustomed to the new system.
5. Not considering low-tech techniques.
For many customers, video surveillance and access control technology is exactly what they need to create a higher level of security. For others, you might also consider ways in which low-tech changes can enhance security.
During a site visit, note whether or not bushes and hedges around the perimeter provide an easy hiding place for thieves and other criminals. If so, they may need to be removed. Determine if adding bollards near main building entrances might help keep vehicles at bay. Finally, consider where security guards are placed throughout the building and if some simple changes could improve security.
What are some of the biggest challenges you’ve encountered in developing physical security plans?