classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn
 

Search...
Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2018


Technology risk assessments
August 2018, This Week's Editor's Pick, Security Services & Risk Management, Residential Estate (Industry)

In all cases, whether formally or informally, the security operation is developed around understanding the risks in each situation we face. When an incident takes place, the risk becomes more defined and the security plan is adjusted accordingly.

Rob Anderson, Adamastor Consulting.
Rob Anderson, Adamastor Consulting.

It is unfortunate that this adjustment is mostly undertaken as an emotional and reactionary response rather than a calm analysis of facts and a follow-on solution. An example would be a first reaction to a burglar finding a weak link in the physical security of the estate. Those in charge would be embarrassed that it could have occurred at all, and a great deal of rushing around would take place to fix the problem. It is understandable, and it is human nature.

This is all to do with monitoring risk, associated with the barriers and physical security that you can see. We can all see a hole in the fence, but this is the age where so much of the security operation relies on electronics. The ‘holes’ are embedded in the electronic systems. The electronics reduces costs, and if correctly implemented, should introduce efficiencies into the system. However, how do we know when a ‘hole’ develops or a loophole in the electronics is found by one whose intentions are not good?

It is important to realise there is a risk associated with the electronic solution as well. This can only be detected by the technology team, but their focus and training is electronics and they are not necessarily security risk experts.

Physical and technology risks

This leads to the point that we should be undertaking security risk assessments that look not only at the physical elements, but the technical elements too. One of the very first examples, which criminals very soon took advantage of, was to move the obvious CCTV camera or place a hat over it. The evidence that the CCTV would have collected becomes unavailable. In response to this, many manufacturers added alarms to the signal stream from the camera. They were recorded as ‘Camera Moved’ or ‘No Video’, to alert the security personnel.

I am not sure if these alarms are still available. It remains a risk however, because in many cases a camera mounted in a lower position provides better surveillance. We are then back in the ‘easy to get to’ zone. This is perhaps a physical rather than an electronic risk, although it affects both solutions, but things have moved on from this start and criminals have become more sophisticated as technology progressed.

The question is now: How do we assess the risks in the technology solution? These risks can probably be divided into two types.

1. A system failure that was not expected and cannot have been predicted. There must be procedures in place to recognise this type of failure and have a planned response which can be speedily implemented.

2. A badly designed, installed or maintained system that is slowly or sometimes, quickly, heading for failure. These are usually more severe than the first one, as whole sections of the installation often need to be replaced.

The technology risk assessment

As an example, the technology risk assessment should be based on the evaluation of the following criteria:

1. What is the purpose of each component of the technology solution and is it performing the task required?

2. Has the system design covered all the eventualities?

3. Are all components of the electronic solution correctly installed, secure and being adequately maintained?

4. Is there any known method of by-passing the electronic system so that it is prevented from performing the task for with it was installed?

5. Are there documents available to assist technicians in fault finding and as an aid to understanding the functioning of the system?

6. Is there any information available from other estates where the same problem has arisen? This problem may have occurred before and a solution may be available.

It is clear, that assessing risk is important. The task is, however, of little benefit unless it is undertaken in a very structured manner. What would this be?

It is probably a good idea to start my making a check list for the full estate electronic security installation. The check list needs to address each of the systems and their component parts. In addition, it should look at the overall management of the technology solution. This would typically include reporting, maintenance, spares and system age. It could be that the electronics has reached to end-of-life stage. The list will grow as more assessments are done and it becomes clear that it would be beneficial to go into more detail. As the assessment takes place, each item will be categorised as follows:

1. All good

2. Problems detected

3. Have no idea

Clearly items 2 and 3 will require a decision to be made on the remedial measure and its implementation. If you have “no idea”, then an expert needs to be contacted to assist. This is often the case when you are considering items such as computer equipment, database management and protection against hacking threats to the system.

A structured approach

In following a structured approach and remedial treatment what sort of items should form part of the list? Some are listed as follows:

1. Does the control room check that all cameras are functioning and recording on every shift?

2. Is the backup of data taking place correctly every day?

3. Are all the backup power supplies healthy?

4. The after dark CCTV images should be checked. Are they good enough to be of value to the security operation?

5. Are the access control cameras all pointing in the right direction?

6. Are the cameras which have an analytics facility still operating as intended?

7. Is there still a voltage on the electric fence? If the energiser loses power does an alarm alert the control room?

8. Is the control room vulnerable to attack? This would include criminals easily taking over the control room. This becomes ever more important as criminals seem unafraid of using force.

9. Are all staff properly trained in the use of the electronic systems?

10. Undertake mock incidents and check if the systems function correctly, the staff respond correctly and the data can be interrogated to prepare a report.

The overall aim is to find out any possible reason for the technology system letting you down. As can be seen, this could be product failure, system design failure, lack of information available to maintain the system properly and lack of information to implement a recovery from a possible catastrophic failure.

The process must be ongoing, and the non-technical staff should become involved and take part. In this way they will become more valuable to the operation as they develop an understanding of the systems they are using.

Remember, you would not drive your car with tyres that are completely worn out. It is a terrible risk from all points of view. With this in mind, don’t run a security operation with all sorts of lurking risks.


Credit(s)
  Share via Twitter   Share via LinkedIn      

Further reading:

  • NEC XON talks Industry 4.0 and disruption
    November 2018, Technews Publishing, This Week's Editor's Pick, Cyber Security, Integrated Solutions, Conferences & Events, Training & Education
    NEC XON held its seventh annual summit at Sun City in October this year in which it focused on the Fourth Industrial Revolution (IR4) and how it would disrupt the status quo.
  • Optimal selection of CCTV operators
    November 2018, Leaderware, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Security Services & Risk Management
    Technology is often seen as the primary factor in the success of CCTV surveillance control rooms, yet Dr Craig Donald has seen new control rooms with the most up-to-date technology fail.
  • Our dependence on cyber-connectivity
    November 2018, Technews Publishing, This Week's Editor's Pick, Cyber Security, Government and Parastatal (Industry)
    The health, safety, security, economic well-being of citizens, effective functioning of government and perhaps even the survival of the industrialised world relies heavily upon interconnected critical systems.
  • Border security: Technology or barriers?
    November 2018, Technews Publishing, This Week's Editor's Pick, Perimeter Security, Alarms & Intruder Detection, Government and Parastatal (Industry)
    While it is important to provide a visible as well as a covert patrolling presence on borders as well as points of entry from other countries, this needs to be supplemented with technology.
  • The building blocks of safe and smart cities
    November 2018, Technews Publishing, This Week's Editor's Pick, Integrated Solutions, IT infrastructure, Government and Parastatal (Industry)
    Hi-Tech Security Solutions asks NEC XON and Vox for insights into what some of the foundations of a safe and smart city are.
  • The latest X-ray scanning solutions
    November 2018, Technews Publishing, Asset Management, EAS, RFID, Security Services & Risk Management
    Hi-Tech Security Solutions asked three suppliers of X-ray scanning equipment for some insights into the latest products and their safety.
  • Managing business continuity and disaster recovery
    November 2018, Technews Publishing, IT infrastructure, Security Services & Risk Management
    Organisations are increasingly reliant on their IT systems and data, but they are faced with risks in the form of anything from accidental data loss, to deliberate acts of sabotage.
  • Kaspersky builds skills with SABRIC
    November 2018, Kaspersky Lab, This Week's Editor's Pick, News
    Kaspersky Lab concluded a memorandum of understanding (MOU) with the South African Banking Risk Information Centre (SABRIC) to enhance cyber skills within the banking sector.
  • Smart cities spend less
    November 2018, Axis Communications SA, Government and Parastatal (Industry), CCTV, Surveillance & Remote Monitoring, Security Services & Risk Management
    A proactive management model allows cities to work smarter and save money while offering better services and results to their citizens.
  • Choose your surveillance technology partners wisely
    November 2018, Graphic Image Technologies, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
    Businesses and consumers alike are spoiled for choice in the surveillance market, but as with everything else in life, you get what you pay for.
  • What about the service level agreement?
    November 2018, Vision Catcher, This Week's Editor's Pick, Security Services & Risk Management
    Niall Beazley discusses the importance of a reliable service level agreement (SLA) if you want to rest assured in the long-term efficacy of your security installation.
  • Disaster Recovery 2.0
    November 2018, This Week's Editor's Pick, IT infrastructure
    Protecting your business from the unexpected can mitigate the financial and reputational risks of uncontrolled downtime.

 
 
         
Contact:
Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Other
Terms & conditions of use, including privacy policy
PAIA Manual
         
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.