Sunstates Blog

A Proactive Security Partner

Archive for the ‘Security Tips’ Category

Looking Ahead: Emerging Trends in Private Security

without comments

Working with clients in a wide range of industries across the country, we encounter—and implement—a number of best practices. Technology seems to be the common thread uniting many of these innovations. As devices and software become more powerful and affordable, more organizations are investing in systems and tools to make their operations more effective and efficient.

Following are some of the top trends we’re seeing in security, based on internal operations, industry resources and professional experience:

• Increased video surveillance. While the use of camera surveillance in the U.S. is much lower than in Europe, we expect this technology to become more prevalent over the next five years. Video footage has proven valuable in investigating incidents, such as the Boston marathon bombing and recent incidents in England, and Americans are slowly accepting—and in some cases expecting—the use of video surveillance.

• Central monitoring. More companies are looking for centralized command centers, known as Global Security Operations Centers or GSOCs, that can control multiple facilities from a single location. Previously, the technologies used for various security functions—such as access control and surveillance—didn’t communicate well with each other, presenting integration challenges for a single facility. New software bridges that gap and makes it possible for organizations to consolidate their security systems.

• Real-time security reports. Smartphone apps allow our officers to monitor tens of thousands of checkpoints each day in real time. This information populates our quality control system, which allows management and clients to review site information at any time. Improvements in efficiency may reduce the number of security personnel, while freeing members of the security team for more sophisticated assignments.

• Insurance discounts for security.  On the personal side, some insurance companies offer lower auto premiums for safe drivers, as reported by devices that monitor and transmit information about a vehicle’s operation: speed, following distance, braking intensity. It makes sense that commercial insurers will reward those organizations that have taken extra steps to protect their people and property with video surveillance, employee education and security teams.

To discuss how your facility can capitalize on the above trends in security, call Sunstates Security at 866-710-2019 or email us.

 

Written by Sunstates Security

June 27th, 2017 at 6:14 pm

Security Lessons from British Terror Attacks

without comments

The recent attack near a London mosque marked the fourth terror assault on British soil in three months. These incidents demonstrate continuing trends in terrorism, with sobering security lessons.

Today’s terrorists have shifted tactics from well-organized, large-scale attacks to super-efficient strikes executed by small groups and individuals. This change presents the dual challenge of more potential attacks and decreased likelihood of law enforcement infiltration.

In addition, the attackers are methodical and smart, applying the same sophisticated planning as career criminals. Their ability to study and surmount security measures requires consistent creativity from protectors.

Challenges of Concentric Circles

For decades, law enforcement and private security have safeguarded property and individuals by creating multiple layers of protection, like an onion. This same approach is used for the White House and Buckingham Palace, as well as for special events, like concerts and award ceremonies. Each successive layer is more secure than the previous perimeter, with the greatest attention naturally focused on entry points.

“We’ve created our own security problem,” says Glenn Burrell, CPP, president of Sunstates Security. “These perimeters do a great job of keeping out attackers, but they create a secondary target.”

In addition, the May bombing at Manchester Arena revealed another weakness, changing the security game.

“Typically, few security personnel are posted at the exits,” says Burrell. “Now we have to think long and hard about managing exit strategies. For instance, we may need to create another perimeter at the exit to stop anyone from going in after an event.”

Additional Takeaways

Responding to this ongoing threat requires less reaction and more analysis, supported by training and increased situational awareness.

Understand the enemy. Security teams need to put themselves in the shoes of the perpetrators to detect and shore up vulnerabilities. These individuals prepare attack strategies. They study the protective measures in place and adapt their plans to minimize risk and maximize the impact. Security personnel should follow the same practice on a regular basis and revisit policies and procedures to curtail weaknesses.

Look for patterns. During Burrell’s service with Scotland Yard, he participated on surveillance teams that followed bank robbers for weeks as they conducted dry runs in preparation for a heist. Security teams need to watch for patterns and unusual behavior, calling attention to such individuals. This type of analysis allowed the FBI to thwart an attack against a Southeastern synagogue last year. The would-be assailants had been captured on camera and recognized during repeat reconnaissance trips.

Expand training and education. Both security and non-security personnel need to learn about the tactics of would-be attackers. The insidious and pervasive nature of this threat makes security everyone’s responsibility. Employees must also look for and report unusual behavior. Security teams, in turn, need to respond to, and communicate, with such informants to encourage such information sharing.

For information on how Sunstates Security can help your organization review and adapt its security procedures, please call us at 866-710-2019 or email us.

 

Written by Sunstates Security

June 27th, 2017 at 6:09 pm

Case Study: House of Worship Responds to ISIS Threat

without comments

At eleven o’clock on a Thursday night, the local Department of Homeland Security (DHS) office contacted a house of worship protected by Sunstates. The Islamic State in Iraq and Syria (ISIS) had issued a public threat directing followers to burn this institution to the ground.

Sunstates President Glenn Burrell, CPP, discussed and analyzed the threat with the client contact. They concluded that the multimillion-dollar annex faced little risk, due to its state-of-the-art fire suppression system. However, the original sanctuary—more than a century old and constructed entirely of wood—could present an attractive, symbolic target.

Targeted Security

“Such an attack would send shock waves throughout the country,” said Burrell. “We couldn’t add resources to their budget, so we identified the most vulnerable areas and redirected security there.”

The site was already using a mobile management system to monitor inspections and issues. Sunstates immediately increased patrols around the historic sanctuary and added more checkpoints to confirm thorough inspections of the area.

In addition, Sunstates reinforced anti-surveillance techniques with security personnel. While conducting their duties, officers keep an eye out for anyone who appears to take special interest in the building and/or its security. Officers politely offer assistance to such individuals, a gesture that also conveys the vigilance of the security team.

Creative Partnership

By coincidence, the Sunday following the DHS alert saw the launch of a pilot program that Sunstates had developed with the client several months earlier. Sunstates trained ushers at the church as part of the security team. These volunteers completed rigorous security courses, including firearms training and licensure. Moving forward, these individuals will adhere to the Sunstates training requirements for armed personnel—quarterly refresher training, in addition to the annual qualification required by states.

“Even though they’ve volunteered their services, they are part of the security team,” said Burrell of the ushers. “In their role as greeters, they serve as the first line of defense in a potential situation.”

For information on how Sunstates Security can help your house of worship or organization prepare for such threats, please call us at 866-710-2019 or email us.

 

 

 

Written by Sunstates Security

March 21st, 2017 at 6:54 pm

Civil Unrest: How to Prepare for Uncertain Times

without comments

From the Baltimore riots of 2015 to the political protests that continue today, such disturbances are emerging as “normal” threats with which American businesses must contend. In Sunstates Security’s home state of North Carolina, demonstrations related to police shootings and women’s rights have disrupted commercial operations, requiring additional security coverage.

Part of the reason for this unfortunate trend comes from increased polarization. Data from respected organizations like the Pew Research Center shows that the ideological center is shrinking, while those occupying the right and the left are growing farther apart.

Social media has made this volatile situation even more dangerous by making it easy to coordinate pop-up protests. Although relatively small, these gatherings form quickly and drive away customers, so even peaceful demonstrations have a negative effect on local businesses.

Crimes of Opportunity

Beyond the obvious disruption caused by these events, businesses in the surrounding area also need to guard against crimes of opportunity. Statistics show that minor crimes—such as break-ins of vehicles and buildings—spike during public disorder as opportunists take advantage of the diversion.

During President Glenn Burrell’s days with Scotland Yard, he dealt with hundreds of public order events, including policing picket lines. Video cameras proved effective as deterrents because they removed anonymity from the situation; people didn’t want to be identified. To maximize their deterrent value, he recommends making the cameras as conspicuous as possible, while protecting the equipment against tampering. Facilities should post prominent signs announcing the use of recorded video surveillance.

Similarly, businesses need to do more than keep an eye on a civil disturbance. They also need to look for, and shore up, any potential weaknesses that might be exploited while the main event holds the spotlight.

Steps to Consider

Effective protection against these threats starts with awareness, recognizing the potential for such events and evaluating the specific danger to an organization.

Threat assessment. Security teams should analyze the likelihood of a civil disturbance at or near their operations. Some threats are external, such as physical proximity to a courthouse or other government structure, or to public gathering space. Internal threats may arise from negative events, like layoffs, or ideological differences. A threat assessment should include all these factors and analyze both physical and operational vulnerabilities.

Early warning. In addition to maintaining relationships with local law enforcement, companies may consider commercial solutions to monitor social media chatter. Such programs can be customized with keywords and dates to help alert organizations to protests during the planning stage.

Employee education. Enlist personnel in the security effort through training programs. Teach them to recognize warning signs and to communicate this information along an established chain of command. For additional support, a skilled security partner will likely already have courses to teach officers crowd management and nonviolent conflict resolution, which can be adapted for non-security employees.

Additional resources. For known events that could trigger a disturbance—such as a potentially unpopular court verdict—organizations at risk should speak with their security provider about backup personnel, if needed. A larger firm should have additional staff available. Some firms also offer trained special-response teams that can travel where needed for emergencies. Such efforts should address not only threats related to the primary demonstration, but also crimes of opportunity.

For information on how Sunstates Security can help your organization prepare for social disturbances, please call us at 866-710-2019 or email us.

Written by Sunstates Security

March 21st, 2017 at 6:47 pm

Security Focus: Access Control Tailgating & Piggybacking

without comments

Access Control Piggybacking

Access control is an important component for workplace safety, however can be hard to achieve in an open environment designed to be inviting and easily accessible to employees and customers. Violations of access control can take the forms of tailgating and piggybacking. Tailgating occurs when an unauthorized person slips in through a door before it closes. Piggybacking occurs when an authorized person allows someone to follow them through a door to secure area. Both practices are breaches of security which have the potential to expose your workplace to a variety of threats. 

The Risks of Tailgating & Piggybacking

  • Theft. Allowing unauthorized individuals into secured areas can result in tangible losses to include:
    • Office equipment
    • Intellectual property
    • Sensitive hardware
    • Employee personal items such as phones, wallets, purses and other valuable items
  • Unsafe Working Environment.An unsecured environment that does not have access controls is more susceptible to:
    • Workplace Violence
    • Active Shooter
    • Domestic Violence
    • Acts of Terrorism
  • Unhealthy Company Culture. Even if the piggy backer is an employee with appropriate clearance, the failure to respect the rules contributes to an overall attitude that security is not important, further increasing the likelihood of a future security breach. 

Access Control Solutions

Piggy backing is primarily a behavioral issue that circumvents established access control procedures. One of the most effective ways to combat this behavior is by embracing a “secure building” culture, whereby all employees / tenants accept their shared responsibility in maintaining a safe workplace. Following are some suggestions to help ensure the safety and security of your office space:Access Control Tailgating

  • Don’t hold badge accessed doors open for anyone that you do not know personally, and make sure no one slips in behind you.
  • Bring attention to any individual you observe trying to slip through any type of access control situation whether it involves badging in, signing a visitor log or checking in with security.
  • If you find a door that does not automatically close or has a broken lock, contact building security. If you find a door that is propped open, please close it.
  • Never hesitate to challenge unfamiliar people in your workplace or office building. People often avoid doing this as it makes them feel uncomfortable or rude, or they are afraid they will be mistaken. Circumvent this discomfort by approaching the encounter as an opportunity to meet someone new, and address unknown individuals with a friendly greeting and question as opposed to a confrontational or accusatory manner. Employees or visitors with a legitimate right to be there will not be offended by a friendly approach, and will likely respect your commitment to workplace security. Unauthorized individuals will shy away from any sort of attention, and are likely to leave on their own if they are directly addressed.
  • Report any suspicious individuals to the security team.

Security is everyone’s responsibility – remain situationally aware at all times, and take action to address individuals who seem lost, aren’t dressed for the environment, don’t have a badge, or who blatantly attempt to evade access control measures. This collective effort will enhance the security of your workplace and the safety of all employees and tenants.

 

 

Written by Sunstates Security

August 11th, 2016 at 5:05 pm

Posted in Security Tips

THE PHILOSOPHY OF PREVENTION – STAYING SAFE IN A DANGEROUS WORLD

without comments

In most emergency situations, whether instigated by humans or caused by natural disaster, the reactions of security personnel are just that—reactions. A proactive approach, on the other hand, yields better results.

Business Continuity Planning Is SMARRT

How do you keep your business operating if it becomes a crime scene or disaster location for weeks at a time?Image for THE PHILOSOPHY OF PREVENTION – STAYING SAFE IN A DANGEROUS WORLD Post - Emergency Preparedness

Recent natural disasters and tragedies have spurred more companies to develop business continuity plans. Such plans include tabletop exercises, drills, and working with skilled security partners that can provide hands-on training and the benefit of experience and best practices.

According to Sunstates president Glenn Burrell, “Business continuity plans work best when everyone in an organization is invested in security, from top to bottom, management to mail room. An organization is a community. If everyone looks out for each other, keeps their eyes open, and then communicates, the organization benefits. Many potential crisis situations can be defused before they explode. This kind of cooperation doesn’t happen overnight, however. It takes practice and education.”

Sunstates has developed its own business continuity program to ensure its ability to take care of clients in a crisis situation, including creation of a special response team.

Now operating in most regions across the U.S., Sunstates Mutual Aid Rapid Response Team (SMARRT) consists of 81 specially trained and equipped team members whose primary focus is protection of clients’ personnel and assets and immediate containment of incidents. SMARRT is ready for rapid deployment at a moment’s notice, available only to clients.

Active Shooter Training

Among the manmade crises plaguing the nation, active shooters have become a high-profile threat for a wide range of organizations, from schools to businesses. Image for THE PHILOSOPHY OF PREVENTION – STAYING SAFE IN A DANGEROUS WORLD Post - Active Shooter TrainingTraining individuals how to deal with this type of situation is critical to preventing loss of life.

Moreover, the ways that law enforcement engages such situations are evolving, and organizations should evolve as well. Instead of waiting outside, for example, police are now directed to enter the scene and engage the suspect.

But how do organizations keep themselves up-to-date with current best practices? By partnering with experienced security professionals.

Sunstates has participated in active shooter training scenarios at the middle-school and college levels, conducting live drills where volunteers acted as shooting victims. In both cases, the training went well, and everyone from EMTs to the school administration and faculty gained valuable experience.

Sunstates president Glenn Burrell says this type of training is the best available. “Planning is absolutely key, so that if such a tragedy were to occur, everyone knows what they have to do.”

The president of a large community college in North Carolina described the exercise as not only vital to campus security, but also beneficial to everyone involved.  He stated, “It allows local law enforcement and emergency services personnel to become familiar with the campus, while getting excellent training. And it ensures that the college has procedures in place in the case of such an event.”

Written by Sunstates Security

October 29th, 2015 at 6:05 pm

HOW TO BALANCE OPENNESS AND SECURITY IN FAITH-BASED ORGANIZATIONS

without comments

Image for Security in Faith-Based Organizations Post

On May 3, 2015, in Garland, Texas, two gunmen opened fire upon attendees of a controversial event displaying caricatures of the Prophet Mohammed.

The Islamic State of Iraq and Syria (ISIS) claimed responsibility for the attack. Although no direct link to ISIS has been proven, there is no question that terrorists worldwide are bringing their brand of fanatic violence to U.S. shores.

The world is becoming ever more dangerous, and few entities elicit greater threats than religious organizations. This puts faith-based organizations in the crosshairs of all sorts with axes to grind. But how can an organization with open doors be secured?

Trends in Security Threats

Terrorist threats; spree-shooters in schools, shopping malls and college campuses; and even random vandalism and theft all contribute to the need for increased security.

Faith-based organizations are turning more and more toward security services to protect their property and members, but often find their purpose and mission at odds with providing real security. Funds for faith-based organizations come primarily from the members, from the congregation, and these funds are expected to support education, outreach and/or worship. Nevertheless, for many large organizations, spending a portion of those funds on security has become necessary.

Real-World Security Solutions

Unfortunately, security breaches typically provide the biggest motivator to engage security services—after something bad has happened. A proactive approach is far more cost-effective than dealing with the aftershocks of a tragedy.

But prevention is harder to justify in budget discussions. People don’t see the benefits when security does its job. The security team can’t quantify how many incidents of vandalism, theft or violence are prevented, which makes it difficult to divert funds from a church’s youth programs or community ministry to security.

Despite these challenges, Sunstates Security offers these best practices for protecting large faith-based organizations, based on decades of experience securing these unique communities.

  • Partnerships. Close working relationships with both the security team and local law enforcement is key to security. Everyone working together is the best way to protect the organization and its members.
  • Emergency action plans. Organizations should develop an emergency action plan before the unthinkable happens. Members should know what to do in the event of a crisis, where to go, who to call, how to get to safety. Ideally, the plan should be developed with a security partner and law enforcement.
  • Testing and assessment. An emergency action plan is most valuable if it’s tested, assessed and refined. This means planning, table-top exercises and drills to ensure that a plan that looks good on paper actually works in the real world. Preparedness saves lives during emergency situations.
  • Education. The more that organizations can educate members about security, the more everyone will be on board. Posters, notifications, letters, notes in the weekly bulletin, etc., can all help raise awareness. An attitude of, “If you see something, say something,” empowers members to contribute to the safety and security of the community.
  • Mass notification. The technological age has created many ways to communicate quickly with large numbers of people. Email and social media are acceptable—if often slow, maybe too slow in emergency situations—ways to accomplish this.
  • These best practices apply not only to faith-based organizations, but also to any organization that is, by its very nature, an open environment, including schools, college campuses, shopping malls, etc.

    If you would like to know more about how your organization can improve its security, contact Sunstates Security.

    Written by Sunstates Security

    June 18th, 2015 at 3:00 pm

    PANDEMIC PREPAREDNESS: IS YOUR ORGANIZATION READY?

    without comments

    Pandemic Preparedness

    Pandemic Preparedness

    The arrival of the Ebola virus to U.S. shores has revealed a number of chinks in the armor of disease control preparedness. While the epidemic was raging in West Africa, Americans generally gave it little thought, nursing only vague fears that the virus would hop the Atlantic Ocean and find new hosts here. But when it did, we found ourselves unprepared at almost every level.

    A phenomenon like Ebola (or the Spanish flu of a century ago, or the bird flu, or the regular flu season) is not just a public health issue; it is also a security issue and a business continuity issue.

    What happens to an organization in the short term when half of its employees stay home sick? What happens if employees bring their contagion to work and infect more employees? Who is going to guard your assets if your entire security staff is ill? How do you mitigate the long-term damage of having your business effectively put out of commission until the illness passes?

    Do you have a plan in place to mitigate the damage of a pandemic to your organization?

    A Unique Security Challenge

    Sunstates works with a number of large, faith-based organizations in Dallas, where the first U.S. cases of Ebola occurred. Such organizations have unique security risks, in that their open-door policies and large gatherings could put thousands at risk if an infected individual sought solace there.

    Sunstates recognized the potential catastrophe and, having done extensive research already, offered swift guidance for pandemic response to Dallas clients. Sharing this information provided tremendous peace of mind and allowed for adaptation to their own business continuity plans.

    Glenn Burrell, President of Sunstates Security, says, “Business continuity comes from having the ability to backfill personnel if they are taken out of action.” For instance, one of the ways Sunstates handles this is with the Sunstates Mutual Aid Rapid Response Team (SMARRT). These specially trained and equipped team members are ready for rapid deployment at a moment’s notice to fill such personnel gaps and provide security.

    The keys to maintaining continuity in your business in the event of a pandemic or other emergency include the following:

    ·       Cross-training personnel

    ·       Resource depth to bring in additional personnel, as needed

    ·       Top-down commitment to the business continuity process

    ·       Regular re-evaluation of procedures, modifying as necessary in the face of changing circumstances

    ·       Live and tabletop drills simulating emergency situations

    Sunstates Security has been helping clients create customized emergency and business continuity plans since 1998, including pandemic contingencies. Contact us today to find out how we can help you.

    Written by Sunstates Security

    December 18th, 2014 at 3:52 pm

    LOADING DOCK SECURITY—ARE YOU LEAVING THE BACK DOOR OPEN?

    without comments

    http://www.dreamstime.com/stock-photos-warehouse-loading-dock-blue-truck-image35206193In September 2008, thieves broke into an Alltel Communications warehouse in Fort Smith, Ark., via four of its loading docks. The intruders disabled the alarm and surveillance systems before helping themselves to four tractor-trailers loaded with an estimated $10 million worth of cell phones.

    Furthermore, threats can go beyond theft.

    In August 1982, Leonard Avery entered an IBM plant in North Carolina carrying a Thompson submachine gun, where he went on a shooting spree that left one employee dead. He came in through the unsecured loading dock.

    Would you leave the back door to your house open while locking the front one? Probably not. Nevertheless, loading docks represent exactly that—a back door that is often left open in the hustle and bustle of normal business operation.

    The Dangers Go Beyond Physical Security

    Far less dangerous but far more prevalent is theft via the loading dock. The nature of the shipping industry often results in shipments and pickup drivers coming and going at all hours. Cybercriminals know that it’s much easier to have their victims hand something over than it is to sneak in and steal something. Today’s practice of brokering shipments makes this method of theft increasingly easy.

    Many suppliers post loads on the Internet for pickup, and carriers bid on or schedule loads through these listings. Carriers receive the information they need to pick up the loads and then come to the facility. Sometimes, thieves will steal the identity of a legitimate carrier and use that to accept the brokered load via the Internet. They then arrive at the warehouse with the necessary information to pick up the load and drive away.

    Loading docks are also the perfect place for employees to walk out with company property, or to facilitate theft by propping open doors or otherwise giving accomplices warehouse access.

    Balancing Daily Business with Real Security

    Insecurity at any loading dock results from several competing needs. Trash must go out. Supplies must come in. Shipments must go out. Employees and vendors come and go. It can be a hectic, volatile environment, one that requires a diligent balancing act.

    Richard Tesauro, Vice-President of Security at NFI, a transportation and logistics company based in New Jersey, says that lax procedures or enforcement creates opportunities for bad things to happen. Based on his experience at NFI and 28 years with the New Jersey State Police, he offers a variety of measures that organizations can take to secure their loading dock areas.

    • Record truck and driver identification—driver’s license, identification, license plates, phone numbers. Make sure they are who they say they are, and verify their contact information.
    • If possible, use your own carrier or one third-party carrier. Having a consistent system in place reduces the chance of theft. Familiarity with carriers can help alert you when anything is amiss.
    • Use a Dock Lock System, where a hook locks onto the ICC bumper at the back of the trailer. Designed as a safety mechanism, it can also serve as a security feature. Until released from the inside (by someone at the facility), the trailer can’t be pulled from the dock door.
    • All personnel or man doors should be closed, locked and alarmed, 24 hours a day, with a limited number of doors designation for entry and exit. Limit the ease of people walking in and out.
    • When not in use, all dock doors should remain closed, latched and have a padlock attached through the latch.
    • The driver’s entrance at the Shipping and Receiving office should be separated from the warehouse floor by a fence to limit drivers’ access to the warehouse. Drivers should only be allowed access to dock area under escort.
    • Install interior and exterior cameras for surveillance of all doors, drivers and workers.
    • Maintain strict supervision and oversight. All the security measures in the world are useless if not supported and followed by every level of the organization, from top to bottom.
    • Perform security audits of loading dock procedures to identify and correct weaknesses.
    • If loaded trailers are left in an unsecured yard, apply kingpin locks to prevent anyone from hooking up to the trailer and driving away.

    For more information about eliminating vulnerabilities in your loading dock security, call one of our specialists at Sunstates Security today.

    Sources: Canfield, Amy. “Hospital loading docks rival ERs for security concerns,” Security Director News, 25 November 2013.

    Paul, Lauren Gibbons. “10 Steps to Loading Dock Security,” CSO Online, 5 October 2008.

    Written by Sunstates Security

    April 9th, 2014 at 8:23 pm

    Posted in Security Tips

    Tagged with

    COMBATING CYBER-INSECURITY IN A CONNECTED WORLD

    without comments

    Image for Cybersecurity Best Practices Post

    Cyber-space

    According to a February 2013 report released by the U.S. Director of National Intelligence, Chinese hackers are engaged in a massive, ongoing cyber-espionage campaign targeting U.S. companies. The systematic campaign targets nearly every sector of the U.S. economy, from aerospace and automotive to finance, energy, media and technology—even breaking into the New York Times and Wall Street Journal. Estimated losses are tens of billions of dollars in compromised intellectual property.

    Other countries’ cyber-espionage programs cited in the report—France, Russia and Israel, among others—are less widespread but just as dangerous, and all for economic gain. American intellectual property and business secrets—perhaps yours—are worth billions of dollars.

    Sunstates president Glenn Burrell says, “This is not a plot from an action-thriller film; it is real and happening right now.”

    Is your company doing all it can to prevent cyber-attacks and protect valuable assets? Burrell offers the following best practices to enhance your security.

    Best Practices for Cyber-Defense 

    • Assess network infrastructure and identify risks. Organizations must assess their network infrastructure and make sure that their IT staff has the support from management to build a successful security program. Then, they need to establish a system for identifying and analyzing security risks.
    • Create and document cyber-security policies. Companies need to identify every segment of their infrastructure and place everything under the governance of their security policy. Look for vulnerable or unprotected devices or access points, and define the process by which these vulnerabilities are to be removed or brought into compliance.
    • Implement and test firewalls. Firewalls are the first line of defense in any network. While they are common practice nowadays and not to be overlooked, they are not always sufficient, however, particularly with laptops, which may have outdated anti-virus software or firewalls.
    • Secure remote access with strong authentication techniques and quarantine technology that identifies vulnerable remote devices.
    • Control access to high-level risk points such as servers, back-ups and administration systems with stringent security policies.
    • Establish password policies that make passwords harder to break. Mandatory password resets, password requirements such as using both upper and lower case characters, special characters, numbers, minimum length, etc., are all techniques that increase password security. The majority of hacked passwords consist of names, birthdays, all the things that most people will have as their passwords. Cyber-security audits still routinely find computers with passwords taped to the underside of keyboards, a practice that should be strictly forbidden by any security-conscious organization.
    • Conduct annual third-party security audits. Audits can identify hidden or overlooked vulnerabilities in an organization’s infrastructure. Companies should not wait to be attacked before performing a security audit. Auditors have the resources to test—and strengthen—an organization’s cyber-defenses.

     For assistance with your cyber-security needs, contact Sunstates Security today. Our specialists can help you develop a security plan tailored to your unique situation.

    Written by Sunstates Security

    September 18th, 2013 at 8:24 pm