Security for businesses: combating office based crime
Certain types of businesses across the country are widely recognised as popular targets for criminals; shopping centres for example are well known to be targeted by thieves so a large majority of their owners employ security personnel in order to protect themselves, their stores, their employees and their customers. However, when it comes to offices far too many business owners assume they are unlikely to be targeted and therefore put the addition of security protocols to the bottom of their agenda, if it is even on their agenda at all. In this article we will explore some of the ways in which offices around the UK are vulnerable to crime and how they can take steps to better protect their employees, clients, sensitive information and assets.
Not only do reception areas act as a pleasant meet and greet area for visitors but they are also the first line of defence against criminal activities. One of the simplest ways that unwanted visitors can gain access to offices is through an unattended reception area or by deceiving reception staff who are not properly trained to detect potential threats. One example of a method that criminals use to gain unwarranted access to properties is tailgating, which involves quickly following behind a person who has been granted access through a door. A properly trained concierge will know which signs to watch out for and help prevent these kinds of activities from occurring on a business’s premises.
They will also know the importance of guest books and that it is critical for any visitors to be signed in and escorted whilst on their premises and also provided with a visitor pass to wear clearly on their clothes. This informs other occupants of the building that they have been granted proper access and that they do not present a threat to security, and is also a valuable failsafe for fire safety reasons.
Another way that companies can prevent problems is to install an x-ray scanner or metal detection system to stop violent weapons from being taken into their building. A properly trained security person can also undertake pat-downs of visitors before passing through the reception area and provide extra confidence to employees and visitors that a self-operated scanning system is working correctly.
Finding the right kind of employee is a key factor to the growth of any successful business and although the vast majority of people undertake their employment with honest intentions, there are occasions when other motivations may be at play.
In such a competitive job market, many job seekers have been shown to lie about their work history and qualifications, which may help to increase their chances of being hired. However, these falsehoods can be investigated by employers and proven to be untrue given time, which often employers don’t have in abundance when they are trying to fill a vacant position.
A serious consequence of hiring an employee without conducting proper background checks could be that an employer hires someone who is unqualified. However a much worse scenario could be that an employee fails to discover criminal convictions by not investigating properly. This employee may go on to commit theft, violent acts or other types of crime against the business. It is also important that employers check the employee’s right to work in the UK, as a failure to do so could lead to substantial fines.
As many businesses base their offices in large towns and cities, the possibility of being effected by a terrorist attack is a very real threat. Mi5 are clear in their guidance that businesses can reduce the risk to their business by implementing vigilant protocols and ensuring that the security of their business remains a high priority. This might involve planning and maintaining contingency plans – such as how to deal with bomb threats, suspect items and how to conduct evacuations, also detailing possible evacuation routes out of the area. Any potential areas of weakness such as delivery bays or reception areas should have stringent security practices in place such as secure identity verification for delivery drivers.
A terrorist attack is not the only type of disastrous event that businesses need to be prepared for. Office based businesses can also be at risk from other hazards such as extreme weather conditions, fire, pandemics, cyber attacks and power failures. Effective contingency planning can help businesses not only deal with the initial problem but also the aftermath of these serious types of incidents.
In some cases, such as extreme weather or fire damage, businesses may need to quickly find a way of continuing work. Advanced planning could help them to identify a place which could be used as a temporary headquarters and also how they will maintain security of their communications (phone, email, etc) during this time.
Extreme weather conditions could prevent staff from being able to travel to work, or could cause heating systems to break down. An effective solution to plan for this type of incident might be to work alongside IT staff to develop a secure way for staff to access files and continue their work safely from home.
Cyber security is another great concern for both consumers and businesses in the UK with both parties rightly worried about breaches of data. It is important then to have a clear IT policy for staff which outlines how they should handle sensitive information and how best to use the internet safely. Information should be backed up on an external server – held somewhere away from the site and updated regularly. Computer security should also be regularly maintained with firewalls, etc kept up to date.
Although it can be particularly hard to prepare against cyber attacks with the fast pace of change and high level of sophisticated technology that is used by hackers, it is important that businesses at least prepare themselves as much as possible for what to do in the aftermath of a security breach, so a risk assessment should be carried out and any areas of weakness dealt with accordingly.
Data security and shredding of data
Another common problem that businesses face is the protection of data. In particular online data is becoming ever more vulnerable with the growth of remote access, wireless appliances and employees working from home. Advances in technology mean that important data, if left unprotected, could be easily copied via means of a simple USB stick for example. As far as is possible businesses need to put in to place practices to safeguard this type of important information and to limit its access to members of staff who don’t require it in their daily work.
It is important that businesses have a clear policy on sensitive information, only provide access to the staff members that require it and ensure that data is backed up and encrypted, whilst being aware of their legal requirements – particularly that of third parties.
Despite a vast reduction in many businesses use of hard-copy paper information, many still have paper documents including financial statements, invoices and letterheads which can prove valuable to criminals. The loss of sensitive information can be damaging to businesses and can fuel crimes like identity theft and corporate fraud which is estimated to cost the UK as much as £3.3 billion a year (Annual Fraud Indicator).
In addition to the risk to themselves, businesses also have a responsibility to safeguard the confidentiality of their clients which includes protecting any data or documents which might aid fraudulent activities. This can be enforced by the Information Commissioners Office who has the ability to levy fines of up to £500,000.
Practical steps that businesses can take include ensuring that the printing out of confidential information, including emails, is kept to a minimum, keeping office desks tidy and paper-free at the end of the day and encouraging a culture of shredding paper materials after use.
CCTV is a proven tool that businesses can use to deter criminals and monitor activities on their premises – capturing images and sending them to control centres where operators can keep watch and inform authorities in the event of any potential worrying incident. It is recommended that any business looking to install CCTV seeks professional advice to ensure that they are in line with legal requirements as there are specific rules relating to the placement of CCTV as well as the signage, storage and also handling of data and footage.
It is also crucial to remember that having well maintained and operated CCTV is not the same as having human security personnel physically protecting the important areas of your business, for example in reception areas where they can interact with site visitors, read body language and act as a deterrent to criminals.
In a recent survey of 15,000 people in the UK, as many as two-thirds admitted to stealing low-cost items such as stationary from their employers and almost one in twenty admitted to stealing more expensive items such as mobile phones and computer hardware from them.
The financial cost of this type of theft can become very serious over time and if and when investigations begin, it may also impact negatively on staff morale. As with many types of crime the best method for dealing with employee theft is prevention.
For low-value items, such as stationary for example, there should be a designated member of staff who has sole access to the equipment and keeps a well maintained log of supply numbers. For more valuable items it might be necessary to have a locked cabinet or safe with alarms. Items which are of particular value should also be given barcodes and for additional safety, security personnel could be asked to scan bags as employees and visitors leave the premises.