Physical Security And Vulnerability Assessment
Fall is here and that means the business world is in full swing. This time of the year is a good opportunity to share details about our Physical Security & Vulnerability Assessment service. The goal of this assessment is to observe and analyze areas of potential vulnerability, to pinpoint causes, and to recommend means to reduce or eliminate exposure to threats. When we conduct this assessment, we utilize a specialized process known as The Interfor Method. The Interfor Method ensures that the assessment will cater to each client’s individual needs and allow for the most comprehensive analysis available on the market.
The physical security assessment includes a review of access control systems and protocols, ingress/egress procedures, intrusion detection systems, application of electronic control systems, and employee/visitor identification policies. We also cover IT procedures, employee/vendor background investigations, and general personnel standards. Below we will cover the basics of the work we do, as well as some examples to demonstrate why this type of assessment is so critical.
The Interfor Method
The Interfor Method involves an extensive system designed to assess, analyze, report and test areas of potential or actual vulnerability. The method can be scaled easily and implemented within small organizations, middle-market companies, and large corporations. Although the following reflects a framework of the method, given that no two assessments are identical, it should only be regarded as a guide. The process is as follows:
Interfor begins with an introduction to a client’s corporate structure, services, and culture as well as identification of key personnel. We also create a cross-functional Assessment Team (usually comprised of senior-level personnel within pertinent groups, divisions, or business units). In this initial meeting we learn your organization’s background in order to understand where potential threats may originate.
One example is Interfor’s recent engagement by a city which hosts one of America’s top tourist destinations to conduct a discreet, confidential physical security and vulnerability assessment. The assignment was to speak with a cross-section of the city’s stakeholders and provide a review and evaluation of their existing policing protocols and procedures; evaluate their effectiveness; and make specific recommendations on measures needed to achieve the desired level of security.
After the initial meeting we determine the scope of Interfor’s assessment and explore perceived threats and historical incidents, classification of industry-wide threats, and an identification of key assets (i.e. personnel, facilities, material).
We also have a discussion about the process for reporting and gathering information and the establishment of a timeline for the entire process. That includes Identification of deliverables, identification of required tools and documentation (i.e. protocols and procedures) and clearance obtained for Interfor personnel.
Comprehensive Onsite Assessment
Here we execute the implementation of the agreed-upon plan, including physical assessments of facilities during pertinent hours and interviews. We also review current protocols and procedures as well as determine the level of compliance throughout the organization. This includes comprehensive interviews with identified key personnel and aggressive testing of current security precautions and barriers through various prearranged means.
Data Analysis and Initial Report Generation / Preliminary Briefing
Everything we do at Interfor includes a professional analysis of collected data that is designed and developed into a report outlining observations and recommendations. Additionally, we focus on general and specific observations of vulnerabilities throughout the organization as well as specific recommendations highlighting areas of critical concern as well as areas in need of improvement.
Presentation of Findings and Recommendations / Testing of Implemented Recommendations
All findings and recommendations will be reported in a manner which fits the needs of the organization including suggestions concerning training or awareness programs. We have prearranged audits to determine if the improvements have been implemented correctly.
Interfor was retained for this service by a major non-profit to check for any vulnerabilities they may have which would compromise their security. As an example of our findings from a report we generated after our assessment “we believed that the improvements and corrections listed in our report should be followed to ensure that unauthorized access to this non-profit’s office be mitigated in a realistic manner and that access is not granted accidentally (i.e., by leaving an exterior door unprotected, either accidentally or on purpose). Interfor found the staff interviewed to be highly engaged, eager to facilitate security improvements, and knowledgeable and passionate about the organization.”
We’re living in a time of much uncertainty, where those seeking to do us harm can find ways in both the physical and digital world to do so. As we enter Q4 and the end of the year now is the time to seriously consider your organization’s safety in 2019 and beyond.