To Save and Protect: Independent Security Study Does Both

How safe and secure do your employees feel? They might be harassed or threatened by co-workers or visitors, or exposed to some other type of workplace violence. Or maybe your CEO has received threats from a customer dissatisfied with your organization’s product or service. From C-suite to entry level employees, you must be committed to security as a 24/7 objective.

What is great security—and how do you know if you have it?
You might know what great music sounds like or great pizza tastes like, but do you know what great security looks like? Great security follows best practices to successfully protect your people from any hazards they might face in the workplace.

And great security is achieved through a security assessment that helps you understand what you have and benchmarks it with best practices and other organizations who are doing it right to determine what you need. A security assessment ensures that physical, technical, procedural, and personnel security measures are working together to protect your people, property, and assets.

What is an independent security study and why do you need it?
Especially if your organization or CEO is high profile, a security assessment must look at security across the enterprise, like transportation, private residences, personal protection, and other activities related to your executive protection (EP) operations and corporate security (CS) program. That’s when the assessment becomes the foundation of an independent security study (ISS). Not only will an ISS protect your employees, but it will also evaluate EP and CS, and how well you identify, assess, and manage threats to individuals and the organization itself. Plus, the ISS allows your organization’s leadership to avoid unnecessary tax liability as it relates to executive protection.

You can’t conduct the study yourself—that’s why it’s independent.
An important part of the IRS compliance is that the study must be done by an outsider—that’s why it’s independent. In other words, you can’t conduct your own assessment. The net result of the ISS conducted by an independent consultant is an evaluation of your personnel, programs, policies, technologies, operations, and current security environment to identify areas of strength along with opportunities for improvement.

Benchmarking, United States Secret Service, and IRS compliance—a dynamic trio.
Your EP might include air travel, airport protection, ground transportation, and a traveling protective detail to ensure the safety of company executives, especially if they travel internationally. The IRS taxes the gross income of those executives for transportation security costs—unless you can show a bona fide business-oriented security concern for the protection provided. An ISS meets the necessary requirements for the IRS to avoid this tax, saving your CEO money.

Does the CEO travel to countries with known terrorist activity? Does a driver transport the CEO from home to work and back? Does the CEO travel by private plane? The ISS dives deeply into your EP operations to document current measures and offers industry best practices to mitigate threats and strengthen overall security.

By working with The Lake Forest Group, you optimize the value of this outside relationship through benchmarking and extensive experience. Because of our varied client list, we can connect you to best practices that transcend industries so you can learn from organizations you would rarely have contact with otherwise. And as I assess your CS program and specifically EP operations, I will rely on my experiences as a Secret Service agent who protected the President and First Lady in the President’s Protective Detail, investigated threats to the President, and identified risk in a variety of locations, circumstances, and appearances.

Leveraging the USSS methodology in your ISS, we evaluate your:
• EP operations, including drivers, vehicles, corporate or private aircraft, airport locations and personnel, risk level where the executive travels, advance and traveling details, and any additional activities designed to safeguard your CEO and select executives
• Physical, technical, procedural, and personnel security at corporate, residential, and transportation-related properties
• Coordination with internal stakeholders including HR, facilities, security, finance, and legal to maximize communication and risk management effectiveness across departments
• Cooperation with external stakeholders to support security initiatives, including local first responders, open source and social media analysts, and response monitoring station personnel

A holistic strategy guarantees your security is greater than the sum of its parts.
As we conduct the ISS, we look at each element of your security environment at corporate properties, private residences of executives, and locations, equipment, and personnel that support air and ground transportation. Because each part of EP is intrinsically interrelated with another and EP in turn is inherently connected to physical, technical, procedural, and personnel security measures at every location and in every function, your ability to protect your executives as well as your employees depends on a holistic security strategy.

The ISS ensures that holistic security strategy as we offer strategic considerations to enhance existing measures. It also complies with IRS requirements to validate employer-provided transportation for business-oriented security concerns and overall security programs and specifically exclude those costs and items from the executive’s gross income.

Residential Security: There’s No Place Like a Safe Home for the Holidays

The holiday season is upon us and millions of people will be leaving their homes to travel around the country and across the globe to spend time with families and friends. We like to think of this time of year as a celebration of everything that is good in our lives, but we still can’t ignore the obvious—crime doesn’t take a holiday. According to the Department of Justice, summer and winter vacations indicate seasonal patterns as the likely times of year for residential property crime.

These annual rituals leave many residences unoccupied for an extended period of time that could expose them to unnecessary risk. A vacant residence is an attractive target to criminals, especially to burglars who specialize in invading people’s privacy. With the proper planning, preparation, and protective countermeasures, this threat can be minimized and this risk mitigated. Protecting your private property begins with a residential security assessment, an integral part of your tailored security strategy that safeguards your family, property, and assets.

There’s No Place Like a Safe Home

Your home is your sanctuary, a safe haven for you to enjoy life, protected from the outside world. But are you doing all you can to protect yourself? A residential security assessment provides a thorough evaluation of the potential threats to the day-to-day activities of your private residence by independently and comprehensively evaluating risk to the home, property, perimeter, and the contiguous area.

In order to implement the security strategies necessary to protect your home and family, a residential security assessment evaluates numerous areas:

  • Systems technology: alarms, cameras, and fire life safety
  • Network architecture: Internet connections, wireless network, and ports
  • Physical security: fencing, gates, windows, doors, and locks
  • Emergency preparedness: safe rooms, evacuation, and relocation
  • Liaison with critical third parties and first responders

Crime Prevention Through Environmental Design

CPTED, a multi-disciplinary approach to crime prevention through environmental design, relies on the ability to influence offender decisions that precede criminal acts. Research into criminal behavior shows the decision to commit a crime is influenced more by the perceived risk of being caught than by the reward or ease of entry—so that means you should do whatever you can to make yourself and your home less vulnerable.

The three most common CPTED strategies are natural surveillance, natural access control, and natural territorial reinforcement. The following are examples of CPTED that enhance the protection of your home and property without dramatically changing its appearance:

  • A single, clearly identifiable point-of-entry
  • Landscape designs that provide surveillance, especially in proximity to designated and opportunistic points-of-entry
  • The least sight-limiting fence appropriate for the location
  • Windows overlooking sidewalks
  • Signage reinforcing property boundaries

Lights, Cameras, Action

Industry best practices recommend an external video surveillance system, Internet protocol (IP) platform, closed-circuit connectivity, digital technology, motion detection, and night vision capability. Your updated system will allow you to view the video feed though your phone, tablet, or TV, making it really easy to see the view from select cameras, like who is knocking at your front door.

You’ll also feel safer and more secure by being able to track movements in emergency situations, such as a trespasser outside your home. You can also easily determine safe evacuation routes and locate individuals in need of assistance. The entire or partial video feed could be connected to an off-site monitoring station or shared with emergency personnel, police, and other first responders, which helps them get there faster to help you.

Spotlight on Residential Security

The tragic murders of the Savopoulos family and their housekeeper in Washington, D.C. unfortunately show us how high net worth people are at risk to be targets of potentially violent crime. As of today, two persons of interest have been identified—one is a former employee and the other suspect a current one. As the facts continue to surface, we won’t be surprised to learn that this was premeditated, coordinated, rehearsed, and conspired by at least two individuals and possibly others. The main suspect has an arrest record that includes harassment, concealed weapons, theft, and violating an order of protection. The other suspect has bounced around from job to job, was fired by his previous employer, and had been recently hired to do odd jobs for the family. The checkered pasts of these two individuals fit the characteristics of what we see in many insider threat cases. An arrest record, unstable work history, job terminations, and access to weapons are some common denominators. And where these two subjects previously crossed paths provides pieces to a puzzle that has ultimately landed them as suspects in the torture and deaths of innocent people.

Executives Benefit from a Residential Security Assessment

After conducting countless residential security assessments for senior-level executives of major corporations, I have found the number one concern of these individuals is the personal safety of their families. In order to deliver the highest value possible to each engagement, I uniquely tailor the project to best serve my client by beginning with a framework for the assessment that is extremely flexible and adaptable to the environment. The structure then follows a developed and still evolving outline that leverages more than 30 years in the law enforcement and security fields and is based on four main pillars: 1) physical security, 2) technical security, 3) network security, and 4) procedural security. These assessments include an on-site security survey of the residence including the building, property, and its outer perimeter; the risks, threats, and vulnerabilities potentially impacting the safety and security of the home along with the occupants and guests; countermeasures and strategies for risk transfer, avoidance, mitigation, or acceptance; and detailed risk mitigation considerations.

A Prime Example of Insider Threat 

In 2008, the Secret Service National Threat Assessment Center (NTAC) and the CERT® Program (CERT) of Carnegie Mellon University’s Software Engineering Institute collaborated on the Insider Threat Study (ITS) in the cyber security realm. The study focused on employees who committed illegal or unauthorized acts against organizations using a computer, system, or network, such as theft of intellectual property, fraud, and acts of sabotage within critical infrastructure sectors. This research found that current and former employees carried out insider activities in nearly equal numbers, many of these individuals had prior arrests, and a specific work-related event triggered the actions of most insiders—all of which are eerily applicable to what has been uncovered in the Savopoulos case.

How You Can Protect Your Home and Family 

So what can we learn from this incident to help prevent future tragedies? First, whether you’re the founder of a multi-million dollar company or a private homeowner, you need to know the people you come into contact with every day and, more importantly, have access to your home. Your list might include landscapers, cleaning ladies, nannies, dog walkers, and contractors, to name a few. Before any of these people set foot on your property, you have to ensure their backgrounds have been properly screened by their employer. If they are sole proprietors, they must provide proof of passing a background check and establishing legal residency, if applicable. These checks should not be more than three years old and should include, at a minimum, criminal history, civil litigation, and drug testing.

A professional and comprehensive residential security assessment will evaluate the technical, physical, and cyber security measures of your home. When you follow the recommendations of the key takeaways, you will not only help safeguard your home and family from a preventative standpoint, but you will also have a planned response and recovery to any type of nefarious event occurring on your private property. Corporate leaders need to be aware that danger is not only found in the workplace or while travelling abroad; it can also occur in their own backyard.

Building the Perfect (Security) Beast

We turn to a consultant to help us with a challenge we can’t solve ourselves, to supply the knowledge and experience of industry best practices and regulatory compliance, provide a particular type of subject matter expertise, or to guide us through a specific project. While a security consultant is certainly an advisor, assessor, examiner, and evaluator, we can also ask him or her to modify, correct, enhance, and create safety- and security-related documents—specifically, procedural standards such as guidelines, policies, plans, rules, and directives.

Imitation Is the Highest Form of Flattery

If you could create a security department that was an industry leader with best-in-class operations, would you? Of course you would, but how do you know your program is better than the rest? What puts you ahead of your competitors and, equally important, keeps you there? Your success starts with the documents that reflect the mission of the security program while at the same time protect the brand of the organization. Ideally you want to benchmark against companies similar in shape, size, and footprint. If you work for a multinational corporation operating in multiple continents with a global corporate security department, then you want to compare yourself to similar organizations and their full breadth of the security department policies.

All For One and One For All

Employees are more likely to see security as a company priority if management visibly supports security efforts and initiatives. Consequently, a security program is most effective when people see it as an important part of a company’s goals and vision. Among the best ways to demonstrate that support is to include security as one of management’s core values and to promulgate official company policies regarding security. And as the most effective means to this end, multi-disciplinary involvement in the creation and vetting of these documents invites partnerships with legal, HR, IT, and employee assistance to collaboratively design inclusive and relevant procedures. A security department simply cannot do all this by itself.

Let’s Talk About the Nuts and Bolts  

Now that we’ve addressed the importance of building a security program through the “power of paper,” let’s focus on the specific documents needed. Applicable security directives and guidelines can include documents such as:

  • A clean desk policy
  • Access control procedures
  • Restricted area access
  • Visitor management
  • Background screening requirements

While physical security measures are critical, the access protocols and practices and the ability to screen and filter all personnel, services, deliveries, and equipment seeking access to the facilities and its environs are equally, if not more, important. The implementation and effectiveness of security systems, such as closed-circuit surveillance equipment, exterior and perimeter security systems and monitoring, and electronic access control systems, can be determined by the written guidelines and published rules giving instructions on the proper use of these technologies.

Training Is a Perishable Skill

The success or failure of a security program could depend on the training curriculum, security awareness information, and education materials designed not only for the security team, but also for the entire organization. Non-security personnel must receive ongoing and current training on safety-related information regarding emergency preparedness, fire prevention, and workplace violence mitigation, among many areas. Your best practice based security program should combine research, collaboration, institutional knowledge, and professional experience to produce training that engages people by providing practical and hands-on tools they can implement immediately.

Necessity Is the Mother of Invention

We adapt our policies and procedures to our needs and current situation. And the need for most new policies and procedures is driven by knowing current best practices and awareness of emerging threat scenarios. With clients in both the public and private sector, The Lake Forest Group offers you insight acquired through decades of engagements helping organizations assess their current security program—beginning with their written policies and procedures. From there, we can ensure that your corporate environment, financial services, international affairs, business operations, brand integrity, protective intelligence, operational protocols, budget execution, and human resources are built on a strong, best-in-class security foundation.

High Stakes for High-Rise Security and Safety

The global image of every major urban area throughout the world is shaped and characterized by the tall and dynamic structures that pierce the city skyline. And because husbands and wives, mothers and fathers, daughters and sons spend their days within these structures, protecting human lives is paramount to successful high-rise security. The recent fire that engulfed a 63-story hotel in Dubai on New Year’s Eve stands as a real-world example of the dangers high-rise buildings, their managers, and their occupants face every day.

It All Starts with Access Control

No matter how tall or big a building may be, the #1 security and safety concern is controlling access to the property. Access control is not only about people entering the site, but it also concerns vehicles, mail, packages, deliveries, and equipment. Different types of people — residents, employees, contractors, clients, visitors, and service personnel — can be separated by their respective reasons for requiring access to the building.

A truly holistic approach to protecting the building and the people within it addresses all access control areas, individually evaluates each entry point, and offers specifically tailored measures to control access. While an ID badging system will filter and identify individuals once they are on the property, the loading dock for entry of deliveries and trucks and the mailroom used to screen packages require other means to control access. Some of the more sophisticated access control measures are x-ray screening, metal detection, and biometric readers.

Let’s Talk About Hardening the Target

Security- and safety-related policies and procedures, such as visitor management and mail screening, can assist in mitigating risk to a high-rise building along with these tangible items that can harden a venue:
• Property barriers
• Vehicle barricades
• Blast resistant window film
• Electronic locking devices
• Signage
• Card access systems
• Intrusion detection systems
• Video surveillance systems
• Lighting

These examples offer different options for you to consider when crafting the security posture for the property. Highly visible signs that inform visitors of the building rules, list prohibited firearms, or point to an emergency exit can increase safety and provide cost-effective solutions. More expensive items such as closed-circuit television (CCTV) are typically planned and allocated within a security budget. Regardless of cost, these areas need to be addressed to harden the property.

How Do I Escape From the Penthouse?

One of the greatest challenges of effective high-rise security involves an emergency evacuation from a floor higher than a rescue ladder can reach. Since most hook and ladders cannot go above the 10th floor, a well-designed and continuously trained emergency evacuation plan combats this logistical issue as well as other challenges inherent to building security. All occupants should know what to do in an evacuation and where to go regardless of where they are in the building. You must be committed to education and dissemination of critical information, such as the location of the emergency exits and shelters areas, if evacuation is not possible.

What Else Do I Need to Know?

Additionally, you need to follow fire codes, test smoke detectors, conduct fire drills, assign emergency roles, designate floor monitors, select searchers, and coordinate with first responders. You must make current rosters of building personnel available, including handicapped and elderly individuals, and publicize basic fire safety “don’ts” like using an elevator, moving to the roof, or breaking a window. Be sure to recognize that information is your great ally—the more that you can provide, the greater the potential for a safe outcome.