Security and Your Business – Is it important enough?

We are all used to the phrase that security is important but is this something you really believe or are you paying lip-service to the notion? This is just as important for homeowners as it is for businesses and only you can answer the question.

Everyone says that they take security, locks are fitted and insurance is purchased but the reality it that unless you make the conscious decision that security is important enough for you to make an effort, this is all just lip service and you are, basically, relying on insurance.

Before you go any further, please keep in mind some important facts about security: No security is perfect; you will, eventually, suffer a breach; If your security isnt cost effective, it is counter productive.

To decide if you really do value your security, consider how you go about getting security measures.

Your probably have locks on your doors and windows, but do you know what types they are and why you chose them? Do you know how long it is likely to take someone to break through and can you get a police response there? Are the locks linked to alarms or CCTV? The point here is that locks are a deterrent, but this only works if it is tied into other measures – locks alone dont catch burglars.

When you got CCTV did you decide on where the cameras should go? Did you rely on the company that was fitting them to suggest what gave them the best profit? Did you specify the quality of the footage to suit your needs or, again, did the company guide you?

As well as physical security, how do you approach your information security plans? Do you know what your information assets are? Are your office computers properly secured? Is your email? Do you rely on your internet provider or are you able to take ownership of your own security risks?

There is no right or wrong position to take, it all depends on your risk management approach and, as at the start of this post, how much you care about your security.

One of the most difficult things is really working out how important your security is – for most businesses this is very much down to the financial impact. The important question is – How much can you afford to lose before your business will struggle or even collapse, and how much is your business worth? When you know this, you start to know how much you need to spend on security.

When you are considering your data, the question is simply what do you value your next product at, and how much would you lose if a competitor beat you to producing it?

When you can answer these two questions, you have an idea of what security is worth to you and  you can decide if you have “enough” security. Remember, no security is perfect so if you are trying to protect a business worth £500,000 then spending £600,000 on security is a mistake. If all your important stuff is in your product data, then spending £20,000 on CCTV cameras but not getting a firewall is a mistake.

Speak to vendors and installation services, but dont forget they are going to try and sell you a product that is profitable to them and this might not be the best thing for you in the medium to long term. If you are looking for advice on what security measures to install, or even an impartial assessment of what you need, then the best course of action is to contact an independent security consultant.

Halkyn Consulting offers a specialist, and fully independent, security consultancy service where will work with you, and your staff if appropriate, to determine the best security approach to ensure that you are maximising security while controlling costs. If you want to find out more about how we can help you, your business and your home, then get in touch with our security consultants today.




Taz Wake - Halkyn Security

Certified Information Systems Security Professional with over 19 years experience providing in-depth security risk management advice to government and private sector organisations. Experienced in assessing risks, and producing mitigation plans, worldwide in both peaceful areas and war zones. Additionally, direct experience carrying out investigations into security lapses, producing evidential standard reports and conducting detailed interviews to ascertain the details of the incident. Has a detailed understanding of the Security Policy Framework (SPF) and JSP440, as well as in depth expertise in producing cost-effective solutions in accordance with legislative and regulatory guidelines. Experienced in accrediting establishments and networks as well as project managing the development of secure, compliant, workable business processes.