9 Components of Commercial Business Security Systems
Businesses have a moral and legal obligation to take reasonable steps to protect its employees and customers. If a business fails to uphold its duty to implement measures that are reasonable under the circumstances, they could face lawsuits from customers.
Moreover, while employers are insulated from lawsuits from employees for ordinary negligence, some states allow employees to sue employers that violate health or safety laws or intentionally disregard worker safety.
The process of choosing a security system is about more than the physical hardware used to secure your office from burglary. Rather, commercial business security systems encompass all the hardware, software, services, training, and policies necessary to keep employees and customers safe from foreseeable threats.
While commercial business security systems are often one of the primary considerations for large businesses, small businesses should also consider security. About 16 million Americans are self-employed, but modern criminals do not distinguish between large corporations and small businesses when committing identity theft or breaking into an office. In fact, some studies suggest criminals target small businesses because they believe small businesses are less likely to have commercial business security systems to detect and deter criminal activity.
Here are nine considerations when implementing commercial business security systems:
The first thought that crosses most people’s minds when they hear the phrase “commercial business security systems” is security cameras. Security cameras act as a deterrent when positioned inconspicuous locations because few criminals are willing to risk being caught on tape when committing a crime.
When selecting security cameras for commercial business security systems you should consider a few factors:
- Purpose: The purpose of the cameras will determine the number and quality of cameras as well as their locations. For example, cameras may be pointed outside a location so employees can see who is coming to the business or inside a business to capture customer behavior after they have already entered.
- Type: Most cameras are digital. Digital cameras are small, inexpensive, and can transmit video wirelessly to a monitor or file server. Analog cameras usually record on videotapes which must be changed periodically as the tapes fill up. Analog cameras are larger than digital cameras and usually require a wired connection to a tape recorder.
- Storage: The type of cameras used will determine how the camera footage is stored. Digital cameras can produce files in a local file server or a cloud-based server. The type and size of storage will determine the amount of footage that can be stored before storage space is exhausted.
In addition to the purpose, type, and method of storage, you should also consider the risks of security cameras. Some digital security cameras are vulnerable to hacking. This can allow a hacker to take control over the camera or even use the camera’s WiFi connection to invade your computer network.
Business Security Services
Businesses that require monitoring of their commercial business security systems often hire a business security services provider. These companies provide security as a service. Usually, these services are provided in addition to leasing or selling commercial business security systems to businesses.
Business security services might include:
- Camera monitoring: Receiving and storing video signals from your camera system as well as retrieving stored files if you need access to them.
- Alarm monitoring: If your system includes door alarms, window alarms, fire alarms, or motion sensors, the service provider may alert you when the alarms are triggered.
- Security patrol: The service provider sends a security guard checks your office periodically and responds to alarms.
Business security services can also provide on-site security guards during opening hours. For example, a business that handles large amounts of cash like pawn shops, off-track betting shops, and food trucks might benefit from a security guard located nearby to dissuade any would-be robbers.
Entry control can be handled in many ways depending on your business. Some commercial business security systems require keys, keycards, and biometric measurements to gain entry to the business. For example, hospitals, retail stores, and office buildings often have entry control to prevent unauthorized access to at least some areas of their buildings.
The benefit of electronic entry control systems is that they do not need to be manned. Rather, an employee who needs access after hours or on weekends can use their keys, keycards, or thumbprint to enter the premises. Similarly, service providers such as janitorial services can access the areas as needed without requiring an employee or security guard to let them in.
Importantly, sophisticated entry control systems log each person who enters the property. This means that the entry control system can identify the employee who entered the business after hours right before some property went missing.
An addition to electronic entry control is to have a security guard posted at the entryway. This is a good option where security cameras and entry control might be insufficient or where entry is so restricted that post-entry interception might be too late. For example, a laboratory or research facility with valuable trade secrets might value prevention of entry to allowing entry, then trying to track down the person who entered.
High Impact Glass
One scenario that most business owners do not want to consider is an active shooter in the business. Although different sources count incidents differently, the consensus is that the number of mass shootings and the number of victims is either flat or increasing since 2014.
There are very few steps that can be taken to prevent a mass shooting. However, you may be able to limit the damage that an active shooter can do. For example, having high impact glass in your entryway may delay a shooter long enough for police to arrive. Similarly, high impact glass for interior windows may save some lives.
Fire Alarms and Suppression
Security is not limited to criminal acts. Security also includes the detection and suppression of fires. In 2018, fires affected about 29,000 business structures causing nearly $1.3 billion in property damage. The most common causes of business fires included arson, electrical fires, and wildfires.
Building codes set the baseline for fire systems required in commercial buildings. Most commercial buildings have sprinkler systems and fire alarms that are built into the building. However, buildings that are not specifically designed for commercial activity might lack these fire control systems.
For example, home offices are usually not required to comply with commercial fire codes. This means that a fire started by the computer, network server, or copier you keep in your home office might go undetected and unsuppressed until it is out of control.
If your business is in a non-conventional location, like a food truck, home, or converted residential building, your business liability insurance provider might require your commercial business security system to include fire alarms and suppression systems. This would include smoke detectors, sprinkler or extinguisher systems, and emergency lighting. While this may be an expensive investment, it may be less expensive than losing your business equipment and inventory, and having to close down or suspend your business operations.
Electronic and Data Security
Modern criminals do not limit themselves to physical invasions of your office space. Cybercriminals will try to hack your system to steal the identities of your customers and employees, steal payment information, and even lock up your computers until you pay ransom.
Specifically, some of the threats that your computer network and data might face include:
- Malware: Formerly dominated by viruses and trojans that would travel from computer to computer infecting each as it was transmitted, malware is a common threat that computer services deal with. Modern malware is usually designed to sit on an infected computer and send data such as passwords, credit and debit card information, and personally-identifying information to the cybercriminal.
- Ransomware: Ransomware is a form of malware that infects a computer and threatens to delete data or destroy the computer unless a ransom is paid to the cybercriminal.
- Phishing: Cybercriminals will attempt to deceive you or your employees into disclosing network credentials. These network credentials are then used by the cybercriminal to access your network to steal any valuable data.
- Data on the move: Cybercriminals can infiltrate your WiFi router or other network hardware to steal unencrypted data as it moves from your network to another network.
A typical data security program will include three broad steps:
- Secure the system: An network manager will update the applications and operating system with any security patches and install security software to reduce the risk of hacking and malware.
- Employee training: Employees are trained to recognize computer threats, unsafe email attachments, and practice safe computer use.
- Threat monitoring: The network is monitored for unusual activity that might indicate the network has been compromised so that any threats can be detected and removed and security vulnerabilities can be patched.
If anything can be learned by the business community from the COVID-19 pandemic it is that businesses should have a contingency plan as part of its commercial business security systems. A disaster plan that can be implemented during a natural or man-made disaster can keep employees and customers safe while ensuring business continuity.
For example, during the lockdowns ordered during the coronavirus pandemic, businesses had to quickly adapt to remote work, furloughs, social distancing, and personal protective equipment (PPE) for employees. Since most businesses had not planned for a pandemic, business leadership was unprepared to source the necessary equipment, implement furloughs for unnecessary workers while transitioning essential workers to remote work, or set goals and milestones for reopening.
While no business can predict every disaster, a basic disaster plan should include considerations such as:
- When to send employees home: Whether the disaster is a pandemic, earthquake, or snowstorm, there will be a safe time to send people home and a time where it is safer to shelter in place.
- How to keep the business solvent: Savings, lines of credit, and debt may need to be tapped during and after a disaster to maintain and rebuild the business. In some circumstances, an insurance policy from a business insurance agency can help to maintain business continuity, depending on the disaster and the policy terms.
- How to preserve data: Data backups are critically important for every modern business. On-site backups have the benefit of quick restoration when they are needed. However, on-site backups can be destroyed in the same disaster that destroys the originals. Off-site backups, including cloud-based backups, have the benefit of being away from any disaster that may befall the business. However, they may be difficult to access immediately after a disaster.
- When to reopen: You should consider what needs to happen for you to reopen, including whether reopening is safe and customers are likely to return.
A critical part of commercial business security systems is the employees. Employees can help with security problems by knowing what to do and how to react. Whether the security issue is a belligerent client, a fire, a break-in, or a natural disaster, having employees to help secure the property, contact authorities, and safely evacuate customers and employees can be essential to your security response.
Keep in mind that employee training does not necessarily mean that you take your employees to a shooting range to prepare for an active shooter. Typically a written manual or poster in the breakroom along with occasional drills will be sufficient.
Tips for training your employees for security response include:
- Situational awareness: Employees must learn to identify security threats, such as unlocked doors, strangers loitering, fire alarms, and the smell of natural gas.
- Knowing when to shelter in place and when to evacuate: Repetition and drills are likely the best option for training employees when to shelter in place and when (and how) to evacuate safely.
- Proactive measures: Some steps will reduce the risk of security breaches. For example, safe network use can reduce the risk of hacking and reporting overheated equipment or overloaded electrical sockets can reduce the risk of fire.
Developing a sound set of employee policies can help to reduce both the likelihood and severity of security threats. Thus, employee policies must be examined as a part of commercial business security systems.
Employee policies intended to keep employees safe from outside threats as well as inside threats can make the business safer and more secure. Among the policies you might want to consider in your security plan are:
- Firearms policy: You should decide whether employees are allowed to bring firearms to work and, if so, what restrictions or limitations they might have to observe.
- Reporting policy: You should make sure employees are aware of the reporting process for bullying, assault, or sexual harassment.
- Emergency preparedness: You should have a clear chain of command and step-by-step processes to deal with emergency situations and disasters.
- Drug and alcohol policy: You should make everyone aware of the risks and consequences of working while high or drunk.
Business security systems combine hardware, software, employee training, and employee policies to create a safe and secure working environment. Moreover, disaster plans and emergency preparedness policies can help a business keep employees safe while preserving business continuity.
Planning for security issues may seem unrealistic since no business can foresee every possible security issue that may arise. However, if the business focuses on each of its assets, namely employees, property, and data, it can develop a system for securing each one.