What’s Your Protection Profile?
You protect physical assets from security threats. The type and strength of protection you implement is driven by the kind of business or organization, and the type and severity of the threats you face. That new hospital wing—major security is demanded. The dirt lot next to it that you haven’t yet developed: a chain link fence will do. One organization might make the largest investment in protecting keys; others in protecting people; still others in protecting trucks and equipment. Every business touches multiple threat categories, but they’ve each got their focus. Of course, educational institutions have their own set of unique security threats.
Creating Your Own Security Threat Profile
There are many ways to organize, structure and identify a threat profile. We like to think of it as having four threat categories:
- Threats to people
- Threats to information
- Threats to equipment
- Threats to facilities
Each business category has its own general profile, each company or organization within that category has its unique profile and its own protection priorities. Some operations, a corporate campus for instance, prioritize people over equipment, whereas another facility—a power distribution station for instance—has an almost exactly opposite profile. Public sector organizations could bring information to the top of the list, while a penitentiary might make facility protection their number one item.
Sometimes Every Threat Type Is Priority One
And for some, there are no priorities—or more precisely, everything is top priority. Here I’m thinking especially about colleges and universities. They’re threatened on all fronts. They deal with all kinds of security threats, all with the same level of importance and requiring the same level of investment. Their asset protection efforts aren’t focused through a lens, but through a prism.
Colleges and universities face all the challenges and fit the threat profile of the most people-heavy organizations. They’re a residential building, a business building, a visitor building, a student building, sometimes a medical building. Universities require the locks, the keys, the guards, the cameras . . . all the tools that are used to help keep people, and their property, safe and secure.
Universities create, store and maintain information that’s as rich and as confidential as that kept by any organization, public or private. That can include health information, financial information, personal information and a good deal more. Universities require the same cyber authentication and defense that’s used for the most data-secure operations.
Using the broadest brush I own, let me divide equipment into two kinds: generalized and specialized. Generalized equipment includes tractors and cherry pickers and earth movers. Specialized equipment includes MRI machines and research systems and extreme computing infrastructures. Universities—particularly those that participate in advanced medical and scientific experiments and studies—have to protect both types of equipment.
Universities have many kinds of facilities: residential units, the campuses themselves, hospitals and laboratories, detention areas, and a good deal more. They require security guards, safe access to common areas (like laundry and game rooms), separate access methods for buildings, power plants and research areas, and more.
Every organization faces multiple types of threat, and most have multiple types of threat protection—including asset lockers, remote locators and guard tour systems; Biometric access devices; driver impairment testing; computer protection mechanism; man traps and more. Understanding your own profile—where you need to focus and where you don’t—is the critical first step towards mapping out your strategic asset protection investment.