Introduction to Business Security
In today’s fast-paced and high-tech security landscape, businesses of any size not only rely on their employees and security personnel for business security, but they also rely increasingly heavily on technology and interconnected systems.
The importance of company security cannot be overstated. Overlooking it can have the potential to cripple even the oldest and most established companies. Nobody is immune from criminal activity, and crime has a habit of jumping up and smacking you in the face when you least expect it.
The consequences for businesses can be far-reaching and serious. From financial losses and damaged reputations to legal liabilities and compromised customer trust, the repercussions of neglecting business security can wipe out years of business development in a single stroke.
By recognising the significance of business security and learning from the mistakes made by others, you can proactively strengthen your defences, avoid common pitfalls, and safeguard your business operations for long-term success.
The aim of this latest blog post from Titan Security Europe is to provide businesses with unique insights and real-life examples of common security mistakes and offer practical solutions to address them effectively.
Common Business Security Mistakes: A Case Study
The Hatton Garden Heist
So let’s jump in with an example of how a lack of focus on security can have devastating consequences.
The Hatton Garden Heist occurred in 2015. A group of burglars carried it out by drilling into a vault at the London Safe Deposit Facility and stealing valuables worth an estimated £14 million in jewels, cash, and other items.
Hatton Garden – A culture of complacency
Here are some of the security flaws and organisational complacency that were discovered during subsequent investigations:
1. Security Guarding:
The burglary was possible because there was no security on the premises. The security guards left the building at 9 p.m. on Thursday and did not return until 8 a.m. on Tuesday, due to the Easter bank holiday weekend.
2. Inadequate Alarm and Alarm Response:
The burglars were able to enter the facility through a lift shaft and then a basement and bypass two fully alarmed security doors. They then partially disabled the alarm, which meant that they were able to work on breaching the vault for a full day before opening it and triggering a weak alarm.
The Police had no visual confirmation and therefore did not attend. A security guard working for the company did attend and visually checked the two outer security doors before signing the event off as a false trigger. This allowed the thieves to spend an extended period inside the vault without being detected.
3. Weakness in the Vault Door:
The structure of the vault dated back to the 1940s and the vault door was found to have significant weaknesses, making it easier for thieves to gain access. This might have been due to the vault being outdated or a lack of reinforcement.
4. CCTV Coverage and Management:
The building had limited CCTV camera coverage, particularly in areas crucial for detecting unauthorised access like the basement. This lack of extensive surveillance made it difficult to identify and track the movements of the thieves.
CCTV feeds were recorded as opposed to being constantly monitored. Additionally, surveillance footage was stored on-site on hard drives, and the thieves were able to remove them and, as a result, wipe out crucial evidence.
5. Lack of Regular Security Checks and Reviews:
It was noted that security checks on the building were infrequent, which may have provided an opportunity for the thieves to identify and exploit the vulnerabilities in the security system. The company also neglected to constantly review and update security measures.
What could have been done differently?
In the case of the Hatton Garden Heist, it is clear that the facility had slipped into a culture of security complacency over many decades. Even though the criminals were eventually arrested, millions of pounds worth of proceeds were never recovered.
The heist caused a huge loss for the business and its customers and damaged its reputation as a secure storage facility. In September 2015, a Sky News report confirmed that Hatton Garden Safe Deposit went into liquidation due to a slump in trade after the raid.
So how could this incredibly serious and damaging crime have been prevented? In reality, there are a number of relatively simple steps that could have been taken, either singularly or collectively, that could have prevented this crime from taking place.
- Regularly reviewing security and updating procedures, processes and protocols
- Upgrading outdated vault infrastructure, such as the vault door
- Clarifying the police and security guard response to alarm triggers
- Updating and pressure testing the alarm system
- Introducing a 24-hour remote CCTV monitoring and emergency response service
- Introducing round-the-clock security guarding, 365 days a year, including bank holidays
- Upgrading CCTV for full coverage and eliminating any blind spots
- Online or cloud-based storage for CCTV footage
Actionable security strategies to protect your business
In the following section, we will delve deeper into some of the more obvious and easily fixable security mistakes and provide actionable strategies to respond to them.
| Issue | Response | Example |
|---|---|---|
| Not testing the security systems regularly. Security systems such as alarms, cameras, locks, and sensors may malfunction or become outdated over time. | Devise a schedule for regular testing to ensure they are working properly and are up-to-date. Otherwise, they may fail to detect or deter intruders or cause false alarms that waste resources and reduce trust. | In 2017, Walmart suffered a break-in at one of its distribution centres in Florida. Thieves broke into the facility, stealing merchandise worth $1.5 million. Walmart’s security system was unable to detect the theft and did not capture any audio or video of it. The security system was later found to be faulty and had not been properly maintained or tested. |
| Not securing wireless networks. Wireless networks are convenient and flexible, but they also pose a risk of being hacked or intercepted by unauthorised parties. | Secure wireless networks with strong encryption, authentication, and firewall settings. Additionally, it is advisable to use a separate network for guests or visitors and limit access to sensitive data or systems. | In 2017, TJX Cos., the parent company of T.J. Maxx, was hit by a massive data breach that exposed the credit and debit card numbers of millions of customers. The breach was caused by an insecure wireless network that used weak encryption and authentication methods. The breach cost TJX hundreds of millions of dollars in fines, lawsuits, settlements, and remediation costs. |
| Not training the staff on security awareness and procedures. Staff are often the first line of defence against physical security breaches, but they may also be the weakest link if they are not aware of the security risks and policies. | It is important to train staff on how to recognise and report suspicious activities, how to follow access control, identification, and security protocols, and how to handle emergencies or incidents. Developing a shared culture of security among all staff within a business enhances overall security. | In 2019, a security guard at a Wells Fargo branch in Minnesota forgot to lock the vault door before leaving for the night, allowing thieves to enter and steal $200,000 in cash. The guard was fired and the bank faced a public relations nightmare as well as a potential lawsuit from the insurance company. |
| Not storing or disposing of sensitive documents or devices properly. Documents or devices that contain confidential or proprietary information may fall into the wrong hands if they are not stored securely or disposed of properly. | Shred or destroy any sensitive paper documents that are no longer needed, and professionally wipe any electronic devices that are discarded or donated. Ensure that all staff are aware of the importance of and abide by company policy concerning secure storage of sensitive information | In 2016, a receptionist at a law firm in London left confidential documents containing sensitive client information on her desk overnight. Then a thief who broke into the office stole them. The documents included details of a high-profile divorce case and a merger deal worth millions of pounds. The law firm had to notify its clients of the breach and suffered reputational damage and loss of trust. |
| Not conducting a risk assessment and updating the security plan. Security threats and vulnerabilities may change over time due to various factors. New technologies, changes to business operations, and new regulations should all be taken into consideration. | Conduct a risk assessment periodically and update the security plan accordingly. This can help identify and prioritise the most critical assets and risks, and allocate the appropriate resources and measures to protect them. | Our Hatton Garden case study is a typical example of how a facility can be lulled into a false sense of security. In this case, complacency set in and the company failed to review its security arrangements and invest in security upgrades. Both vault infrastructure and security monitoring technology were outdated and inadequate and this should have been highlighted by regular security reviews |
The Statistics
We are still awaiting more recent statistics but figures from 2019 highlight the significant cost of crime in The UK and throughout Europe:
- According to a report by the British Retail Consortium (BRC), the total cost of retail crime in the UK was £2.2 billion in 2019, up from £1.9 billion in 2018. The report also found that customer theft made up 71% of the direct cost of crime, with cybercrime coming in second at 18%. The indirect costs of crime, such as lost sales, staff absences, and security measures, were estimated at £1.3 billion.
- According to a study by the European Union Agency for Law Enforcement Cooperation (Europol), the total cost of organised crime in the EU was €110 billion in 2019, equivalent to 1% of the EU’s GDP. The study also found that organised crime groups were involved in various criminal activities, such as drug trafficking, human trafficking, fraud, money laundering, cybercrime, and environmental crime.
Focusing on business security, step by step
If you want to get your security back on track and provide the best possible protection for your business, it is possible by following the steps outlined below, and even better, it may cost a lot less than you think!
1. Conduct a professional security audit.
Building a firm foundation for your business security starts with a fact-finding mission. This is best undertaken by an impartial third party who can provide an objective and expert assessment.
Expert security companies like ours at Titan Security provide free security audits as a way of introducing their services to potential clients. A security audit is designed to identify security vulnerabilities, outdated or malfunctioning equipment and inadequate processes
2. Prepare a security upgrade strategy
Based on the security audit, you can then begin to identify your priorities and relate them to the budget you have available. You can begin to build a clear roadmap to follow with the aim of meeting your security objectives.
3. Document a set of security procedures and protocols
Whatever the size of the business, a set of standard operating procedures around security should be prepared and disseminated across the company. Staff at all levels should be aware of their responsibilities and exactly what the chain of command is when it comes to security.
Use induction and ongoing training to ingrain a culture of security across the business and make good use of all of those extra pairs of ears and eyes reinforcing your security processes. Nobody wants to be like the Parisian jewellery shop owner who, in 2018, forgot to activate the alarm system before leaving the store. This allowed burglars to enter without triggering an alert and steal goods to the value of around 4 million Euros.
4. Invest in modern security technology
Gone are the days when you needed complex infrastructure to deter criminals and receive alerts to suspicious activity. In our Modern Security blog post, we highlighted the fact that with wireless IP security alarm systems and advances in solar-powered technology, getting comprehensive security coverage is cheaper and easier than ever before.
Alarm and CCTV systems have become more autonomous, and alerts can be sent instantly to a range of mobile devices or to a professional security monitoring and response service. The idea that thieves can disable an alarm system by cutting a few wires should now be a thing of the past.
5. Review, review and review
The root cause of many security incidents that seriously damage a business is complacency. Criminals work constantly to find increasingly complex methods of committing their crimes. It is important that every business be equally diligent by periodically reviewing security arrangements to ensure they keep pace with industry developments.
Get in touch with the experts
We hope you have found this post informative, that it has opened your eyes to the myriad of security risks facing businesses, and that you come away with a clear idea of what you need to do next.
If you would like a no-obligation chat with our security experts to explore your options and get some free advice, please do not hesitate to get in touch. Fill out the contact form or pick up the phone, and let’s start your business security recovery process as soon as possible.
Security Guards, Security Audits, and Security Upgrades.
We work with clients of all sizes, providing tailored solutions to meet your security needs. Contact us today for a free assessment and quote.