7 ways to keep your workplace more secure right now
Simple tactics can make a huge difference
If you’re like many Canadian employers right now, you’ve got more employees working on a ‘hybrid’ model than you used to: Some are coming in every day, some are coming in on scheduled partial days or days, and others may be coming and going on fluctuating or random schedules.
This much variation in who you can expect to have on site from day to day – even from hour to hour – means security challenges can creep in where they weren’t before. It’s harder to identify ‘strangers’ on the premises who may need to be ejected, and it’s harder to ensure that the building is safety evacuated in the event of a fire or other emergency.
The good news is that there are some fairly simple steps you can take to help ensure your workplace remains secure, even when workplace behaviour is evolving. Here are our 7 top tips:
1. Implement a sign-in systemFor smaller workplaces, this can be as simple as ensuring everyone who enters and leaves the premises signs in and out. This not only helps security and facility management keep track of people, but it also has the added benefit of communicating to workers and visitors that someone is paying attention to who is coming and going – and even that small step can be a deterrent.
2. Install a badge systemBadge systems – where users have to swipe cards, badges, or even an app on their phone to gain access to a facility or to certain parts of that facility – require a little more effort and investment to install, but security pros will tell you that they are foundational. If you’ve got employees working on flexible schedules, contractors who need to be restricted to certain, or just want to get a better understanding of how your facility is being used, and when, a badge system can make a huge difference. And it reduces the reliance on a security person manually checking sign-in sheets or IDs all day.
3. Ensure you’ve got an asset-tracking system in placeImagine this: There’s been a major data breach at your organization and the IT department says that it needs to examine all the laptops you bought for employees between Oct-Dec 2021. Do you know where they are? Do you know if the mid-level assistant you had to let go in Feb 2022 actually turned in their company phone?
If you don’t know exactly where all your devices are at any given moment, you need an asset-tracking system. It not only helps to prevent theft, but it reduces the possibility that sensitive company data ends up in the wrong hands simply because someone took a work laptop home and then gave it to their kid to use for school.
4. Conduct annual background checksYou probably certain employment and reference checks on new hires, but that may not be enough. If your organization handles secure data, processes sensitive information, has a large rotating workforce or has recently made large-scale changes, it’s wise to consider an annual screening program.
Annual screening helps to ensure that no one ‘slips through the cracks’ (whether that’s long-term employees who didn’t get screened when they started, or new hires whose paperwork went astray) and that new issues are flagged immediately. Not to mention that instituting a company-wide annual policy helps to reduce possible claims of unfair practices or targeting specific individuals.
5. Educate your employees!Whether we’re talking about access control, phishing expeditions or workplace violence, your employees need to know that they are often the first line of defense when it comes to security practices in your facility.
But they can’t be effective in preventing problems if they don’t have the right awareness, training, tools and support. They don’t have to become security professionals, but they do need to know the basics – from understanding why they shouldn’t let strangers into the building, to identifying phishing emails, and who to talk to if they suspect a security breach or weakness. Part of your security strategy should include ongoing training – and not just for new employees!
6. Establish and maintain a clear security strategyOne of the issues we see with mid-sized and large enterprises is the lack of a cohesive security and risk management strategy that is applied consistently across the organization. What happens? Employees have trouble keeping up with the different security standards across locations or departments, and standards start to slip in all locations – and then there are problems.
It’s true that a department handling dangerous chemicals might need extra layers of security protection than a department handling, say, marketing materials. But both departments – employees and management – should have the same understanding and appreciation for the overall security culture.
7. Don’t forget the external environmentSecurity doesn’t start (or stop) at the front door of your workplace. Parking lots, exterior walkways, corridors in shared spaces, company vehicles: All of these need to be considered when implementing a workplace security strategy.
For some organizations, this may mean simply expanding the area covered by good lighting and security cameras; for others, this may mean access control for parking areas, elevators or other physical structures. Dashcams on company vehicles can be useful; so can tracking devices on large pieces of equipment that may be stored or used offsite and return to home base on a nightly or weekly basis.