Security professionals build their security plans around compliance to a number of industry-specific regulations. Whether an organization is required to adhere to the standards of PCI, NERC, HIPAA, or FSMA, the concerns are the same. How does a company balance the added costs necessary to comply with the regulations, with the high fines and lost time that comes with not complying? Security compliance isn’t a cut and dry topic. Regulations, as written, are to interpretation; when it comes to security entrances, it’s all in the “eye of the beholder.” A security manager may think he has the necessary precautions in place, but after a breach has occurred, would a court of law agree that the company did everything possible to prevent it? In several cases, the answer has been “no” and hefty fines were imposed.
Boon Edam Blog
Data centers are highly sensitive areas when it comes to protecting sensitive data. The need to build and secure a ‘gold standard’ facility is top-of-mind for those tasked with the responsibility.Once a thorough and professional risk assessment has been done on the data and equipment, the results will give a good foundation to determine to what extent the facility will need to be physically secured.
Many organizations spend a great deal of time and financial resources in making the entrances to their buildings artistic and beautiful, with designs and materials that inspire awe. They may work with an architect, engineer, or building contractor and ensure compliance to NFPA safety and fire guidelines regarding egress, along with the desire for user convenience and an overall aesthetic design. Often, they select standard swinging doors to make it more convenient for employees, visitors and vendors to enter. For security, they employ security officers to stand guard.
In early January of 2018, the Security Industry Association (SIA) published, “Security Megatrends™: The 2018 Vision for the Security Industry.” This concise booklet summarized 10 megatrends, one of which was #4, “Evolution of Risk Management: Risk Management Transcends Department Titles”, which asserted the following: