Candid, clear-eyed evaluation of potential threats to an organization or its key members is a growing necessity.
Today’s workplace has transformed from singular, purpose driven entities into reflections of our very own socio-economic and culturally diverse country. This growing diversity and overall change to the working culture has had the benefit of increased productivity, accessibility and flexibility but with many other unintentded consequences.
Threat Assessment
The workplace of today is one where the growing social and personal interaction of co-workers takes on a larger role in the day-to-day lives of employess. People work together, socialize together and in many instances move byond these casual daily interactions into personal relationships. The social engagement of co-workers or in many cases the non-engagement, presents a challenge to employers were the professional lines are often blurred and the intense personal relationships has a tendency for leakage into the workplace.
Coupled with the pervasiveness of social media, co-workers, former employees and others are often left to dwell upon these past interactions. Former love interests, former supervisors or HR personnel that perhaps were the cause for an employee dismissal, all potentially become objects of fixation by a disgruntled employee. As noted in a 2013 Texas State University study on active shooter events, over 70% of all incidents occurred in either the workplace or an institution of learning. (Workplace 37%, Schools 34%) The common thread that exists between both of these data samples is the social nature that exists between both.
Threat Assessment is the proper evaluation of specific or general threats to an organization or individual.
Security & Surveillance
Today’s orgnizations require a coupling of both physical and information security/cyber based methodologies. Ensuring proper physical security to an office location, branch or manufacturing facility provides some of the most basic security controls. However, knowing and controlling access to these locations is only one element of a successful security posture.
Once inside, the management of employee and contractor activities become even more crucial. For most organizations, controlling the physical aspect of personnel, goods and services is dramatically easier than controlling the information that flows within the internal networks, systems and communications mediums used by all parties.
Security and Surveillance is the persistent monitoring of physical assets, personnel and/or the network/data infrastructure of an organization. Large or small, every organization benefits from implementation of mature process, procedures and systems to ensure that not only the physical integrity of an organization is maintained but also the information and data integrity.
While it is still true that some reasonable expectation of privacy exists for employees and contractors within an organization, it should also be well understood that established organizational policies, network and software acceptable use policies, handbooks and other operational guidelines allow for setting a clear expectation with the employee or contractor. This agreed upon expectation allows for both parties to understand what is expected and what any potential consequences are regarding a failure to follow the organization’s security policies.
Corporate Policy Conformance
Corporate and/or organizational policies exist to protect employees, contractors and the company at large. Policies may of course exist to establish corporate norms or boost morale, but more importantly they exist to protect against revenue loss and litigation. Organizations that do not have a mature process/policy governance practice, can quickly find themselves trying to recover from lawsuits, or other employee and contractor problems.
Establishing overarching policies and guidelines within an organization is only the first step. Policy adherence is not only the establishment of required policies/procedures but the understanding that the business goals of an organization must be tightly coupled to the enforceable policies and procedures that ensure compliance.
Drugs in the workplace, sexual harassment, violence in the workplace, insider trading, conflicts of interest and data retention are just a few examples where compliance measures are critical to the health of an organization due to the high risk associated with litigation or lost revenue.
Ensuring corporate compliance from employees and contractors require not only the appropriate instruction on such policies but the follow through and enforcement to ensure all parties take these issues seriously. For critical roles within organizations, fire/life/safety, law enforcement etc., compliance with established guidelines is even more crucial. Even the slightest deviation from these policies can put the organization at risk.