In any environment, businesses are exposed to social menace of theft, hacking and burglary. Some key assets like inventory, cash, equipment, and data require control measures and security.
These measures can be categorized into:
(A) Engineering Control and
(B) Administrative Control
Engineering control requires:
1. Modification – installing features that can physically restrict access such as bars, locks, seal off compromised access points etc or features that can monitor activities such as CCTV.
2. Isolation – involves creating secure storage such as metallic safe boxes, vaults and reinforced storage facilities. If the business facility is sizable, it can be demarcated into “Asset Zones” with different deterrent features.
3. Substitution – this might be appropriate in some cases. For instance a desktop computer could be substituted for a laptop, POS transactions might be substituted for cash transactions etc.
Administrative control requires:
1. Controlling exposure by reorganizing processes, workflows or schedules.
2. Purchasing insurance cover for critical assets.
3. Having business policies that state how information, data, password, confidential documents, office keys etc are to be managed.
It is important to realize that not every employee is genuine with business interest at heart.
Some employees are security threat to the organization.
Business owners therefore, must learn to profile workforce and do proper background checks as business grows.