In addition to owning and operating a private investigations business in my home state of Oregon, I also work as a Physical Security Consultant. Investigations remain the main focus of my business, but sometimes investigations lead to the need for me to advise a business owner on security concerns like in the case of the house cleaning company who was getting their fleet vehicles broken into. See my previous article on this blog Clever Thieves Use High-Tech gizmo to break into cars.
But often I consult with business owners and managers before a crime occurs. Many businesses know that their security procedures, protocols, training, and practices are woefully inadequate and they want to do something about it. That’s when I get the call.
What Does a Physical Security Consultant do?
Recently a long-time acquaintance asked me two very basic question: “Why does anyone hire a security consultant?” and “Who hires a Physical Security Consultant?” I thought these were reasonable questions. For this article I will also try and answer another question: “What can a Physical Security Consultant do for your business?”
Sometimes I get a well-heeled private citizen who has security concerns that warrant hiring a security consultant, but most of my security consulting involves helping small and medium sized business owners & managers. Business owners and managers are experts in their business, but they are not necessarily experts on physical security. While they may have some thoughts or ideas on security needs, they recognize that effective security involves a lot more than just putting locks on doors and windows or installing surveillance cameras or an alarm system. For example, most business operators are not familiar with the latest research on security surveillance cameras, the use of blue light to prevent and deter crime, or IESNA (Illuminating Engineering Society of North America) guidelines for security light illumination.
Business operators are busy running a business and cannot be expected to know everything. This is where a security consultant can help you. A security consultant can assess security liabilities and develop a specific and customized security plan that gives full consideration to the upside and downside of all security options.
A security consultant can also provide an objective perspective on existing security policies and procedures and assist in developing and delivering security training for employees, all with the goal of mitigating your security risks and vulnerabilities in a cost effective manner.
Services Provided by Physical Security Consultants
Some additional services provided by Physical Security Consultants include:
- Security planning and development
Every business, whether it is a company with just a few employees or a company with hundreds of employees, should have policies, programs, and technologies to reduce the likelihood of security breaches occurring and contingency plans ready in case those security lapses occur. Properly conceived and implemented, security strategies are essential to ensure a company’s resistance and recovery from threats. A one or two-person company might be able to keep this information within the head of the business owner or manager, but even a very small company will benefit from putting this information on paper where it can be discussed, reviewed, updated, and put into action.
- Critical asset identification
The finite nature of security resources requires prioritizing the deployment of security measures. That means a security analysis should concentrate on the assets that are most critical to the business. These assets vary from business to business but typically include critical infrastructure – those physical facilities, supply chains, information technologies and communication networks which, if destroyed, degraded or rendered unavailable for an extended period, would significantly impact the economic well being of the company.
- Threat and vulnerability assessments
All businesses face a certain level of risk associated with various threats. These threats may be the result of natural events, accidents, or intentional acts to cause harm. Regardless of the nature of the threat, business owners and managers have the responsibility to limit and manage risks from these threats to the extent possible. Risk assessments can sometimes get confusing and overly complicated. For a more thorough explanation of security risk management refer to a previous article on this blog entitled “Demystifying Security Risk Assessments”.
- Risk mitigation strategies
Risk mitigation strategies link assets to threats and are action plans to lessen or reduce the adverse impacts of known or perceived risks inherent in a business. Mitigation strategies vary from business to business but can include things like procedural controls, system controls, and personnel training.
- Crime Prevention through environmental design
Crime prevention through environmental design (CPTED) is a physical security concept based 
upon research that shows that the design and physical layout of buildings and open spaces can lead to a reduction in the fear of crime and the actual incidence of crime.
The three elements of CPTED are Territoriality, Surveillance, and Access Control. When used together, these elements strengthen total premise security and personal safety.
Selecting a Security Consultant
When selecting a security consultant many factors should be considered. Chief among these considerations are:
- Is the consultant well versed in the field? One way to gauge this is to see if the consultant has a track record of research and publication. A record of empirical research and advocating time tested “best practices” is usually preferred over a “cookbook” checklist approach to assessing security issues.
- Is the security consultant truly independent? An independent consultant does not represent any specific company or a particular technology solution or use consulting services as a door opener to sell particular products or services you may or may not need.
- Does the consultant take the time to understand your business and develop cost effective solutions unique to your security needs.
- Has the consultant ever owned and operated his or her own business? A consultant who understands that the paramount need of any business is to make a profit is usually more likely to recommend practical and cost-effective security solutions. A consultant with real-life business experience understands that if the business cannot make a profit, it will not be in business long.
- Intangible factors also play a big part in selecting a security consultant. The person selected must be a “good-fit” for the company. How does the consultant present themselves? Do they ask thoughtful questions and solicit genuine input? Do they really seem to know what they are talking about or is their language and demeanor more “puffery” than substance?
Security Consultants and Liability
No one likes to pay for assistance until after a problem shows up but waiting for a security problem to happen could have horrific consequences. Failure on the part of a business to adequately plan and respond to potential security threats can result in increased insurance premiums, major liability awards, business recovery and reconstruction costs, and even injury or loss of life.
In today’s litigious world more and more businesses are being sued for negligent security – either the lack of security or inadequate security. Working with a security consultant to identify security vulnerabilities and develop policies, procedures, and plans to address security issues is one of the most effective ways to reduce liability and improve the overall security and safety of your business.
