Security Components
Sound business management is based on critical elements of which security is fundamental. Bearing that in mind therefore the required
support from the management must be provided and at the highest level. Incidences of robberies and threats increase the risk of operating retail stores. Security begins as a state of the mind and for any organization, it must be based on certain accepted concepts and principles.
Good security practice involves everyone in an organization knowing and obeying the security rules. Sometimes the practices and procedures can cause personal discomfort because it is perceived to be restrictive, regulatory, and beaurocratic. (Boyce and Jennings) Security practices procedures and resources have to be cost–effective to the organization. Potential threats must always be viewed from the worst scenario perspective bearing in mind the probability, extent of threat, and severity of the harm that can be caused. Security is an issue that requires risk management whereby information and resources are safeguarded against misuse, espionage, fraud, and any other mal practice. Risk management can be achieved by continuous implementation if of the safeguards which include physical, administrative, personnel, environmental procedural, communication, and information system security.
Components of security within an organization are comprised of a list of practices that can help an organization have better management of security and reduce the associated losses. To help reduce this risk and create a safer working environment for staff and reduce theft cases appropriate security components have to be installed. Most of today‘s security and surveillance installations are built to be used after a crime has been committed. Common strategies to prevent retail theft or robbery involve environmental changes to the property.
The first and most important component of the security system is to identify the risk first. This can be done by identifying the assets first if the risk involves important information which needs to be protected. ( Boyce and Jennings)The next practice is to get the chief executive officers involved in the planning for security.
A good security policy starts from the top management as it flows to other employees.
Security is a complicated policy and cannot be handled by many people. A good practice would involve one person being overall in charge of the security in the retail store. This person should ensure that other employees are educated to raise the level of awareness before the implementation of the policies.
An effective security policy should keep in mind that threats do not only emanate from the outside but there are also internal threats. When an employee quits the job, his or her accounts should be destroyed. ( Secureflorida.org)
A good security control must provide reliable evidence that it is working correctly. This evidence can be in the form of audit trails, system logs, alarms, or other notifications. It is with this kind of feedback that the management can make proper judgment and therefore initiate the necessary adjustments. (Wood 1990, p 18)
Security devices
External measures, such as improving lighting or strengthening windows and doors, can be combined with in-store security measures, such as installing alarms or video surveillance systems (i.e. CCTV) or having staff on duty 24-hours a day (Clarke 2002). Video images caught on camera are produced as evidence in trials or to determine the cause of action in cases of robberies, break-ins, and fires. There is a need for a more easy-to-use and cost-effective approach which should be based on the idea that once a crime has been committed then it is too late. To help the retailers and the staff crime has to be prevented before happening. A good security system should be compost of an Axis network camera or analog cameras with any Axis video encoder
When a situation feels threatening, shop staff can request attention from a security company emergency center simply by pushing a fixed or portable button that activates the surveillance cameras. From its emergency center, the Security company can monitor the situation and take appropriate action
Another strategy can involve the development of a formal burglary incident and alarm protocol with assistance from the local police to prevent crime when the stores are closed. ( Policing Services)
Bright lights can also be installed in the rear of the premises to make any suspicious activity easier to see. The use of Electronic Tagging system has been utilized in several outlets. It is broadly effective against theft but has a drawback of tags being removed from the goods without any fall-back security system.
Installation of a digital DVR system using DINA can have excellent results. The integration of a DINA system is connected to an Electronic Point of sale terminal allowing even abnormal events in the point of sale terminal to trigger alarms in the DVR Thus allowing quick viewing of certain events. This allows quick and detailed detection of customers who try to pay with stolen credit cards. Cashiers can alerts the system to threatening situations by pressing specific key sequences. (Business Against Crime. 2002)
In some of the stores, Product shelves and display cabinets are monitored by the use of a number cameras, some of which are fitted with a Vari Focal lens allowing the installer to adjust the view angle manually from wide-angle (3 mm) to narrow-angle (6 mm) to obtain the optimum picture.
Windows Server 2008 has been associated with advanced security benefits.
Computers in retail stores based on windows 2008 servers are in a better position to safeguard confidential customer data and comply with national credit card regulations.
Web-based safety practices
Address Verification Service
This is a service designed to deal with common forms of online credit card fraud. It works by simply comparing the billing information provided by the customer with the billing address on the file at the credit card issuer. During transactions, the payment gateway receives a response from the address verification service after which I accept the transaction or reject it.
Multiple user accounts
This feature allows for the strengthening of account security and streamlining transaction management. This is achieved by creating unique user accounts with distinct passwords for each employee who accesses the merchant interface. Information security aims at preventing any form of attack and also at reducing vulnerability.
Computer-based security
Installing a firewall
A firewall is a hardware or software application that monitors the activity of external connections. This eliminates any external activity especially from the internet, therefore, protecting the internal networks from external threats. Due diligence should prevail at all levels whereby the various networks are verified for potential threats even if you think they are minor.
Storing all sensitive data and information away from web servers
Sensitive customer information such as credit card numbers must be stored under maximum security. This should be done in an encrypted database or server which is not connected to the internet. If sensitive information is stored in a hard drive it should be destroyed completely by shredding regularly.
Use of antivirus software plus updates
This protects the networks and computer systems from external threats such as destructive viruses which can delete sensitive information belonging to the organization. This software should be updated regularly. It is important to regularly download and update the antivirus softwares.
Avoiding file sharing
Sharing access to networks should only be done when necessary. Sharing of files that hold access to passwords to sensitive information should be avoided at all costs.
Avoid sending or requesting sensitive information through insecure methods
As a good practice successful or legitimate stores would never request sensitive information such as credit card numbers through email or online chat sessions.
(authorize.net)
Finally, tight security incorporating both standard and advanced fraud detection and control strategies are vital in maintaining a successful business. One thing the management aught to understand is that failing to provide adequate support and resources to counter security threats leaves the organization-wide open and vulnerable to malicious attack and hence the business becomes a civil liability. All security practices measures and procedures should aim at addressing all the relevant security considerations, disciplines, and interdependencies. That means that the management should apply a holistic kind of approach to achieve the desired results.
Reference
Boyce and Jennings, Information Assurance: Managing Organizational IT Security Risks ().
Information Security Best Practices – 205 Basic Rules (Stefanek).
Sennewald & Tsukayama,The Process of Investigation – Concepts & Strategies for Investigators & the Private Sector.
Business Against Crime. 2002. West Midlands Police (Lye, England): Web.
Clarke, Ronald V. 2002. Burglary of Retail Establishments. Problem-Oriented Guides for Police Series, No. 15. Washington, DC: U.S. Department of Justice, Offi ce of Community Oriented. Web.
Clarke, Ronald V. 2002. Shoplifting. Problem-Oriented Guides for Police Series, No. 11. Washington, DC: U.S. Department of Justice, Offi ce of Community Oriented Policing Services. Web.
Federal Bureau of Investigation. 2005. Crime in the United States. Washington, DC: U.S. Department of Justice.
North Tryon Street Corridor Commercial Burglaries. 2000. Charlotte-Mecklenberg (NC). Web.
Smash and Grab Task Force. 1994. Metro-Dade Police Department (FL): Web.
Ranger, S. “Data breach laws ‘make companies serious about security,” Silicon.com, 2007, Web.
808 East Utah Valley Drive, American Fork, UT 84003, Web.