Security and safety is now high in the minds of CRE managers, because of the eruption of violent terrorist attacks worldwide. It seems a day doesn’t go by when some violent outbreak takes the lives of multiple victims. In many companies the CRE executive is responsible for physical security and thus, must develop a plan for insuring the safety of people and assets in the workplace. Typically the IT department has responsibility for information security, but it’s wise for the CRE executive to coordinate with the CIO on security. So what are the key priorities that need to be addressed in a workplace security plan?
· Perimeter security- It’s helpful to think about physical security as a series of concentric circles. The outer most circle will define the outward most dimension of physical access. In most instances, this would be the front entrance to the office but some facilities are situated on a campus, and thus, access may extend to the parking lot or even a general front gate of the campus. For most office locations the front entrance will be the primary point of access, and would require some measure of control, either a card reading device in combination with a receptionist during normal business hours.
· All employees are provided with an ID card that also serves as a key to enter via a card reading access point. Some companies require both a card reading and pass code to allow ingress.
· The next layer of security is for controlled access to sensitive areas within the office area such as server rooms, records storage, mail rooms, or other areas that contain business confidential information. These areas will require card access, programmed for specific individuals.
· The security system is usually both an access control and fire and smoke detection system. The CRE executive will plan on periodic drills to test system integrity as well as prepare workplace staff for appropriate evacuation protocols.
· Security standards and procedures. Most likely the human resources department will be responsible for developing and maintaining security standards, but the CRE executive will need to insure that physical security is addressed in the procedures. Such procedures will define levels of security, access provisions, and disaster recoveryprotocols. In terms of disaster recovery, it’s wise to conduct periodic drills to prepare employees for “what if” scenarios. I recall the 9/11 attack in NYC and how one company evacuated its staff to a disaster recovery siteand was fully operational within hours after the attack.
· Work-at-home security and safety. Many companies now provide for home working, and thus, must be mindful of security and safety provisions. Employees must be guidedto insure a safe and secure work area at home. This would include the ability to secure company confidential informationand company assets such as laptops, printers,etc. I recall that the HR department would require at leastone inspection of the employee’s home work area for both security and safety compliance. This was required by the company’s insurance provisions.
Summary: Workplace safety and security is a top priority for the CRE executive. In most cases the building owner will provide the necessary perimeter and fire detection technologies. But the CRE executive must insure that interior office security and safety is covered along the lines outlined above. Having a security plan and conducting periodic drills will insure that most security and safety risks are adequately addressed.