Risk Management

When security is mentioned, the first thing likely to come to mind is protection from sabotage, espionage, or data theft. While the need is obvious for protection against intruders and the intentional harm they could cause, the hazards from ordinary activity of personnel working in the facility present a greater day-to-day risk in most facilities.

People are essential to the operation of a facility, yet studies consistently show that people are directly responsible for 60% of downtime through accidents and mistakes — improper procedures, mislabeled equipment, things dropped or spilled, mistyped commands, and other unforeseen mishaps large and small. With human error an unavoidable consequence of human presence, minimizing and controlling personnel access to facilities is a critical element of risk management even when concern about malicious activity is slight.

Identification technology is changing as fast as the facilities, information, and communication it protects. With the constant appearance of new equipment and techniques, it's easy to forget that the age-old problem this technology is trying to solve is neither technical nor complicated: keeping unauthorized or ill-intentioned people out of places where they don't belong. And while the first step, mapping out the secure areas of the facility and defining access rules, may produce a layered and complex blueprint, it isn’t intuitively difficult — IT managers generally know who should be allowed where. The challenge lies in the second step: deciding how best to apply less-than-perfect technologies to implement the plan.