If you need private security services for your business in Seattle, it’s important to secure services that fit your budget. Whether you’re interested in security consulting or digital forensics, establishing a realistic amount of money to spend is essential. While it’s impossible to put a price tag on the safety of your personnel, clients, and property, determining how much you can afford to pay a security company doesn’t have to be difficult. Keeping the following tips in mind can help you establish a realistic budget.
Research Average Pricing
First, spend some time researching the average cost of private security services in your area. Pricing can vary by location, but details are usually easy to find online. Establishing the average helps you know what to expect moving forward and you’ll be able to spot higher-than-normal estimates more easily.
Request Multiple Quotes
You should also plan to request quotes from two or three different private security companies. This information will help you in establishing the estimates and ensures you aren’t overcharged.
Consider More Than Cost Alone
The cost of private security services is an important factor that should weigh heavily in your decision-making process, but it’s not the only one. Make sure you look at each company as a whole. Keep the company rating, client feedback and worker experience in mind as well.
Establishing Private Security Specialists in Seattle
Now that you know how to establish a realistic budget, it’s time to discuss options with a professional. The security specialists at Premier Risk Solutions are capable of providing a wide variety of services, including executive protection, private investigation, and business integrity assessment. Whatever your unique needs, we have the knowledge and skills to address them. Contact us with questions or to schedule an appointment to discuss your security needs with a professional.
Experienced Private Security Services in Seattle
Serving the Seattle area and providing services all over the world through strong vendor partner relationships
Red Team testing, also known as physical security penetration testing (pen test), occurs more often than is typically discussed amongst perhaps more sexy topics in the security industry, such as Executive Protection, Workplace Violence Prevention, or Event Security. However, the benefits of red team testing done well can help solidify the essential elements of a good security program.
Having administered 200+ red team tests over the course of the last half dozen years, I can say that no two exercises often happen to be the same. Varying days of the week and times of the day that tests are conducted will help ascertain the most robust, holistic information regarding a security program. And just because you might test one day at one time does not necessarily make the result of that particular test the definitive answer and solution; it could have been a case of the personnel working that specific day & time having a good or a bad day. You will want to test that day and/or time more than once to ensure the same pattern is in place before jumping to a conclusion…not too dissimilar to surveillance in workers comp cases to refute the “Good Day” defense by the injured party.
The personnel conducting/administering the red team test should also be generally creative people in their approach and mindset in undertaking the assignment. Given creative freedom (within reason) could yield surprising results from the red team test. For example, in one instance our agent was assigned a red team test in the San Francisco Bay Area for a client. Through his advance research on the location and company, we created a cover story where he was a journalist from the local newspaper who desired to print a story regarding the client company in which he would provide very positive press for their philanthropic endeavors. This client location had security officer personnel in place and restricted elevators to each floor.
The agent approached the security officer personnel at the lobby desk explaining his cover story and requested to meet with an individual (whom he had located in his advance open source research) who was a C-suite person for the company in that location. Within 10 minutes the agent was sitting across a conference room table from this C-suite executive. His credentials were not checked. No screening mechanism was enacted. All because the company strongly desired very positive press to be published on them and the opportunity was presented for just that. This is a very good learning experience for the company. No one has to lose their job nor should they be disciplined. It should be used as a learning experience to grow from for all parties involved. Having a creative agent in place who understands security programs while pushing boundaries in an authorized manner can achieve such objectives.
To summarize what steps were taken from the example above to get to the end result:
1. Agree upon a specific statement/scope of work (SOW) between the service provider and the client.
2. Resource/assign an agent that is creative in their approach.
3. SOW should have had an allowance for advance research time prior to the read team test to be conducted. I would generally recommend up to 5 hours of time for this in most circumstances but can change based on scope, square footage needing to be tested, and other factors.
4. Expect about the same amount of time on-site for conducting the red team test plus a couple of additional hours for report writing time.
5. Expect to have near real-time communications between the agent/service provider and the client during the operation being conducted to ensure clarity of the exact timing of the red team test. Doing so will help avoid any potential “bad actor” confusion with the operation.
6. Depending on the company’s goals and objectives of the red team test operation, consider having a tracking tool in place that is shared between the service provider and the client representative that is available on a moment’s notice. It could be an Excel sheet or other software that details dates, times, locations as well as names and contact numbers for each respectively should a timely call or note have to be placed. An effective tool will allow for filtering and sorting the content uploaded to moderate varying forms of data for different parties who might desire to see it.
7. While testing people and their practices is the most common denominator in physical security red team tests, there is a component of testing the company’s security technology as well. How well the agent can be seen on camera while conducting the test, any bypassing of access control systems in place that might have been had, or any alarm systems that might have (or should have) been activated when accessing a more vulnerable area of the company’s space are all aspects of security technology that should be looked at while the red team test was conducted. This can be done after the fact, it doesn’t have to be real-time, but doing so ensures the company equipment is also functioning properly.
Serving US: Seattle, Bellevue, San Francisco, San Jose, Sunnyvale, Cupertino, Fremont, Milpitas, San Mateo, Palo Alto, Sacramento, Los Angeles, Orange County, San Diego, Las Vegas, Reno, Portland, Vancouver WA, Honolulu, Denver, Salt Lake City, Dallas, Houston, San Antonio, Austin, Chicago, Columbus, Atlanta, Tampa, Orlando, Miami, Charlotte, Washington DC, New York City, Boston
Serving International: Vancouver Canada, Mexico, Guatemala, Panama, Brazil, Argentina, Chile, Peru, Ireland, United Kingdom, France, Spain, Italy, Switzerland, Germany, Czech Republic, Netherlands, Poland, Hungary, Turkey, Ukraine, Russia, Saudi Arabia, United Arab Emirates, South Africa, Kenya, Nigeria, Algeria, Egypt, India, Bangladesh, China, Thailand, Cambodia, Vietnam, Philippines, Indonesia, Japan, South Korea
Building a business case for security can often be a daunting task, presenting multiple challenges. Now there’s a solution, one that works and makes good business sense. It’s defining the real and measurable value your security business brings to any organization. We’ll discuss how to calculate the real value Corporate Security brings to an organization. It’s called Value Proposition, and it works.
The realization that the sum total of all our efforts was not producing the results we needed led us to look at applying proven business skills to Corporate Security. We asked ourselves about the basic business function of Security, that we couldn’t do today’s job with yesterday’s methods, and expect to be successful in the future.
We began to ask questions of ourselves – and not easy ones.
In taking an honest look at our department, what did we see?
What results were we actually producing?
How did we get there?
What did we need to do?
We also asked of ourselves, if we keep doing what we’re doing right now, where will we be in 1 year, 2 years, and 3 years?
Can we stop trying to explain the problems and start trying to solve them?
We agreed that we needed to train our people to propose solutions rather than keep asking for them.
We also asked the question as to what we learn from tough economic times.
Our answer was that when we are forced to face economic reality we need to do something different.
We asked ourselves this question: At what point do we stop doing what we’re doing and tell ourselves we could do it better?
If we don’t like what’s happening or what we’re getting, at what point do we change?
Why aren’t we anticipating change and preempting problems?
Value proposition mathematically is simply benefits minus cost (VP = B – C). It is a security statement that speaks to how security services addresses and/or solves problems or improves the company’s position. It describes how Security brings specific and quantifiable benefits to the company and tells the company how their security differentiates from other security models. The Value Proposition of Security also describes how Security contributes to the company’s productivity and it’s bottom line. “What we are about is helping the company run its business in a risky world.”[1] The value of Security to the company is its ability to identify and manage risk.
Corporate Security’s Value Proposition may be the most essential part of developing and evangelizing its business case.
Building a business case for Corporate Security is often a daunting task. Challenges include:
The company’s desire for profitability;
Corporate Security does not generate revenue; it’s viewed as a cost center;
The perception that Security adds to much too the business processes;
Determining just how much security is needed and for what;
Determining the level of risk to the organization, especially when there aren’t many incidents;
Workplace violence potential;
Employee conduct;
Terrorism
The budget for Corporate Security – is it ever enough? How do you maximize what you have and produce outcomes of value?
Protecting company information from hackers, viruses, and other concerns;
Security reporting within Security and to the executives;
Theft, loss, and other crimes – by personnel or external people. How does Security involve company employees in protecting themselves and company assets?
Achieving the Corporate Security mission and goals – do security personnel even know what they are?
Transforming a risk-averse, reactive security management model into a proactive, problem identification, results-based model;
Reducing attrition of security personnel;
Finally, optimizing security efficiency and effectiveness, and demonstrating articulable, measurable value to the company.
Given these issues, Corporate Security can address, mitigate, reduce, or even eliminate risk and loss, threats, and provide a workplace environment that enhances productivity and does contribute to the bottom line. There are three major elements that will drive Security’s value dramatically, allowing a quantifiable, measurable, and reportable value. These elements are derived from the Cooper Management Model, developed and implemented by Bill Cooper, Senior Security Manager and retired Chief of Police.
Part 1 – Lean Six Sigma’s Applicability to the Value of Security
By definition, Lean Six Sigma is a business philosophy centered on the relentless identification and elimination of waste, re-works, and redundancy from all processes so they flow at the rate of customer demand, at the same time improve the overall quality of the output. Lean Six Sigma is the optimization of value in all processes. Lean Six Sigma will provide exactly what is needed, when it’s needed, in the form it’s needed. In other words, business process simplification. Lean Six Sigma can be applied to anything. Lean Six Sigma is made up of principles, methods, and tools that are designed to improve the speed and efficiency of any process by targeting and removing unnecessary and wasteful steps or materials – Lean Six Sigma identifies bottlenecks found in processes and systems.
Lean Six Sigma provides a common foundation to support production of services (and goods) for our customers of value to the customer with a high degree of quality and minimal waste. The most significant benefit of Lean Six Sigma is the large-scale cost savings realized sooner rather than later due to streamlined processes. Lean Six Sigma’s goal is growth, not just cost-cutting, with emphasis on effectiveness, not just efficiency. Part of the overall strategy is to teach the organization not only how to improve, but how to innovate.
The need for more efficiency and effectiveness in virtually everything an organization does continues to grow and become more of a priority. Identifying and eliminating what doesn’t add value and reducing cost become more important every day.
Lean Six Sigma is continuous improvement, a process improvement methodology, a results-oriented, focused approach to quality. Lean Six Sigma minimizes mistakes and maximizes value and creates precision in the work. It measures and sets targets for reductions in problems and defects which translates into cost and time savings and dramatically reduces the chances of introducing errors in the future. Lean Six Sigma develops the practice of getting it right the first time.
Lean Six Sigma is the single most effective problem solving methodology for improving organizational performance. The evidence leads you to the real causes of problems, allowing easier solution generation. It improves the speed to completion – you don’t have to work harder or faster to produce more speed; this removes the barriers and obstacles, getting you from beginning to end faster.
Departments have inconsistency in their processes, systems, and services. Professional results demand consistency; inconsistency degrades good performance and inconsistency is all about waste, redundancy, and re-doing work that has already been done.
Any task that can be performed more efficiently and isn’t is an example of poor quality and increased cost – waste.
Benefits of Lean Six Sigma
Faster service
Higher quality
Lower cost
Increased performance
Increased credibility
Increased morale
Predictability
Part 2 – The Value of Business Intelligence to Decision Making
Security organizations collect large amounts of information and data as a result of their daily operations. Using that data to create usable information and actionable intelligence is a key element of good security management. Organizing the information in as near real time as possible and displaying it in a useful manner is critical to allowing proper decisions regarding deployment and actions required to provide the organization with measurable, articulable results. The purpose of a good business intelligence system is to improve the availability and quality of information useful for making more informed management decisions – based on facts.
Establishing a business intelligence architecture in your security organization can transform this raw data into meaningful and useful information. Business intelligence provides historic, current, and predictive views of your operations. If you were asked by superiors to provide essential information – facts – about the real results Security is providing, could you do it? Do you have quantifiable security performance metrics that show an improved state of security and safety in the organization? Do you have – and use – metrics that consistently and intelligently assess outputs and results?
Business Intelligence also provides Security with two further opportunities:
Good systems can help fix problems in the shortest time possible.
Better align strategy and execution; better deployment of staff and resources; better overall decision making that gets Security to achieving its goals.
Intelligence is crucial to managing security. When developing and deploying business intelligence, the broader the distribution the higher the return. The more real-time the intelligence distribution the more agility Security has in addressing security and safety issues and concerns.
This data-based analysis improves the quality of decision making throughout the organization by replacing hunches and guesses with data-based analysis. The ability to identify real causes allows Security to design and deploy solutions that produce results that are unmatched.
Producing business intelligence in a graphics-rich format allows faster, far more accurate deployment of staff and resources to real problems, producing real outcomes. This system additionally measures performance and accountability.
Based on the original NYPD CompStat program, this business intelligence system asks four questions, each requiring answers:
What’s working….why?
What’s not working…why not?
If it isn’t working what could we or should we do about it?
What new strategies need to be put in place?
The benefits of a good, robust business intelligence system include:
Delivers consistent information
Drives innovative problem solving
Gives a better view of reality and drives better decisions based on that reality
Improves communication – no spin
Saves time and cost
Enables fact-based decision making
Provides actionable intelligence
Drives an effective overall Security strategy
Enhances the ability to make superior decisions
Improves the ability to create effective plans
Optimizes performance of Security
Part 3 – Employee Involvement in Organizational Security
Organizations speak frequently about employees being involved in working with their communities to enhance their quality of life. These organizations seek to hire and retain good employees and Security is no different. The purpose here is for Security to partner with the organization’s staff and employees as a force multiplier in keeping the company safe and secure. By successfully doing this the company can reduce its costs, time to complete work, and improve its profit margin.
Employees, typically new to an organization, are provided with orientation that may include direction on how to keep themselves and corporate assets secure – most of this orientation is inadequate. If assets are lost or stolen, the cost to the organization may become very large. Risk of loss and vulnerability to loss increase proportional to lax behavior on the part of employees.
It is Security’s responsibility to assure assets and people are protected. In reality, Security traditionally follows a reactive management model, reporting loss or other issues after the fact. The value of Security increases exponentially as it transforms into a proactive, results-based model. By a proactive approach, security officers look for and identify security and safety issues, escalate them to the appropriate people, and follow up to assure they have been addressed.
Examples of real cases include the following:
Asset protection – proactively patrolling the company’s buildings security officers observed unsecured laptop computers by the hundreds after hours, even though employees had been given locking cables. Over 400 unsecured laptops were observed. Officers created a professional reminder card, reminding employees of the need to secure their assets. Officers signed, dated and placed the cards on the desks. In a 30-day period these unsecured laptops were reduced by 98% and kept there.
To calculate the value of this one security activity, assume 20 laptops per year were stolen. The value of the computer is about $1,500. The value of the intellectual property on the computer varies. Now, examine the time and loss associated with replacing the computer. Question 1 is how long the employee who lost the computer takes to get fully re-engaged. On average it is about 10 days – 2 weeks. Determine how many people are involved in reporting the loss, authorizing the replacement, ordering, preparing, shipping, and formatting the computer before it goes to the employee. On average the cost is between $10,000 and $20,000 per loss.
If 20 laptops are lost annually, the effective loss to the company is estimated to be about $200,000 – $400,000. As Security reduced that loss by 98%, Security saved the company some $196,000 – $392,000 in cost avoidance. By simply quietly and subtly engaging the employees in securing their own assets, Security saved a significant amount of money.
To further this example, Security conducted an assessment of access control on the campus. Each building required a card key to enter, but due to tailgating, employees letting people in, etc., Security determined 56% of the employees entering the executive building did not have or use an access card. With 17,000 visitors annually, Security and the company did not know who more than 9,000 of them were – a significant risk and vulnerability.
Security implemented random visits to visibly remind employees to use their cards and not allow tailgating, etc. In six months, a reduction of 90% was realized, resulting in 8,500 fewer people entering than previously. Security’s random reminders to employees had those employees reminding fellow employees, visitors, and others to use a card key to get in.
Look at the cause and effect relationship to establish real value of Security. The report to the C-Suite stated that people had less than a 10% probability of entering one of the buildings, and f they did get in, had less than a 2% probability of taking something of value.
Overheating IDF/MDF rooms – server farms – this company had 10 such rooms. If the rooms got to a certain temperature level, they overheated and shut down. It cost $100,000 to reboot them and get them in working order. The security officers proactively began to check each room on each shift. In a 1-year period, they found the rooms overheating 184 times. The officers acted on the spot and prevented the loss to the company.
By proactively patrolling, looking for problems, the officers saved the company more than $18,000,000 annualized.
We’ll next look at, define, and establish the value proposition of Security in any organizations.
Part 4 – The Value Proposition of Security
Value proposition is a clear, compelling, and credible statement of the experience the company will receive from Security. Value propositions work because they force Security to focus resources where they are needed; articulating this value increases the visibility and presence of Security in the organization. The presence of properly managed Security allows the organization and its employees to enhance productivity and optimize performance, decreases costs and issues and increase profit.
Security needs to ask and answer these questions to describe itself and begin to articulate its value:
Where does Security excel?
What does Security actually do that lowers costs in the organization and helps increase profit?
What does Security do that helps the organization improve quality and eliminate problems, waste, redundancy, and non-value add elements?
What are the core competencies of Security?
What benefits does Security provide the organization to employees or systems that allows them to be better than they were?
Recall that Value Proposition is simply Benefits minus Costs (VP = B – C). To calculate value use that formula. Assume the cost element is the Security budget. Using the previous case study involving IDF/MDF rooms we determined that Security’s proactive patrol model resulted in more than $18,000,000 in cost avoidance. In this instance the Corporate Security budget was $9,000,000. The Value Proposition is benefits minus cost, or $18,000,000 – $9,000,000, or for every dollar spent on Security, Security returned two dollars. This is just one example; imagine doing this for each instance. In this case Security told the C-Suite that for every dollar invested in Security, Security was returning between $2 and $100 – quite a compelling ratio.
In the instance of unsecured laptop computers, the cost of the reminder cards was about $200. The cost avoidance at the lower end was $200,000, so in this case for every dollar invested in Security, Security returned $1,000. This is yet another compelling statement.
Tying the Parts Together
Any one element of these models works very well as a stand-alone system; each has been proven successful in its own right. The strength of each part is amplified when they are combined into a single management model.
Employee Involvement reduces the burden on Security by acting as a force multiplier to Security, freeing time and cost.
Lean Six Sigma eliminates suboptimal processes, further reducing time and cost and freeing security resources.
The Business Intelligence Decision Support System laser focuses your security resources to where they’re needed, what they’re needed for, and how they’re needed. The randomness of patrols is refocused.
Value Proposition demonstrates the true value of Security to the organization, clearly showing measurable, articulable results. These results are formatted graphically into the reports prepared for executives, each of which provides an enhancement to the organization’s financial and operational positions. The bottom line is dramatically improved.
Finally, “Do not lose sight of the fact that you are the core to your venture’s value proposition. What solution can you deliver uniquely well? What kind of disruptive business model can you bring? Be true to yourself as a thought leader and you will go far.
Chief Security Officer Online, August 1, 2003. Security’s Value Proposition.
The Cooper Management Model, copyright 2010, 2015. Bill Cooper.
Leading Beyond Tradition: Exceeding Expectations in Any Economy, Cooper, William E., 2012
Leading Beyond Tradition: Exceeding Expectations in Any Economy, Cooper, William E., 2015
Serving US: Seattle, Bellevue, San Francisco, San Jose, Sunnyvale, Cupertino, Fremont, Milpitas, San Mateo, Palo Alto, Sacramento, Los Angeles, Orange County, San Diego, Las Vegas, Reno, Portland, Vancouver WA, Honolulu, Denver, Salt Lake City, Dallas, Houston, San Antonio, Austin, Chicago, Columbus, Atlanta, Tampa, Orlando, Miami, Charlotte, Washington DC, New York City, Boston
Serving International: Vancouver Canada, Mexico, Guatemala, Panama, Brazil, Argentina, Chile, Peru, Ireland, United Kingdom, France, Spain, Italy, Switzerland, Germany, Czech Republic, Netherlands, Poland, Hungary, Turkey, Ukraine, Russia, Saudi Arabia, United Arab Emirates, South Africa, Kenya, Nigeria, Algeria, Egypt, India, Bangladesh, China, Thailand, Cambodia, Vietnam, Philippines, Indonesia, Japan, South Korea
Business Continuity and Resumption becomes more important to businesses when something goes wrong. The panic sets in, the rush to make things right, and then the finger-pointing aftermath. Many companies take the gamble because business continuity and resumption seems like such a daunting task, and who really has time for all that? Here are four steps to motivate you to get started on your Business Continuity and Resumption Planning (BCRP).
One of the great places to start your Business Continuity and Resumption Planning process is to conduct an All Hazards Risk Assessment. A good all hazards assessment will short-list what your company (per location) will need to address in your planning. For example, are hurricanes prevalent in your operating area, or is that St. Louis branch far inland and unaffected by such weather conditions? What are the historic norms for your hot list of hazards? Now that you have completed your All Hazards Risk Assessment, you have great intel to begin your Business Continuity and Resumption Planning journey…
Tip #1 Leverage Your Internal Resources
Your company has many unique processes and programming to deliver your product or service to market. The greatest experts are therefore within your own operations. There are many front-line personnel who hold amazing amounts of historical and current know-how. Whether you tackle this planning alone or with a consultant, you need to ensure this knowledge base is exploited for the good of your company and you need to resist any third-party consultant that wishes to move you towards a cookie-cutter approach to Business Continuity and Resumption Planning. Leverage your internal resources and save yourself money in the long run.
Tip #2 Break Up the Work Into Small Tasks
BCRP does not come together overnight. Organize a team of internal stakeholders from various departments within your operations. Develop a questionnaire to be sent out to every department within your operations. Send it to that department’s manager. Have each department rank their critical processes and equipment/material needs. Don’t overload them and don’t give these folks to many tasks to do at once, or they simple will push this to the side of their desks.
Tip #3 Analyze Responses and Probe Loss
Now that your team has flushed out what may be critical to your specific business units, have each department take another small bite of the BCRP pie. Have your team develop a rating system for the impact of loss of process or equipment, based on time. What will the impact be if this process, equipment, or other asset be unavailable for (5 minutes, 20 minutes, 40 minutes, 1 hour, and so on). Include 24, 48, and 72-hour time frames.
Tip #4 Zero in and Get Creative
Now have your team work with the departments to sort out what was “nice to have” on the lists, as opposed to what is really CRITICAL to company operations. When you have whittled things down to what is truly critical, it’s time to work creatively on solutions that will help your company RESUME operations, following an emergency. Think out of the box to see what you can borrow, patch or share within and outside of your operations. Pen agreements and devise plans around these valuable recovery resources and begin to assemble these items NOW, while there is no active crisis to deal with. Ensure that you update this entire process on a regular basis.
There are many ways to tackle the Business Continuity and Resumption Planning process. This is one very simplistic way of starting something from scratch. In an upcoming blog post, I will share some examples from the field regarding some of these items and issues. Good luck with your BCRP! If Premier Risk Solutions can be of assistance, please do not hesitate to reach out!
