Specifically Speaking with Mark Schreiber
Tell me about the services Safeguards Consulting offers and your “open door policy.”
Safeguards Consulting supports an "Open Door Policy" with security manufacturers and integrators, whereby we will make time for all so that we can be as comprehensive as possible for our clients. It would be inappropriate to assume that we could recommend any solution without analyzing the delivery and maintenance impact of our clients’ locations, so we strive to keep a base knowledge of as many vendors as humanly possible.
What’s your philosophy with complete facility design?
When we support a client with a comprehensive project, we advise and support the complete design of the facility, not just the physical security systems. Above and beyond barriers, gates, fencing, and traditional hardening recommendations, we advise the architects and other engineering groups to design the facility itself to support security and mitigation of crime. We use CPTED (Crime Prevention Through Environmental Design) principles, construction experience, and other skills to help the design team optimize the building not only for the primary users of the built environment, but also the security operations and emergency response needs. For example, we are typically the first entity on the team to look at the facility's impact to workplace violence/active shooter response procedures.
How do you deal with cybersecurity issues and concerns with your designs?
The role of cybersecurity is easy to underestimate by many organizations because the typical vulnerabilities are massive in number, but traditional security practitioners tend to act like it is outside of their jurisdiction. The reality is that we already are deeply involved and impacted by cyber risks and the sooner we can address and collaborate with our cybersecurity brethren, the better off our organization's security posture will be. Therefore, we strongly support, evangelize and teach the value and methods of security convergence. Within our direct capabilities, we coordinate and plan within our client's team to support and initiate security convergence operations. We also ask and incentivize physical security vendors to improve and implement cybersecurity principles and methods. We scope and specify simple authentication and network management applications, in addition to operational requirements that are considered standard processes in the IT world, but are often overlooked in the physical security industry.
Do you specify biometrics frequently? What type of biometric technologies do you specify, and what are the best use cases for those biometrics? Has that changed much over the years?
Yes, biometrics are commonly recommended and implemented on our projects that have above-average security risks. The purpose is to provide multiple factors of authentication, not just for their inherent security. The selection of biometrics is based upon the physical environment they will be used in, the expectations of operations for the access control portal (i.e. users wearing street clothes, uniforms, lab gear, etc.), and the convenience impact the biometrics creates (i.e. lower throughput). We have been involved with biometrics in various forms and fashions for over a decade, and have seen many limitations with their use, but we value the extra layer of security they provide and greatly appreciate their advancement in operational efficiency. If we were to make a request to the total group of biometric manufacturers in the industry, we would ask that they also focus on supporting a much greater number of direct integrations to the various access control systems that exist.