November 07, 2007 — CSO — Colored lanyards. All faculty, staff and visitors should wear badges attached to colored lanyards (preferably with breakaway clasps), and the colors should correspond to their role (e.g., red for faculty, blue for visitor). Itâ¬"s a simple way to identify people from a distance and also spot suspicious people roaming without a lanyard.
"Hi. How can I help you?" Staff and even students should be trained to ask strangers this question. Note the wording of the question. "Can I help you?" will not work because it gives the person the opportunity to say "No." "Hi" is polite and disarms the person. The word "how" forces the person to state a purpose. An inability to answer this question easily is a tip-off that the person could be up to no good.
Operating profile map. A simple way to understand what needs to be done from a security and access control perspective is to map out your facilityâ¬"s operating profile. Draw a time line that starts at 12 a.m. and ends at 12 a.m. 24 hours. Then draw three lines underneath, one that stretches across the "operating day" when the highest concentration of assets (students) are present. The second line is for facilities, and stretches for as long as some access to the building is needed, regardless of whether school is in session. The third line is for dark hours, when zero access to the school is required. These maps can be made for general operating times and also for weekends or special events and can help stakeholders understand what policies are in place when.
Crisis card. A single laminated card with major risks and proper responses can be made to stick under the phones of staff. Risks are listed in three categories and are color coded: green for environmental risks (e.g., weather), blue for medical risks (e.g., seizure) and red for security risks (e.g., bomb threat). Under each of these categories, the specific risks are listed in order of most likely to occur to least likely.
Source: Paul Timm, Reta Security Inc.
Other stories by Scott Berinato
Data Center Directions Virtual Conference
Attend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.
Maximizing Site Visitor Trust Using Extended Validation SSL
Now with Extended Validation (EV) SSL available from VeriSign, you can show your customers that they can trust your site. Learn about EV SSL benefits in the free VeriSign white paper.
Prudential Financial Protects its Brand with Symantec Data Loss Prevention Solutions
FORTUNE 100 insurance leaders rely on Symantec.Information Security: Data Drains and How to Prevent Loss
Do you know where your confidential data is?Data Loss Prevention: Keeping Sensitive Data Out of the Wrong Hands
Learn what the thought-leaders at PricewaterhouseCoopers have to say.7 Requirements of Data Loss Prevention
Incorporate best practices from many companies using DLP solutions.E-LOAN Maintains Reputation as a Privacy Leader with Symantec Data Loss Prevention
Learn how this implementation of a DLP solution helps ensure customer trust and loyalty.
- Certificate and Smart Card Management with ILM 2007
- Identity & Access Management
- Practical Role Management: Real-World Approaches to a Complex Problem
- The Case for Business Software Assurance ~ Securing Your Applications
- The Latest Advancements in SSL Technology
- Maximizing Site Visitor Trust Using Extended Validation SSL
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
7th Annual Digital ID World
-
September 8 - 10, 2008Hilton AnaheimRegister now »
Anaheim, California
(ISC)2 members can earn up to 20 CPE Credits
Reference priority code ONLINE and save $800 off the full registration price — attend the program for $995
