Improving Your Security Program
Security breaches in the United States cost industry tens of billions of dollars each year. If you manufacture, distribute, or ship high-value items, security within your company is at risk of being compromised. Preventing security breaches—in your facilities, and when your cargo is being loaded or unloaded for transit—is key. Here are 10 tips for improving your security program, from Scott Kirk, executive vice president, E.J. Brooks, a Livingston, N.J.-based manufacturer of tamper-indicating security seals and locking devices.
1. Apply for C-TPAT certification. What better way for your company to identify its true strengths and vulnerabilities than through a thorough self-assessment? Any company that qualifies for C-TPAT status should immediately contact U.S. Customs and Border Protection to obtain an application. C-TPAT eligibility requires a vulnerability assessment conducted via a customs-supplied questionnaire. This initiative alone should expose most security weaknesses within a company's supply chain.
2. Make sure physical integrity of shipments is never compromised, and conduct random container/trailer inspections. These inspections help identify irregularities. Drivers should surrender their identification to your guard, who verifies the information. The guard should record the container number, license plate of the rig, seal number, date, and time. Random spot checks of containers are always beneficial and should be done in the presence of more than one security officer.
3. Put in place physical access and employee/visitor controls. Control all physical and visitor access. Make sure employees always wear a photo identification badge, and that visitors display a clearly identifiable visitor's badge that documents their identity, date and time of their visit, and the person they are seeing. Always escort visitors and never compromise controlled access to sensitive areas.
4. Make pre-employment verification a priority and do it well. Thoroughly interview and screen potential employees. Besides asking applicants to submit a resume, employment history, and references, have them sign a release form authorizing your company to perform a background check. If an individual is terminated, ensure that all company property, identification badges, passwords, and other documents are received, then escort the individual from company premises.
5. Stay up to date on security regulations and make sure your company complies. The global supply chain is at risk from terrorists who will exploit any weakness. Make sure you understand and conform to known World Customs Organization/U.S. Customs and Border Protection regulations. This will enhance your cargo's safety and security, and help other shippers who will indirectly benefit from your extra diligence. Security is everyone's responsibility.
6. Protect your facility with proper security fences and surveillance. Install perimeter fencing around container and truck yards, and inspect the fencing regularly. Man security gates continually and closely monitor access to terminal locations. Install external lighting, specifically in terminal areas that see little activity or traffic. In many cases, it makes sense to install video surveillance. Keep separate logs of arriving and departing containers and trailers. Verify driver information, container/trailer identification, bills of lading, shipper and carrier information, and seal number, and rectify any discrepancies.
7. Increase the security awareness of all employees.Employees can minimize the potential for cargo theft by knowing how to respond to unexpected situations involving intruder entries and terminal incidents. Provide annual training, at a minimum. Better yet are quarterly training sessions on topics such as: customs and law enforcement; how to identify and report suspicious activities; recognizing internal collusion; and the promotion and maintenance of sound security procedures within the supply chain.
8. Physically protect your IT/data center and set it apart from other operations. IT personnel are especially vulnerable to security breaches, so access should be limited to authorized personnel. The IT center should have a separate source of non-interruptible power, as well as a firewall device to restrict users to pre-determined content. Password-protect desktop access and maintain a fully secured data structure with appropriate backups at regular intervals.
9. Use high-security seals.High-security seals, as identified by ISO 17712, conform to all present and upcoming sealing mandates and regulations. Train all users to recognize compliant, high-security seals and to identify indications that suggest theft or pilferage. Make sure that test documents proving compliance to ISO 17712 exist, that the test facility is A2LA-certified and independent, and that the manufacturer has been audited by a certified entity.
10. Test your security program. Testing can be done at little or no expense. You can, for example, park an unmarked vehicle in an area that is off-limits to through-traffic, plant a person with a visitor's badge in a sensitive area of your facility, or deliberately change some aspect of a container's identification, such as its bill of lading, container ID, or seal sequence number. Then monitor, observe, and critique how employees and gate personnel react to these scenarios.