Daily Archives: 08/08/2013

The Fire Safety Company becomes first NSI approved organisation to attain four BAFE registrations

Based in Richmond, North Yorkshire, The Fire Safety Company has attained four BAFE scheme registrations, using the National Security Inspectorate (NSI) as its UKAS accredited certification body.

Currently, the company is the only organisation to have achieved this number of BAFE scheme registrations.

At a presentation at Head Office on 2 August, William Hague – the foreign secretary and local MP – presented presented the organisation with its NSI framed certificates and medals to commemorate this significant achievement.

The most recent registration achieved by The Fire Safety Company is for BAFE’s Life Safety Fire Risk Assessment Scheme (SP205), adding to Fire Detection and Alarms (SP203-1), Emergency Lighting Systems (SP203-4) and Contract Maintenance of Portable Fire Extinguishers (SP101).

Foreign secretary and local MP William Hague presents the certificates of compliance

Foreign secretary and local MP William Hague presents the certificates of compliance

Sanjay Saggar, managing director of The Fire Safety Company, commented: “Naturally, I’m delighted that we are the first UK fire protection business to achieve this distinction. The accolade truly upholds the hard work the team has put into our company and unmistakably demonstrates our expertise and continual commitment to give our clients the very best in terms of service and quality.”

Saggar continued: “The NSI’s auditing team was firm but fair and very thorough during the auditing process. It wasn’t easy, and we wouldn’t have wanted it any other way because we want our accreditations to really stand for something.”

A very proud managing director also said: “These awards make business sense, too. It has allowed us to differentiate ourselves from every other fire protection company in the UK. We can approach clients with real credibility as a ‘Go To’ company for fire safety expertise. In truth, at The Fire Safety Company we realise that this was the easy part. The challenge for us is to maintain these high standards day in, day out in the years to come. We look forward to working with the NSI as our fire safety compliance champions.”

NSI CEO Jeff Little OBE

NSI CEO Jeff Little OBE

“Unquestionable commitment to the profession”

Jeff Little, the NSI’s CEO, stated: “This is a tremendous achievement for Sanjay Saggar and his team at The Fire Safety Company, and I congratulate them all. Attaining four BAFE Scheme registrations is no mean feat, and clearly demonstrates to the company’s customers and industry peers their unquestionable commitment to their profession. We’re delighted that The Fire Safety Company chose the NSI as its sole certification body. We’re very pleased that, in parallel to its BAFE Scheme registration, the company has attained the much coveted NSI Fire Gold and Life Safety Fire Risk Assessment Gold approvals for which they should be heartedly applauded.”

Stephen Adams, the CEO of BAFE, said: “I’m delighted to congratulate The Fire Safety Company on being the first to achieve registrations to four different BAFE schemes. Current fire safety legislation requires that the person responsible for a property takes all reasonable steps to ensure the safety of staff and customers. By using fire protection companies that have gained certification from an accredited body, they can show that they have done this.”

Adams concluded: “Sanjay Saggar and his team have shown their quality commitment across important areas of fire protection including the vital initial fire risk assessment service.”

Leave a comment

Filed under IFSECGlobal.com News

Viewpoint: ‘The Licensing of Private Investigators’ (by Chris Brogan)

The Home Secretary Theresa May has finally decided that private investigators will require a licence under the Private Security Industry Act 2001 to take effect at the end of 2014.

The fine details of this proposed regulation have yet to be released, but while we’re waiting I thought I might share the following thoughts with you.

Over the years there has been a great deal of difficulty in establishing a definition of a private investigator and/or what he/she does (http://www.statewatch.org/news/2012/jul/uk-hasc-private-investigators-report.pdf). For the purposes of this article I’m suggesting it’s likely to be a non law-enforcement or public authority investigator.

Section 3 of the Private Security Industry Act addresses the offence of not having a licence when engaged in a licensable activity. “A person guilty of an offence under this section shall be liable, on summary conviction, to imprisonment for a term not exceeding six months or to a fine not exceeding Level 5 on the standard scale, or to both” (Section 3 (6) Private Security Industry Act 2001).

Now there’s nothing new in that. Any of those companies or individuals that have already had to comply with the Act will be familiar with these offences. The point that I want to address here is around ‘licensable conduct’ and what that looks like in the real world.

Chris Brogan: strong views on the licensing of private investigators

Chris Brogan: strong views on the licensing of private investigators

Section 3 (2) lists ten activities of licensable conduct. What is common throughout is that the conduct has to be in connection with a contract. If there isn’t a contractual agreement with the person/organisation that the licensable activity is being provided for then you don’t need a licence. The old chestnut of in-house security officers not being licensed readily springs to mind.

Contracts in English law

A contract in English law requires four components. There has to be an offer. Clear and unambiguous. There has to be an acceptance of that offer. Clear and unambiguous.

Consideration has to change hands. This does not mean money. Consideration is just something of value. It could be a service for a service. The contract also has to be considered legally binding between both parties.

Now consider the position of ABC plc, a large UK bank/corporation with lots of subsidiaries and/or associate companies. The investigation department is part of the head office structure and they supply investigative services to their branch offices and their subsidiary and associate companies.

These subsidiary and associate companies are separate legal entities under UK company law. (Companies Act 2006) ABC plc can sue or be sued by their subsidiary/associate companies. These individual companies, for reasons of motivation/individual corporate structure, are independent profit centres and their incomes and expenditure are reflected in their annual balance sheets. Look at any set of balance sheets of a plc company and you’re likely to see reference to balances due to and/or from subsidiary or associated companies.

I suggest that the above scenario is very familiar with any reader that has worked for a large concern. These concerns are, probably through ignorance, running risks that could have consequences of a financial, reputational and legal nature. If these risks ever mature where will the blame lie? Who owns the risk where security-related issues are concerned?

These investigative services are being supplied under contract and, as such, it’s my submission that:
• The individuals providing this service should be required to hold a licence. Section 3 (2)(b) of the Private Security Industry Act 2001.
• The directors of ABC plc – the company that’s providing these services under a contractual basis to their associate/subsidiary companies – should be licensed. Section 3 (2)(a) of the Private Security Industry Act 2001. That includes the non-executive directors whether they have a seat in the House of Lords or not.
• The mangers of these companies providing these services should be required to hold a licence. Section 3 (2)(d) of the Private Security Industry Act 2001.

Home Secretary Theresa May

Home Secretary Theresa May

Opening the floodgates of litigation

Now, if my submission is correct then the investigator who is committing a criminal offence could be prosecuted and runs the risk of not being able to obtain a licence in the future because of the negligence of his employers who owe him/her a legal Duty of Care.

I suggest that it would require only one successful case for the floodgates of litigation to open with the likes of Liberty and Big Brother Watch clamouring to offer their support. Just look at the recent press condemning the use of private investigators by local and public authorities.

This isn’t the first time that I’ve raised this argument, albeit previously in relation to security guarding. I have on nine separate occasions raised these points with the Security Industry Authority (SIA) at varying levels, all the way to the top. On the last occasion an SIA official told me that he would look in to it and would come back to me. I told him that eight of his colleagues over the years had told me that same story and they hadn’t. His forceful reply was that “he would.” That was three years ago and so far he hasn’t.

Come next year, private investigators will require a licence. Life is tough enough for them as it is. This will be the third regime to which they will have to submit control of their activities (The Office of Fair Trading – Consumer Credit Act 1974 as amended by the Consumer Credit Act 2006, the Information Commissioner’s Office – Data Protection Act 1998 and the Security Industry Authority – Private Security Industry Act 2001).

As these investigators will be competing on an un-level playing field with their in-house commercial colleagues, I suggest that they’ll have little compunction in drawing these potential illegal activities to the attention of the authorities and any other bodies whose interests may be furthered by these revelations.

How can you manage a risk if you don’t know what it is?

I hope that I’ve helped you identify some of the risks that you and your organisation may already be running. There are many more that could result from the above scenario. Risks breed risks.

It’s a well known legal maxim that the unforeseen consequences of legislation far outweigh the foreseen consequences. This doesn’t mean that we have to be unprepared.

Chris Brogan MA LLM MIBA FSyI, Partner, B&G Associates

1 Comment

Filed under IFSECGlobal.com News

BSIA members defend the use of ‘zero hours’ contracts in security

Security industry professionals have spoken out in defence of ‘zero hours’ contracts, with almost 80% of British Security Industry Association (BSIA) members agreeing with the concept despite the coalition Government’s recent pledge to review such arrangements following pressure from Trade Unions.

The BSIA – the Trade Association representing the UK’s private security industry – conducted a survey of those sections of its membership which deliver people-based security solutions, including security guarding, door supervision, crowd management, Cash-in-Transit and close protection services.

79.2% of members agreed with the concept of ‘zero hours’ contracts, citing increased flexibility and the ability to meet unexpected demand as the two key benefits of such agreements.

According to recent reports by the Chartered Institute of Personnel and Development, more than a million UK workers are on ‘zero hours’ contracts. Such Terms and Conditions offer no guarantees of shifts or work patterns, causing many Trade Unions to call for a ban on such arrangements and prompting the Government’s business secretary, Vince Cable, to pledge a full-scale review.

Security industry professionals have spoken out in defence of ‘zero hours’ contracts, with almost 80% of BSIA members agreeing with the concept

Security industry professionals have spoken out in defence of ‘zero hours’ contracts, with almost 80% of BSIA members agreeing with the concept

Benefits for both employees and employers

With 73.9% of respondents to the BSIA’s survey also indicating that they currently employ staff on ‘zero hours’ contracts, the Trade Association is eager to defend their use within the security sector.

Trevor Elliott, the director of manpower and membership services at the BSIA, commented: “While we welcome the Government’s review of ‘zero hours’ contracts, it’s important to emphasise that where they are correctly managed, these arrangements can have a real benefit to both employees and employers. For employers within the security sector, who are often required to respond to high volume demand over very short periods of time, ‘zero hours’ contracts provide flexibility and the ability to be adaptable in fulfilling customer requirements.”

In terms of benefits for employees, Elliott explained: “For employees, ‘zero hours’ contracts offer more employment rights than those afforded to casual workers, in that they are considered to have official employee status. The flexibility of such contracts also enables individuals to retain greater control over when they work. However, it;s important to recognise the prevalence of ambiguity in terms of what is expected from both employer and employee. This should be addressed as part of the Government’s review.”

Trevor Elliott: the BSIA's director of manpower and membership services

Trevor Elliott: the BSIA’s director of manpower and membership services

Elliott continued: “That being said, it’s equally important to acknowledge that where these contracts are poorly managed, they may have a detrimental effect. Potential negatives highlighted by our survey included lack of stability for employees and a degree of ambiguity in terms of what is expected from both employer and employee. As such, we will look forward to the results of the Government’s review and stand prepared to defend security sector employers and their employees to ensure that they are not negatively affected by the actions of unscrupulous employers.”

Leave a comment

Filed under IFSECGlobal.com News

Petition Against Passwords campaigners issue ‘Call To Action’ for large consumer sites to implement password-less logins

The initiative has sparked a debate that questions the future of usernames and passwords

The Petition Against Passwords is a public advocacy campaign promoting ‘password-less’ alternatives to hack-prone usernames and passwords. Organisers state that the new campaign is gaining momentum with technology companies, legislators and the press.

Formally launched on 24 July, the Petition quickly gained national media attention, receiving coverage from leading media outlets including the LA Times, CSO Online, Dark Reading, CBS MarketWatch, Upstart Business Journal and BBC Radio 4.

Already supported by companies in Silicon Valley and the US, the launch of the Petition quickly gained the attention of companies from across the globe, among them NuData Security, Authenticade (CryoKey), Sensible Vision (FastAccess Anywhere), UK-based Winfrasoft and others.

The Petition Against Passwords is a public initiative designed to help consumers voice their desire for more convenient and secure 'password-less' identity protection

The Petition Against Passwords is a public initiative designed to help consumers voice their desire for more convenient and secure ‘password-less’ identity protection

Passwords: an enabler for fraud?

“Fraudsters and hackers see passwords as an enabler to fraud – they’re easy to guess, break and bypass and are reused by users across multiple sites,” stated Michel Giasson, CEO at NuData Security. “The inherent weakness of passwords is what has caused the prolific increase in account takeover fraud, which is a form of identity theft.”

Chris Ho – co-founder of Authenticade – commented: “You may tolerate passwords now, but once you start using the next generation of authentication alternatives, you’ll wonder how you ever put up with passwords in the first place.”

George Brostoff is the CEO of Sensible Vision. He added: “Single factor security is no longer sufficient for most applications. All security methods have strengths and weaknesses. As weaknesses become more well known, the best way to address them is with a second, complimentary logon technique. The key, however, is to add additional factors while maintaining a high degree of convenience. Two factor techniques that are burdensome or difficult to use can actually be less secure in real-life practice than either individual technique would be alone.”

Another commentator on this subject is Steven Hope, the CEO of Winfrasoft. “The password is one of many authentication dinosaurs that we need to confine to the history books,” he said. “They are costly to administer, people don’t want to use them and, crucially, they’re not secure.”

As the Petition Against Passwords continues to gain momentum, Petition organisers have offered an open challenge to find the first large-scale consumer site willing to offer a password-less login alternative once the Petition reaches more than 100,000 signatures.

“First, we would like to applaud all of the innovative identity companies participating in the Petition Against Passwords initiative,” explained Brennen Byrne, CEO of Clef (the company that organised the Petition Against Passwords).

“Now, we’d like to see other companies participate. Any site that uses passwords today can promote their own brand through the Petition by setting a signature threshold and pledging to make a change if the threshold is reached. We can only solve this problem by working together, and we want to help promote companies who are offering password-less logins to their customers.”

About the Petition Against Passwords

The Petition Against Passwords is a public initiative designed to help consumers voice their desire for more convenient and secure ‘password-less’ identity protection.

The Petition sheds light on the need for a significant one-authentication registration overhaul in the continued wake of large-scale data breaches impacting millions of consumers.

The Petition brings together organisations from technology, research, consumer advocacy and public policy to advocate for the implementation of password-less technologies to replace hack prone one-factor authentication.

To learn more about the Petition Against Passwords visit http://www.petitionagainstpasswords.com

Leave a comment

Filed under IFSECGlobal.com News