Tag Archives: HR

Evolution invests in people development with appointment of Louise Gough as Human Resources manager

Evolution, the integrated fire and security solutions specialist, has appointed Louise Gough as its new Human Resources (HR) manager to lead the business’ recruitment strategy, implement new training and development opportunities, manage employee relations and provide support to the wider business.

Gough joins Evolution with a wealth of HR management experience, including eight years’s service with a market-leading integrated security business where she was also involved in project and bid work and facilities management. Prior to that, Gough worked for a number of large manufacturing and construction firms.

Louise

Louise Gough: the new HR manager at Evolution

Now, Gough is looking forward to helping drive even further business growth at Evolution. “It’s a very exciting time for the business,” explained Gough in conversation with Risk Xtra. “The workforce has expanded considerably already this year and further growth is expected as a result of the business being successful in winning some large projects n the UK, the Republic of Ireland and further afield in Europe.”

Further, Gough stated: “I hope to add real value to the business and will start by closely reviewing our recruitment and wider people strategies and use my knowledge and experience to implement new methods that enable us to work smarter, while also enhancing our strong position within the integrated security sector. I want to take the HR burden away from the senior managers and allow them to focus more closely on their own roles, which in turn will lead to more proactive and productive teams.”

Richard Lambert, managing director of Evolution, enthused: “We’re delighted that Louise is joining the team. She has proven experience and great sector knowledge which will be invaluable. There’s no doubt Louise will help to drive the business forward as we continue our plans to grow in the UK and Europe.”

Advertisements

Leave a comment

Filed under Risk Xtra

Inner Range set to showcase new Mimic Viewer at International Security Expo

Access control solutions developer Inner Range will showcase a new Mimic Viewer for its award-winning Integriti product at the International Security Expo, which takes place in London later this month.

The Mimic Viewer provides a visual ‘read only’ overview of the intelligent Integriti access control and intruder detection system. It allows security staff to view events remotely without passing control of the system off-site.

The Mimic Viewer is a separate installation with its own connection to the controller, which can be Ethernet-based or via the UniBus UART board. This is helpful for those sites that don’t allow networked computers to be left logged in and unattended, or in the case of a network failure.

InnerRangeMimicViewer1

Tim Northwood, general manager of Inner Range, said: “Mimic panels are a fantastic way of providing a visual overview of a system, allowing rapid comprehension of a situation and response when an emergency occurs. Our Mimic Viewer has the added benefit of being separate from any network, so it will maintain its connection whatever the network status and ensure better levels of security as a result.”

Northwood added: “The International Security Expo is always a great event for showing new and existing customers what our products can do. We’ll be allowing delegates to try out our enterprise and high security products for themselves.”

Inner Range will be offering demonstrations of its scalable enterprise access control system, Integriti, as well as the Integriti High Security Encrypted solution and the Sifer reading technology, MIFARE DESfire EV2. Stand J30 is where Risk Xtra’s readers can find the company at London’s Olympia.

InnerRangeMimicViewer2

The Integriti system delivers an intelligent integrated security solution ideal for managing and controlling single and multiple sites at the local, national and global levels. It integrates with a wide range of third party systems to become a Physical Security Information Management system, managing not only security and building automation, but also people and business continuity processes such as HR, payroll and Health and Safety.

Integriti Encrypted High Security has all the award-winning features of Integriti with complete end-to-end encryption to 128 bit AES and Mac authentication. It suits defence, Government and other Critical National Infrastructure organisations who need watertight security for counter-terror purposes or other high risk scenarios.

Leave a comment

Filed under Risk Xtra

“UK businesses could spend £1.2 million recovering from a cyber security breach” states new research from NTT Com Security

Most business decision-makers in the UK admit that their organisation will suffer from a cyber security breach at some point. They also anticipate that recovering from a data breach would cost upwards of £1.2 million on average for their organisation. That’s according to the Risk:Value report issued by information security and risk management company NTT Com Security, which surveyed business decision-makers in the UK as well as the US, Germany, France, Sweden, Norway and Switzerland.

While nearly half (48%) of UK business decision-makers say that information security is ‘vital’ to their organisation, and just half agree it’s ‘good practice’, a fifth admit that poor information security is the ‘single greatest risk’ to the business ahead of ‘decreasing profits’ (12%) and ‘competitors taking market share’ (11%) and on a par with ‘lack of employee skills’ (21%).

Well over half (57%) agree that their organisation will suffer a data breach at some point, while a third disagree. One-in-ten state that they simply don’t know if this will be the case.

Respondents estimate that a breach would cost them an average of £1.2 million, even before ‘hidden costs’ like reputational damage and brand erosion are taken into consideration. Again, on average it would take around two months to recover from a breach. Respondents to the comprehensive survey also anticipate a 13% drop in revenue, on average, following a breach episode.

Starting to hit home

The survey shows that recent high-profile data breaches are starting to hit home. A similar report published by NTT Com Security in 2014 revealed that 10% of an organisation’s IT budget was spent on information security compared to 11% this year. However, in the latest report, around a quarter (23%) of UK businesses reveal that more is spent on Human Resources than information security.

In terms of remediation costs following a security breach, nearly a fifth (18%) of a company’s costs would be spent on legal fees, 18% on fines or compliance costs, 17% on compensation to customers and 11% set aside for third party remediation resources. Other anticipated costs include PR and communications (14%) and compensation paid to both suppliers (12%) and employees (11%).

CyberPadlock1

According to the report, the majority of respondents in the UK admit they would suffer both externally and internally if data was stolen, including loss of customer confidence (66%) and damage to reputation (57%) as well as suffering direct financial loss (41%). Over a third of decision-makers (34%) expect to resign (or expect another senior colleague to do so) as a result of a breach.

Stuart Reed, senior director for global product marketing at NTT Com Security, commented: “Attitudes towards the real impact of security breaches have really started to shift. That’s no surprise given the year we have just had. We’ve seen several major brands reeling from the effects of serious data breaches, and struggling to manage the potential damage, not only to their customers’ data, but also to their own reputation. While the majority of people we spoke to expect to suffer a cyber security breach at some point, most fully expect to pay for it as well, whether that’s in terms of third party and other remediation costs, customer confidence, lost business or even, possibly, their jobs.”

Who’s responsibility is it anyway?

*41% of UK organisations have a disaster recovery plan in place, with 40% having a formal security policy in place. In both cases, almost half are in the process of implementing or designing one

*When it comes to responsibility for managing the company’s recovery plan, 15% say the CEO now has responsibility, although this still largely falls to the Chief Risk Officer (CRO), the Chief Information Officer (CIO) or the Chief Security Officer (CSO)

*While 77% agree it’s ‘vital’ their business is insured for security breaches, only 26% have dedicated cyber security insurance. However, 38% of those questioned are in the process of obtaining a policy

*One-in-five respondents in the UK say they don’t know if their organisation has any type of insurance in place to cover for the financial impact of data loss or an information security breach

“It’s encouraging to see that almost all UK businesses now have a disaster recovery and formal information security policy in place, or are at least planning to implement one soon,” added Reed.

“Clear, concise internal processes and policies for employees and contractors have so often been overlooked, and this is what can lead to complacency and poor security hygiene. When we talk to clients, we make it absolutely clear that educating staff about security should be a top priority, supported all the while by clear and simple procedures and backed up by a solid incident response plan.” 

*The Risk:Value Executive Summary report can be downloaded here

Leave a comment

Filed under Risk UK News, Uncategorized

Mitie appoints Lisa Thomas as director of vetting services

Mitie, the FTSE 250 strategic outsourcing company, has appointed Lisa Thomas as its director of vetting services.

The appointment follows Mitie’s acquisition of Procius, a specialist in pre-employment screening and vetting for the aviation and transport industries.

Thomas, who has previously held senior Human Resources (HR) roles within Mitie, will focus on growing Procius within the aviation and general sectors. Thomas will also be responsible for UKCRBs, a Mitie-owned vetting organisation with expertise in Disclosure and Barring Service (DBS) and Disclosure Scotland background checks.

Lisa Thomas: new role at Mitie

Lisa Thomas: new role at Mitie


Speaking about her new role, Thomas commented: “This is a really exciting opportunity for me. I’m looking forward to growing Mitie’s vetting services and bringing a comprehensive employee screening and vetting service to our clients. We already have sector specialism in the aviation sector and I plan to mirror this for all sectors.”

Darren Gamage, managing director of technology services at Mitie Total Security Management, added: “As our employee screening and vetting business grows it’s critical that we have the right person leading the businesses. With Lisa’s strong HR background I know that she will be a great asset. Lisa brings an in-depth understanding of both the HR decision-maker and employee screening to this role.”

Leave a comment

Filed under Risk UK News

Ninth consecutive year of ACS audit improvement recorded by Showsec

Event and venue security solutions specialist Showsec has achieved year-on-year improvement in the Security Industry Authority’s Approved Contractor Scheme ratings for the ninth time in succession. An extensive assessment of all aspects of the company’s operation resulted in the award of a hugely impressive audit score of 132.

Assessing body the National Security Inspectorate (NSI) commended Showsec for its performance across all elements of the business and singled out several examples of good practice. Significantly, the company was successful in undergoing assessment for CCTV and close protection in readiness for the introduction of business licensing in 2015.

Showsec aimed for Improvement Scope in the Approved Contractor Scheme (ACS) assessment process with the prime objective of gaining British Standard accreditation across all aspects of the company’s work.

“This excellent result highlights once again the progress made by the company year-on-year and places us in a strong position should business licensing be implemented,” enthused Showsec’s managing director Mark Harding. “One of the prime objectives of this proposed business regulation for the security industry is to ensure that everyone complies with the British Standards in whatever line of security work they undertake. We now have approval for both CCTV and close protection duties in addition to door supervision and security guarding.”

Harding continued: “The ACS provides a clear benchmark of the standards we achieve in the delivery of our product. We’re constantly striving to raise the bar even higher in terms of the services we offer to our clients and members of the public, and also in relation to being at the forefront of industry-wide progression. Everyone within the company can be extremely proud of this latest achievement. I know this result will provide further encouragement for our staff to work even harder in the pursuit of excellence and continued improvement.”

Showsec provided security management and stewarding solutions for the recent Kasabian gig at Victoria Park in Leicester

Showsec provided security management and stewarding solutions for the recent Kasabian gig at Victoria Park in Leicester

Event stewarding and crowd management

The NSI assessment was conducted by Joanne Fox who visited two venues – in Manchester and Leeds – at which Showsec operate before spending two days at Head Office in Leicester. In her report, Fox asserted: “I cannot believe the number of things the company has done in the last 12 months. It’s a great achievement.”

Among the five examples of good practice highlighted in the report are the introduction of a specific training module for SIA staff to ensure all supervisors have a clear understanding of the necessary requirements when supervising employees and casual workers, as well as the formation of Facebook accounts managed by members of the team at Head Office which enable employees and casual staff to communicate on specific events and activities.

On top of that, the NSI report also draws attention to the fact that Showsec has worked diligently alongside the UK Crowd Management Association to develop a specific qualification for event stewarding and crowd management.

Other examples of good practice include the company conducting a number of Human Resources Forums as a means towards even better communication and the identification of any pressing issues.

Showsec has also introduced e-Briefings for a number of events to provide employees and casual workers with detailed and specialist information ahead of them reporting for duty.

“These are just some of the ways in which we’ve endeavoured to improve our product over the past year,” concluded Harding, “but just as significant is the fact that there were no improvement needs identified in the report. That’s an extremely rare occurrence in this process and reflects the extent to which we’ve gone to make improvements across the board.”

Leave a comment

Filed under Risk UK News

‘Security Integration moves beyond PSIM’ (by John Davies, md, TDSi)

In a guest blog for Risk UK’s readers, John Davies reviews developments that have been taking place beyond the initial hype around Physical Security Information Management (PSIM) and how the integration of physical and information security is now offering benefits in the real world.

A few years ago, PSIM – the acronym for Physical Security Information Management – became a popular ‘buzzphrase’ in both the physical and logical security sectors. In its broadest sense, the term sought to describe the increasing unification between IT security and physical security systems which really became inevitable given the increased adoption of IP services throughout the business world and, indeed, society as a whole.

In the case of physical security, this phenomenon has revolutionised the approach the industry takes to its products and services. Manufacturers, specifiers and installers have had to adapt and evolve to meet the expectations of the market (and, in many cases, the wider public).

However, the security sector as a whole has moved on and the expectation of an IP connection is now simply a basic necessity rather than a defining characteristic.

Full integration between often complex and crucial systems is now the goal of security operators and providers alike. Paradoxically, while the technology is undoubtedly becoming more and more complex, the overall goal is to provide operators and installers with solutions that are actually simpler to use and install.

John Davies: managing director at TDSi

John Davies: managing director at TDSi

Bringing together all of the elements

PSIM has been highly successful in bringing together physical and logical security systems, but the expectations placed on integration have also grown significantly. The security market now demands more joined-up physical security technology.

Common integration components include:
• Access control (physical locks and doors)
• CCTV systems
• Intruder alarms
• Firefighting systems
• Building services controls (including environmental systems and lifts)
• Centralised business systems (and Schools Information Management Systems)
• HR systems

While physical and logical security were traditionally isolated from one another, so too were many of the individual physical security and management applications. The inability of these various facets to work directly together was a frustration when it was clear that the overall management of a facility could be enhanced and made considerably simpler and more efficient by doing so.

Bringing together the various elements has been made achievable by two improvements: the ability of many security and management systems to be connected to a universal Internet connection and the development of systems and software capable of administering and simplifying the operator’s task of running multiple functions from a single portal.

True security integration has only really been made possible with the advent of systems which are highly compatible with one another (often using shared/agreed standardised protocols) and offer the ability to network these previous disparate elements. The second hurdle has been to understand the popular standards and create software systems able to bring the strands together as a whole.

Continuous surveillance and control of facilities

While security systems are traditionally used to combat intruders and protect against attacks or thefts, some organisations actually face a substantial threat from what’s sometimes termed ‘insider theft’. Modern integrated security systems can be used as an effective deterrent against such threats.

Take the example of a busy warehouse. With items being moved in and out on a rapid basis, it can be easy for a worker to remove items (especially small ones) without necessarily being noticed by colleagues or human security operators. In this example, CCTV surveillance may not be enough to detect a problem in standalone mode. However, in combination with an integrated stocktaking system and monitoring of access to the facility it’s much easier to investigate unaccounted losses and to check video footage for the missing items. Equally, it can be a powerful tool to defend the honesty of staff members where there is suspicion or doubt.

Visual verification: monitoring of staff movements

With a truly integrated combination of security and business/building control systems there are fresh opportunities to use these existing investments. A good example is the administration of facilities management resources. Visual verification from CCTV and security software systems can be used to monitor the movements of authorised staff as well as intruders.

A practical application for this could be the intelligent use of environmental temperature control and lighting. An integrated security system can detect the use of designated areas within a facility and intelligently manage the use of resources – and especially outside normal working hours – to reduce any wastage in unoccupied areas.

Equally, this visual verification technology could be used to monitor human and vehicular traffic around a facility and analyse any congestion or influence planning decisions.

Emergency situations and fires

Integrated systems can also play an important role with regards to the safety of people on site. Fire alarms are far from a new technology, but when used in combination with all the other buildings control systems, the combined solution can play a vital role in safety.

In the event of a fire the alarm will probably be the first system to activate. In a modern integrated system this can alert the security team and, if required, automatically escalate the warning to the emergency services.

Proactively, it can automatically restrict access to dangerous parts of the building and consult HR records or check ID restricted access logs to see who has entered and left the facility. This provides a more accurate account for the emergency services and security teams to assess the situation.

CCTV systems can then be used to assess whether people are trapped within the facility and even to investigate dangerous areas and the spread of the emergency without putting lives at risk.

Time and attendance: shift-based business models

For organisations that run strict time-keeping and shift-based business models, security systems can be used to administer accurate time and attendance recording and secure access control records when staff enter or leave a facility as well as enforce security.

It can also measure when staff visit different parts of the facility (for example the WC or food service areas) to ascertain an accurate record of the actual working patterns.

When linked to CCTV and logical access of IT systems, the HR Department or security system operators can see exactly what’s happening.

Using legacy systems and offering the best ROI

Intelligently installed integrated physical security systems can offer an attractive return on investment. First, they allow the ‘mix and match’ purchase of systems to best suit requirements and budgets. Second, they also permit the use of existing legacy systems and the inclusion of components that are either very specific to their role or, from a financial standpoint, would be problematic to replace.

A good example is the use of CCTV cameras where the best solution may be a healthy mix of modern megapixel cameras are other legacy or specific environment systems. In the past, it would have been harder to use different specifications of camera on the same network but integrated systems are specifically designed to cater for this eventuality.

Integrated systems: greater flexibility than ever before

While PSIM has undoubtedly bridged the gap between physical and logical security, the developments that have taken place since have arguably been more helpful to security operators and installers. The connection of physical security to IP-based systems was a vital development in the security industry as a whole, but the synergy between physical systems is bringing the evolution of truly self-aware solutions even closer.

Traditionally, organisations and installers dealt with a complete solution which was mutually exclusive to other solutions and offered little in the way of upgrades and evolution options. Making any changes required serious contemplation and often involved large budgetary commitments that were usually untenable.

The combination of physical security and IP systems has also radically altered the installer market. Installation specialists increasingly have to understand both IT and physical security disciplines in order to offer the best solutions for their clients. The trade-off is that, as an industry, the security sector is able to grow and offer exactly the solutions that customers require.

Those customers now have greater control over their investments and a greater confidence that it’s a wise investment in a wider economic landscape that will help achieve sustained growth.

John Davies is managing director at security solutions specialist TDSi

Leave a comment

Filed under Risk UK News

Two-thirds of UK companies fail to check employee references ahead of start dates

According to new research conducted by HireRight – the leading global due diligence organisation – most UK companies are failing to check references before new employees start in their roles and are struggling to respond to other companies’ reference requests.

The Point of Reference research suggests that two-thirds (66%) of new employees begin work before their reference checks are complete. Two-in-five (39%) of Human Resources (HR) function leaders believe this is normal practice within their industry.

However, such checks are absolutely vital. The HireRight study reveals that more than half (58%) of successful applications contain errors*. In tandem, one third (36%) of HR leaders admit they need a clearer way of identifying job candidates with malicious intent.

Steve Girdler, managing director (EMEA) at HireRight, explained: “References reveal important details about an individual’s history and help employers ensure they can trust the people they allow to work with their customers, clients and colleagues. By failing to carry out due diligence before people start work, companies risk hiring individuals unable to fulfil the duties of their respective roles, who may commit fraud or theft or even damage customer relationships.”

Steve Girdler: managing director (EMEA) at HireRight

Steve Girdler: managing director (EMEA) at HireRight

Girdler added: “A great deal of damage can be done between the moment an employee starts at a new company and when referencing requests are completed.”

‘Administrative burden’ on HR Departments

HireRight’s Point of Reference research results are based on the perspectives of senior HR leaders in some of the UK’s biggest companies. The results also highlight that reference checking is an administrative burden on many HR Departments at a time when they’re already struggling to find enough hours in the day for important strategic work.

One third (31%) of HR Departments are ‘bogged down’ with responding to queries about references. In a quarter (27%) of cases, employees have complained to their managers about the amount of time they spend working on such requests.

Many HR Departments simply don’t have the spare capacity when one third (34%) of their time is spent on administrative tasks. HR leaders themselves estimate they spend an average of two hours and 12 minutes every day on what might be described as ‘low value’ work.

This latest Point of Reference research is based on detailed interviews with 140 senior HR leaders in both regulated and non-regulated UK companies boasting more than 5,000 employees.

*The inaccuracies figure quoted is based on the analysis of data from candidate due diligence programmes, with this quarter’s findings focused on 121,000 checks of almost 34,000 applications between July and September 2014

Leave a comment

Filed under Risk UK News