FSO Jobs: Security Through Walking Around


Published on

Facility Security Officers walking around is a growing practice that forces FSOs out of their offices and onto the floors where defense contract work takes place. A good resource for FSOʼs use in establishing milestones is the organizationʼs Security Protection Plan (SPP) or the Self Inspection Handbook for NISP Contractors available on the Defense Security Services Website.

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

FSO Jobs: Security Through Walking Around

  1. 1. FSO SeriesA CL E A R A NCE JOB S SPECI A L R EP OR TSecurity Through “Walking Around”by Jeffrey W. Bennett, Industrial Security Professional (ISP), for ClearanceJobs.comSecurity through walking around is a growing direct your purpose, attention and provides real time answers to questions about the security programʼs health.practice that forces leaders out of their officesand onto the floors where work takes place. In The plan should allow opportunities for the FSO toa defense contractor, the FSO leaves their office enforce the organizationʼs security message as well as getting to know the names and characteristics ofand becomes engaged in relationship building employees, team members and executives. It also allowsactivities that help increase the protection of FSOs to get a face out there, thus creating a sense of accessibility for the very people FSOs depend on toclassified information. support the security program.Perhaps you have already used this term or have at least FSOs should begin with a prioritized list of milestones.heard others refer to it on occasion. There are several This list could reveal a security programʼs effectivenessarticles concerning the subject and a growing number in matters of personnel, physical, IT, privacy, proprietaryof FSOs are becoming fans of the idea. For those new to and, if applicable, classified information security. FSOsthe term, it means turning off the computer and showing should understand the policies in effect and level ofyour smiling face. An FSO who spends most of their work security success. They should be familiar regulationsday processing information at a computer do not get the and requirements and how they affects the companyʼsfull security picture. If their security policy is only a game business and team members. If FSOs answer a questionof “gotcha” or simply conducting preliminary inquiries with a “best guess” or rattle off a party line, you can loseinto security violations then the organization gets a small credibility and cause others to doubt your abilities.glimpse of value added. These milestones should mark success or failureThe Plan indicating the security programʼs effectiveness. A good resource for FSOʼs use in establishing milestones is theThe FSO primarily implements and directs a security organizationʼs Security Protection Plan (SPP) or the Selfprogram to protect classified information. Part of Inspection Handbook for NISP Contractors available onthat program involves collecting data, observing the Defense Security Services Website. Both resourcesand improving employee activity and identifying and describe expectations, and the walk through can be themitigating risks to classified efforts. Security through verification. For example, suppose the SPP directs thatwalking around provides a larger return on investment security containers may be left open when a designatedbecause it requires no additional security costs. It is notdifficult to implement but the practice does require aplan. Without plan, FSOs risk effectiveness by just millingabout engaging in needless conversation and wastingeveryoneʼs time. A purpose will keep the FSO focused aswell as prevent the temptations to have conversationsand activities that can cause loss of credibility. The plandoesnʼt have to be complicated or lengthy. It just helps
  2. 2. employee is available to observe it. The FSO is conducting manager gain ground in selling their security programthe walk through and observes a cleared employee and meeting company needs. However, the FSO shouldlocking all of the security containers. The FSO greets the plan each session in advance to prevent wasting valuableemployee warmly. The employee says that he is unable time and the loss of credibility. After the event, the FSOto stick around, but is almost late for a meeting. The FSO should write up findings, recommendations and Kudos.can now validate that the procedures are being enforced. The FSO is a manager and they represent the corporation and senior management. In this role, FSOs should keep conversations professional and avoid the temptation toFeedback get into personal conversations that violate companyWhile preparing for the walk, FSOs should anticipate policy or privacy and HIPAA compliance. ★ ★ ★both good and bad feedback. There will be some whopraise security efforts and there will definitely be thosewho criticize or question security motives. Some criticism Jeffrey W. Bennett, ISP, is a former Army officer, FSO and ismay be the result of an FSO personally implementing an accomplished writer of security books and periodicals.a security plan such as limiting access to formerly His books include ISP Certification-The Industrial Securityfreely accessible areas. These objections are perfect Professional Exam Manual. He is the owner of Red Bikeopportunities for FSOs to explain the need for a change in Publishing (www.redbikepublishing.com).security posture. For example if access has been limited,the FSO can discuss how door magnets deny unwantedand unauthorized visitors and how they reduce energyspending by $12,000 annually. Others employees may notunderstand having to comply with federal regulations.This is also a great time for FSOs to NOT quoteregulations, but demonstrate how regulations impact thecompany and the benefits of compliance. If any questionarises that an FSOʼs research did not prepare them for,they should be candid. “I donʼt know, but Iʼll get back withyou,” is a perfect response. The FSO should be sure tofollow through and get back with the person. Likewise, ifanyone requests action that the FSO can implement, theyshould do so in a timely manner.FSOs should offer praise and kudos to those deserving.These acknowledgements should be offered publicallyand immediately. On the other hand, FSOs should avoidcriticism or wry comments directed toward or about anemployee who is critical, has committed violations, orjust doesnʼt understand security. FSOs should definitelystay away from getting into personal conversations,discussing cleared employee self-admittals, or violatingprivacy or Health Insurance Portability and AccountabilityAct (HIPAA) violations. These are better left for private,official occasions.Measuring SuccessSecurity through walking around provides the FSO anexcellent tool to measure the success of a securityprogram. Asking open ended questions and developingrapport with company team members will help a security4101 NW Urbandale Drive • Urbandale, Iowa 50322 • 1.877.386.3323 • www.clearancejobs.com