1. Running head: FINAL PROJECT PROPOSAL 1
Project Proposal- Week 8 Final Project Proposal
John Intindolo
ISSC368: IT Security- Physical and Peripheral Defense
August 30th, 2015
Professor Carlo Tannoury
American Military University
2. FINAL PROJECT PROPOSAL 2
Project Proposal- Week 8 Final Project Proposal
Over the last eight weeks, as the new protection officer I have gone over the different
measures that are necessary in order for ESL Inc. to become a more secure environment. In this
final proposal I will summarize and go over then entire proposal. The first areas that I will
discuss will relate to increase communications and creating a more adequate security staff and
shifts. From there I will discuss the plan for physical security and access control policies, and
then lastly how to handle workplace crime and violence mitigation.
Communication is vital to the success of any plan. No matter what security measures are
put into place, without proper communication they will fail. Increased communication will begin
immediately through email updates to all employees regarding company policies and procedures
as well as any changes being made. Furthermore, a weekly meeting with all security personnel
will occur to address any comments or concerns on how to improve security. Additionally, there
will be monthly security awareness meetings for security personnel to keep up with the latest
threats and suspicious behavior to keep an eye out for.
Security personnel will be beefed up as well. During normal business hours of 8 AM to 6
PM, three security guards will work, where one will be posted at each guard shack. An intercom
system will be used at the front and rear gates during off peak hours that allows the front desk
security guard to buzz a person in. Three more security guards will be working the second shift
from 4 PM to 12 AM, followed by a third shift crew of three guards that work from 12 AM to 8
AM. During the overlap 4 PM to 6 PM, the second shift guards will walk the hallways. During
second and third shift there will be a guard at the front desk, and the other two guards will walk
the hallways.
3. FINAL PROJECT PROPOSAL 3
Physical security measures that will take place starts with securing the entire premises.
Gates will be installed at the front and rear of the building and fences will be surrounding the
entire building. A guard shack will be posted at the front and rear of the building where gates are
installed. Next will be a security plan that will identify the company’s assets. These assets can
range anywhere from buildings or vehicles to off equipment or cash. At this point is where all
threats to company assets are determined. This could be in the form of natural disaster, a person
from inside the company, or someone from outside of the organization. A risk assessment will
determine which countermeasures to use, by deciding what assets are at the biggest risk of an
attack. Each asset will be given a likelihood assessment (not likely, likely, highly likely, or
certain) and a value number of importance (1 is low, 2 is medium, 3 is high, 4 most important) to
the company.
Once the risk assessment is complete then countermeasures can be put into place. A layered
security approach is the best method to use, because if one line of defense fails then another will
keep an asset from being damaged or attacked. Gates and fences surrounding the entire building
will be the first line of defense. The second line of defense which is the exterior of the building
will have security cameras and intrusion detection devices placed around the building on all
doors, skylights, and windows. The third line of defense are interior controls. The controls
should include the following: Intrusion detection devices at all exit doors as well as important
rooms such as the data center and document storage room. Some access controls that should be
used for these rooms is a biometric keypad that requires not only an authorized card to be
swiped, but also the employees fingerprint in order for the door to unlock. This way only
authorized personnel will have access to confidential data. Furthermore, all pertinent documents
should be locked in storage cabinets that are located in a fire protected room. Extremely
4. FINAL PROJECT PROPOSAL 4
confidential documents will be located in a safe within a vault, and there will be a motion
detection system in that room as well. This room will also require the use of biometrics. A card
access system along with a retina scanner will be used for this door in order to better secure the
confidential company data.
Workplace violence can be a minor issue, but can also start at a low level and escalate to
something much more serious. Some lower level damage as a result of workplace violence is an
employee refusing to listen with their supervisor or arguing with coworkers. This could escalate
to something more serious such as verbal threats to coworkers or management, and could worsen
to the point of physical attacks and assaults (IFPO, 2010, pp. 287-288). In order to mitigate this
type of activity there will be a zero tolerance policy on this type of behavior that is explained and
signed off on by each employee. This will perhaps deter some from acting on their aggression for
fear of losing their job or worse. Having a prevention plan in place will also be a must and will
include the following: monthly meetings on workplace violence prevention, an open
communication policy to anonymously report any incidents or concerns, and explaining
company policies, procedures, and plan in monthly meetings or as needed.
Workplace crime is a common occurrence that unfortunately occurs due to dishonest
employees. The thing to keep in mind with this issue and the best way to look at it from a
security aspect is that the less opportunity that is given to employees to steal, the less it will
occur. So how can this type of dishonest behavior be prevented? One such way is deterrence.
The punishment for an employee getting caught stealing should be severe so that they themselves
learn their lesson, and also to keep someone else who had thoughts of stealing from acting on
their feelings (IFPO, 2010, p. 256). Another way to prevent items from being stolen is through
the use of access control methods that were explained in the last proposal. Knowing that there
5. FINAL PROJECT PROPOSAL 5
are security cameras, motion and intrusion detection devices in place will keep people from
acting on wanting to steal something for fear of being caught.
By following the steps outlined throughout this proposal ESL Inc. will have no fear of
losing the lucrative federal contract they were awarded, and they can rest assured that the
company’s assets are secure and well protected.
6. FINAL PROJECT PROPOSAL 6
References
IFPO (2010). The Professional Protection Officer: Practical Security Strategies and Emerging Trends.
Retrieved from http://www.eblib.com