Security Plan: Case study Grumheed Corporation
Grumheed Corporation is of the largest corporation in the United States with its facilities in the Dallas/Forth Worth Facility that manufactures modern military equipment. The organization has also opened satellite campuses in Seattle and St. Louis to manufacture F35 advanced fighter state-of-the-art military equipment. Due to the sensitivity of the newly established facility and the whole organization has taken robust security measures such physical, technical and administrative (Inter-agency security committee 2013). Physical security is a common form of security used in organizations to protect company’s assets, personnel, information and other important components of a company. Notably, physical security is a major kind of security and is generally reinforces other types of security such as technical and administrative. Examples of physical security include gates, security guards and gates. Physical security usually is reinforced by other forms of security such as security cameras. Grumheed physical security help to restrict movement into the facility, for instance, a gate is manned by a security guard who frisks and allows only authorized persons to access the facility. For easier identification of staff members, the corporation has issued staff with identification badges (Johnson 1982). The corporate also has heavy doors that are biometrically accessed by the staff of the different departments, this is high-level physical-cum-technical security that only ensures unauthorized people do not access the facility but also staff do not trespass into other departments that they do not belong to.
Since terrorist attacks mostly use a high level of technology to conquer their targets, Grumheed has invested in technology combat any security risk (US Homeland Security Bill 2002). For example, installation of high tech alarm systems and closed circuit television system (CCTV) for surveillance of the facility. Furthermore, the system has high controls that cannot be easily manipulated as they comprise a multi-layer security (Wood, 1986). In addition, both the security personnel and staff are highly trained to utilize the facility’s system effectively (Levinson & Bowers, 1977). Access control devices and automated doors are also used.
Security lighting at Grumheed facilities also plays a significant role in deterring attackers from theft and vandalism. Lighting is not only used for psychological deterrence but also in perimeter walls which are consistent watch. Lighting system augments the central alarm system to detect and scare intruders (“DOJ installs new ADR policy; other agencies plan them”, 1995). The security lighting system in the facility has less intensity compared to working light except in places such identification and inspection areas and emergencies. The system of lighting guarantees security team to monitor activities from strategic points without being noticed. Notably, as much as security lighting in Grumheed provides adequate deterrence to unauthorized access, the Corporation does not rely only on lighting but has other measures such as security personnel who conduct patrols, alarms and fences (“New organization to alleviate vulnerability slip-ups”, 2002).
The corporation has a high level of communication capability to ensure effective and smooth transactions in the satellite campuses and main campus without breach of information/data. For example, all data transmitted in the system is encrypted, a precaution that in case the message is accessed by an unauthorized person, and the message cannot be read (“Data protection-data security-privacy”, 1984). Furthermore, there are structured means of communication top-down and bottom-up of the corporation.
Generally, Grumheed Corporation has a well-organized structured with the security policy to prevent vulnerability to attack (Chenoweth, 2005). For example, the organization has an elaborate process of selection and hiring of employees and after which they are oriented to the system, this is from a realization that employee either deliberately or due to not knowing exposes the corporation to risks of being attacked (Ludwig & Frazier, 2012). The organization has a competent IT team who has installed top-notch software with firewalls to prevent malicious cyber activities in the system (Snell 1994).
Chenoweth, J. (2005). Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management. Journal Of Information Privacy And Security, 1(1), 43-44. doi: 10.1080/15536548.2005.10855762
Data protection-data security-privacy. (1984). Computers & Security, 3(1), 57-58. doi: 10.1016/0167-4048(84)90031-2
DOJ installs new ADR policy; other agencies plan them. (1995). Alternatives To The High Cost Of Litigation, 13(6), 74-74. http://dx.doi.org/10.1002/alt.3810130603
Inter-agency security committee (2013): The risk management process for federal facilities: Interagency security committee standard 1st Edition. Homeland security. USA
Johnson, E. (1982). Risk Assessment in an Administrative Agency. The American Statistician, 36(3b), 232-239. http://dx.doi.org/10.1080/00031305.1982.10482844
Levinson, H., & Bowers, D. (1977). Systems of Organization: Management of the Human Resource. Administrative Science Quarterly, 22(2), 362. doi: 10.2307/2391968
Ludwig, T., & Frazier, C. (2012). Employee Engagement and Organizational Behavior Management. Journal Of Organizational Behavior Management, 32(1), 75-82. doi: 10.1080/01608061.2011.619439
New organization to alleviate vulnerability slip-ups. (2002). Network Security, 2002(10), 4. doi: 10.1016/s1353-4858(02)10005-5
Snell, M. (1994). Protecting the internal network. Network Security, 1994(7), 2. http://dx.doi.org/10.1016/1353-4858(94)90002-7
US Homeland Security Bill. (2002). Network Security, 2002(8), 3. http://dx.doi.org/10.1016/s1353-4858(02)08004-2
Wood, C. (1986). Administrative controls for password-based computer access control systems. Computer Fraud & Security Bulletin, 8(3), 5-13. http://dx.doi.org/10.1016/0142-0496(86)90043-3