Lessons in Security Wizardry: What We Can Learn From Banks

Who knows security better than anyone else? Banks, of course!

A bank is like any other business, except it has fat stacks of cash on premise that’s attractive to many unsavory characters. Small business can learn lots from a banks security position.

The first lesson here is that there’s no such thing as 100 percent security. I’m sure you remember some kook gained entrance into the White House (though it’s not a far leap to believe that a 12-foot-high barbed wire fence would have stopped the man). But even Fort Knox isn’t 100 percent secure.

So while 100 percent security is probably the pot of gold at the end of the rainbow, we can at least shoot for 95 percent—indefinitely. The best security involves multiple layers. The more layers, the more difficult it will be for a criminal to gain entry.

Some people see security as more illusion than reality. This is part true in that some forms of security are designed to create a sense of protection rather than real protection—kind of like the big bark of a dog that can’t bite well. But a big bark sometimes can deter criminal activity. But not always.

Banks are masters at illusory security and reality security. Robbers are always going after banks, but at the same time, banks don’t make their layers of security very obvious to patrons whom they want to make feel comfortable. The ABA Journal reports a decline in the past few years, At least 6,000 bank robberies were reported from 1987 to 2006, but the number declined to 5,000 or fewer robberies for five out of the next six years, the Press-Enterprise reports.

Related Article: Is Your Small Business Vulnerable to Security Threats?

What Can Banks Teach Us About Security?

Ever notice the giant windows of banks? This is to allow anyone passing by outside—including law enforcement on lunch breaks—to be able to see what’s going on inside, such as a robbery in progress. Ideally, employees are trained in how to respond to a robbery.

Banks are equipped with an alarm system, door locks, glass-break sensors, motion sensors and panic buttons. Additionally they have cameras, armed guards and bulletproof glass. Though many banks use GPS technology and dye packs to locate stolen cash, these devices come after the fact, rather than prevent the actual robbery or stop it in progress.

Whoever heard of a bank without a safe? And a vault to contain it in? The safe is also fireproof.

How does this apply to your brick and mortar?

Windows: Are they secure? Do your windows facilitate a passerby seeing a robbery or are their displays preventing observation? Can they be easily smashed through or is their shatterproof film? Are their bars or rolling shutters to prevent break-ins at night?

Robberies: Do you or your employees know what to do in the event of a holdup? Have you had any effective training? Would they give up the money or fight for it? Not knowing your options could be deadly.

Alarms: What do you have in place? Is your system old and outdated or new and advanced? Today’s alarm technology has the ability to be remotely monitored with the capability of a live security officer auditing 2-way audio while viewing a robbery in process and alerting the police.

Safes: Do you even have one? Do employees have access to the cash? Are their timed cash drops that relieve the employee from having too much money on hand?

Related Article: Cloud Security: How to Protect Your Business from Data Leaks

Computer Security

If your information security technology isn’t up to speed then it’s just a matter of time until your business is targeted. I recently presented a program to a group of small business operators on information security technology and heard more than a few stories of how small businesses are being targeted.

One proprietor told me his small business was hacked due to an employee more than likely clicking a link in the body of an email which installed a virus. Over the course of a long weekend, 75k was moved from his bank account to an account overseas. When they got back to business on Tuesday is when they saw the money missing.

The bank was able to recover only 5K. After speaking to the bank and his lawyers, he came to the conclusion that it would cost almost 50k in lawyers fees to fight the back to recover the lost funds. He elected to suck it up and lost 70 grand.

It’s hard to imagine that a bank’s network would not have firewalls and all the anti’s: phishing, spyware, virus, etc. Banks have systems that monitor who accesses data and can even detect possible ID theft.

Patrons must use multifactor authentication to get into their accounts; a password and username are not enough. In general, multifactor authentication requires the user to input in addition to a password and username, answers to security questions. Plus, the use of a token, card or even fingerprint or facial recognition may be required. Another aspect of multifactor authentication may be the requirement of a four-digit code from a credit card. The customer may need to use two passwords, even.

Some banks add to the authentication with a key fob that provides a one-time password, while others may want the customer to respond to a text message in order for a transaction to go through. There are all sorts of ways that a bank can add onto the multiples of multifactor authentication.

Related Article: How Much Should You Spend on Small Business Security Systems?

FBI Crime Statistic About Businesses

Evaluate Your Current Security System

So if you’re a business owner, take some lessons from the banking industry. Businesses with an alarm systems are 4.5 times less likely to be burglarized than the ones without an electronic security system. Is your security system laden with layers? Is it shallow? How many layers can you pad it up with?

What Next?

Recent Articles

Leave a Reply

You must be Logged in to post comment.