Research Paper: Security Overview Businesses Today

Pages: 13 (3366 words)  ·  Style: Turabian  ·  Bibliography Sources: 5  ·  Level: Master's  ·  Topic: Business  ·  Buy This Paper

Security Overview

Businesses today are faced with a range of security challenges unlike any of those that their predecessors have ever faced. Among these different challenges are the physical protection of the building and the protection of data and intellectual property. This may sound like a relatively easy mission; however, each of these two types of security has a number of different elements to it, and the interplay of these elements can make the process of keeping a company or organization secure.

For example, in terms of keeping a building physically safe, a security plan must cover the physical building itself, any equipment or supplies inside the building secure, and the staff and any visitors to the building must also be kept safe. (Moreover, the staff and visitors must feel that they are being kept safe, which appearance can be even more difficult than actually keeping individuals safe.)

In terms of keeping data safe, a security system must include everything from appropriate encryption policies, password protocols, and staff training on what information must remain within the confines of the business. This last provision must also include instructions on which members of the staff have access to what information.

The following security assessment and design has been designed for RAI, which is a for-profit kidney dialysis chain. The chain is currently expanding from three offices to eight sites (a process that should take about 18 months). As a part of this expansion, the company CEO has asked for a complete overview of its security procedures.

This review is based on the following definition of providing security, which includes serious consideration of the nuts and bolts of security while also focusing on the too-often-neglected factors of organizational structure. This definition of security can be phrased as the "intentional actions whose purpose is to provide guarantees of safety to subjects, both in the present and in the future" (Johnston & Shearing, 2003, p.15).

Current Security Design

The current security design for the firm is adequate in some area; however, other areas are not well covered and there is a lack of an overall design or integration of the various security systems. The dialysis sites are open 24 hours a day, which has prompted the company to hire guards to escort individuals from the adjacent parking lot to wherever in the building that they are to go.

The primary reasons for such a guard is that visitors to the sites are often physically frail. The clients are also frequently in possession of pain medication, which makes them easy targets for physical attack. The building itself has guards in it to protect the staff, who also have access to a range of medications. There have been a number of thefts of medication from one of the sites, although these have stopped in the last six months. The thefts were almost certainly committed by staff members, reflecting the fact that crime by employees (especially in terms of theft) is one of the costliest forms of crimes for all businesses. The thefts stopped despite the fact that there was no change in personnel. There were a number of bulletins delivered about the thefts and two company-wide workshops were presented.

The building also has an electronic alarm system. More important than this system, however, is the system through which patient records are secured. The current system is much too loosely controlled to meet HIPPA requirements for medical record keeping. This lack of a comprehensive level of integration of records is costly in terms of labor hours and client satisfaction, and may subject the company to audits and consequent sanction.

The lack of computer security procedures has lost the company a significant number of clients because they have become infuriated over the exposure of their medical information. There is no systematic attempt to limit exposure to information appropriate to each category of staff, so that clerical staff have the same access to information as do medical staff because most information is not properly password protected.

Another very important issue is that there is not sufficiently comprehensive screening of the staff before they are hired. This has to be instigated immediately as the first line of defense to keep both the physical building and equipment (including the medications) and staff and patients secure. This lack of screening is not so problematic in terms of allowing individuals with violent criminal pasts to be employed because a basic criminal background check is conducted.

However, what is not conducted is any personality assessment of how well the individual will fit into the organizational structure and indeed how much power any individual will have to shift that culture in a more profitable, more ethical direction. Matz (2010) writes succinctly about this issue, beginning with a definition of the concept of the culture of an organization, borrowing concepts from anthropology and social psychology directly rather than the versions of these ideas as they appear when filtered through the literature of business administration. "Organisational culture is a general concept, which is difficult to explain precisely & #8230; however, the concept generally describes the social dimension of an organisation."

He goes on to describe it in much greater detail:

The social dimension within a given organisation is characterized by the social behavioural patterns of the individuals populating the organisation. Staff dishonesty and workplace violence are essential elements of the behavioural patterns within the organisation, which demand the attention of security structures. In recent years theoretical concepts encompassing staff dishonesty and workplace violence have advanced to the forefront of academic interest. (Matz, 2010)

Matz is much more interested in using his understanding and modeling of social organizational to explore what can and does go wrong inside of companies, which is sensible given that he is examining security concerns:

The extensive body of empirical findings related to these particular manifestations of organisational cultural behaviour is of paramount importance in explaining organisational social behaviour. I will primarily utilize studies of staff dishonesty and workplace violence as the conceptual framework in a discussion of the cultural influences determining the nature of security structures within organisations. (Matz, 2010)

However, it should be noted that analyses of organizational structure that focus on the strong parts of that culture are also useful, and in fact can be useful in terms of improving security. As in many areas of human behavior, improving security systems combines both sticks and carrots.

Finally, a key problem in RAI's security system is that the physical security system is outsourced while the computer system is overseen by staff members. This fracturing of the security system has had the effect of minimizing the importance of the other aspect of the security system because each set of personnel feels no responsibility for the other part of keeping the organization safe.

Security Mission

One of the key problems in terms of the integration of the different aspects of the security system is that the company that runs the dialysis centers is not primarily in the healthcare business. The overall function of the company has been one of transportation, focusing on short-haul trucking. After about twenty years of focusing on trucking, the CEO at the time decided to increase the diversity of the company's business.

The company is privately held, so the CEO has definitive power to make any changes in policy that he wishes. (the current CEO is the son of the founding CEO.) the company had already begun specializing in more "difficult" forms of transportation, including transportation of medical supplies that require careful shipping methods, such as being maintained at a certain temperature for long periods of time.

With its experience with medical supply transportation, the CEO decided to buy RAI, the for-profit dialysis company. The company has expanded since this parent company has acquired RAI and the CEO is considering reducing the percentage of the company's resources that are dedicated to the trucking portion of its business and increasing the percentage of its resources that are dedicated to its dialysis centers.

The motivation for this possible shift of resources is the assessment by the CEO that dialysis is, sadly, a growing business. Short-term trucking has become increasingly less profitable and will probably become increasingly less so as fuel prices climb and regulations increase to mitigate the effects of internal combustion engines in climate change.

These specific aspects of the mission (both in terms of security questions as well as in terms of an overall business strategy) obtain for RAI. However, there are also more general concerns about security that all companies with complex operations face today. The following summarizes these concerns for any company attempting to create and maintain a comprehensive, integrated security system:

A good security policy takes into consideration the mission of the organization, the critical assets requiring protection, the threats posed and the mitigating risks against known vulnerabilities. These are all parts of a risk assessment that includes a business-impact analysis, which identifies the weaknesses, the critical assets and the effect on the company if a vulnerability were… [END OF PREVIEW]

Security Policy Term Paper


Security - Agip Kazakhstan North Caspian Operating Term Paper


Security Components of a Retail Sporting Goods Store Research Paper


Internet Business Plan Business Plan


Business Plan for Slow Wing Aircraft Research Proposal


View 682 other related papers  >>

Cite This Research Paper:

APA Format

Security Overview Businesses Today.  (2012, May 7).  Retrieved September 18, 2019, from https://www.essaytown.com/subjects/paper/security-overview-businesses-today/185593

MLA Format

"Security Overview Businesses Today."  7 May 2012.  Web.  18 September 2019. <https://www.essaytown.com/subjects/paper/security-overview-businesses-today/185593>.

Chicago Format

"Security Overview Businesses Today."  Essaytown.com.  May 7, 2012.  Accessed September 18, 2019.
https://www.essaytown.com/subjects/paper/security-overview-businesses-today/185593.