Security advice

Share

Share this page with the external widget:

  • Delicious
  • Digg
  • Reddit
  • StumbleUpon
  • Email

Personnel security

Personnel security measures help organisations manage the risk of staff or contractors exploiting their legitimate access to their premises, information and staff for unauthorised purposes.

Although many organisations regard personnel security as an issue resolved during the recruitment process, it is a discipline that needs to be maintained throughout a member of staff’s time in employment: through appraisal procedures, communication programmes, incentive schemes and even management attitudes and relationships. It should include a formal process for managing staff leaving the business.

When consistently applied, personnel security measures not only reduce operational vulnerabilities, they can also help build a hugely beneficial security culture at every level of an organisation.

Communicating personnel security messages

CPNI has made six short animated films to promote interest in personnel security.

Communicating personnel security messages

Contract staff

Organisations often have contractors and agency staff working on site. They may have the same access to premises, systems, material and information as permanent staff but may not have been checked to the same level.

Contract staff

Disclosure of employee-related information

Guidance for employers on how to manage employee-related information disclosed to them by the security authorities.

Disclosure of employee-related information

Guard force motivation

A critical component of any security system is the security staff, specifically guard forces, such as those who undertake patrols, guard entrance points, and carry out security screening. Motivated, attentive and observant staff in these roles can form a highly-effective deterrent presence and final line of defence where other interventions (e.g. electronic security access) have failed. Conversely, demotivated staff who do not perform their role effectively can be a single point of failure within a security system.

Guard force motivation

HoMER

Holistic Management of Employee Risk (HoMER) is new guidance to help you manage the risk of employees’ behaviour damaging your business.

HoMER

Insider threats

Some attacks, whether from criminals, terrorists or competitors seeking a business advantage, may rely upon the co-operation of an insider. This could be an employee or any contract or agency staff (e.g. cleaner, caterer, security guard) who has authorised access to your premises.

Insider threats

Ongoing personnel security

Ongoing personnel security is the protection of an organisation’s assets from unauthorised use by employees, and the identification and management of employees who may pose a security risk.

Ongoing personnel security

Online social networking

Online social networking (OSN) and microblogging are hugely popular and offer significant business benefits to organisations. However, their use poses risks both to the data on the IT system used to access the sites, and to the users of the sites and the organisations they work for.

Online social networking

Overseas criminal record checks

Employers are increasingly faced with the challenges of undertaking pre-employment checks on overseas applicants and those who have lived and worked outside the UK.

Overseas criminal record checks

Personnel security risk assessment

CPNI has launched the 4th edition of Personnel Security Risk Assessment: A Guide. This new edition contains worked examples and is a succinct step-by-step guide to carrying out a personnel security risk assessment.

Personnel security risk assessment

Personnel security in offshore locations

CPNI's guidance covers a range of personnel security issues which may be found in an offshore business location, including cultural issues, managing recruitment, ongoing security measures and the use of investigative techniques.

Personnel security in offshore locations

Personnel security measures

'Insiders' is the term used to refer to contractors or staff who try to use their legitimate access to your organisation's assets for unauthorised purposes.

Personnel security measures

Pre-employment screening

In the course of pre-employment checks a number of factors may, individually or in combination, raise concerns about the integrity or reliability of the applicant.

Pre-employment screening

Remote working

Remote working, whether it is working from home, on the move or in clients’ or satellite offices, is become ever more commonplace, growing to an estimated 20 per cent of the working population (over 6.5 million people) in 2012.

Remote working

Security culture

Developing a security culture within an organisation is about encouraging staff to respect common values and standards towards security whether they are inside or outside the workplace.

Security culture

Social engineering: Understanding the threat

As individuals and organisations improve their physical and electronic defences, those wishing to gain access to premises or acquire sensitive information may attempt to exploit people within the organisation who already have legitimate access. Social engineering is the process whereby a third party can gain that information or access.

Social engineering: Understanding the threat

Share

Share this page with the external widget:

  • Delicious
  • Digg
  • Reddit
  • StumbleUpon
  • Email