All public properties are faced with a diverse and complicated set of safety and security risks, from health and safety to violence, terrorism, natural disasters, fires, political and environmental. Reducing safety and security risks requires the hands-on support of all operating teams, not just the security team, each playing their part in the pursuit of providing a safe and secure environment for all customers and staff.

The challenge is twofold, one many still rely on antiquated logbooks, checklists, and manuals to manage the broad spectrum of safety and security risks. And two, the resources we rely on to complete the tasks necessary to improve safety are generally junior, inexperienced, and not particularly loyal to the business. Continuing to rely on these outdated and complicated management practices is risky and could be very costly. It leaves organisations exposed to safety and security related incidents, it is unreliable, reactive, resource intensive, and easily debatable.

Complex risks

To complicate matters, as safety and security risks continue to grow more complex, the corresponding operating costs are also on the rise. Regulatory fines, commercial insurance premiums and lawsuits are increasing year over year, making non-compliance with safety regulations a risk no one can afford. Not only is business continuity a concern, but when something goes wrong, the negative impact on the brand/reputation and resulting legal liabilities and regulatory fines will cost dearly.

We envision a world where physical safety is managed with the same commitment as digital and financial security

At Zendelity, we envision a world where physical safety is managed with the same commitment as digital and financial security; where all safety and security risks are managed with the same level of due diligence and accountability.

A day in the life

To understand just how much risk these outdated management practices are exposing operations to and how complicated managing safety and security has become, we will look at just a single weave in the web of corporate safety and security.

It’s a simple, yet common safety risk, one that every operation is faced with, the ‘slip and fall’ accident.  It’s the perfect example of a safety risk that no operation is immune to, it touches multiple departmental silos and when it happens you can be sure the executive management team will know all about it. Consider this for a moment, according to the Ontario Workplace Safety & Prevention Services (WSPS), 80 workers are injured every day because of a fall - that's one every 20 minutes and the cost to the organisation is approximately $59,000 per injury.

Now consider this, in Ottawa, Canada, on average it snows 63 days a year. Each time it snows, all public entrance ways will need to be shoveled and salted a minimum of twice per snow fall, halfway through and at the end. In the case, of an elementary school, hotel, hospital, apartment complex or commercial building, that has 9 entrance ways leading to the great outdoors that will translate to a minimum of 1132 net new tasks that must be completed per year on top of all the other daily safety requirements. Now ask yourself this, how often do you suppose one of those entrance ways are missed?  At an average cost of $60K for a slip and fall accident, I’m not sure I would want to play the odds.

The challenge is not the job, that is simple enough, the challenge is making sure it gets done in the first place. While responsibilities are listed in safety manuals, requirements change based on the amount of snow or weather conditions making it hard for staff to remember the rules. Communicating requirements to staff is often done with paper-based checklists that are being updated, reprinted, and manually distributed. To measure and manage compliance, completed checklists are collected, and results manually compiled.  Inspections are invested in, to identify potential procedural errors, and catch negligence before someone gets hurt. Access to the data necessary to verify work and understand how the team is actually performing is time-consuming to consolidate, outdated and nearly impossible to verify.

The stakes are getting higher

The focus and priority of safety and security have been growing year over year

While COVID has recently put the spotlight on safety procedures and the risk of a slip and fall is a simple example of the daily safety risks companies face, the focus and priority of safety and security have been growing year over year. Today more than ever before our physical safety and security is at increased risk, the threat of natural disasters, terrorism, violence or political actions has never before been at this level. Today people are equally as concerned for their physical safety as their financial and personal information.

On top of the fear uncertainty and doubt in the minds of customers and staff, all businesses are facing an increase in operating costs, related to safety and security, according to:

  • The Insurance Journal, commercial property insurance is expected to increase by an average of 20% in 2020, in one part due to the extreme catastrophic weather and wildfires since 2017 which have had a direct impact on pricing.
  • A survey by U.S.-based Marsh LLC found that rates for directors and officers liability insurance rose more than 100% in the UK in Q2 as insurers fear that the pandemic will lead to hefty litigation claims.
  • Occupational Safety and Health Association, for a willful violation, in which an employer knowingly failed to comply with an OSHA standard or demonstrated a plain indifference for employee safety, the maximum penalty has increase to $134,937/violation in 2020.
  • The National Safety Council, the average cost of a workplace fatality and preventable death is now $1.19M.

In addition to the legal and regulatory requirements, organisations are also faced with the new ‘see through economy’ where nothing is secret. Social media has created a world where it is no longer possible to keep even the smallest of incidents out of the public eye, exposing the brand in ways never before seen. When something goes viral, everyone, including customers, prospects, business partners, investors, etc. will know about it. To put the power of social media into perspective, consider a study by Cornell University, who found that hotels can expect to see an increase of 39% in their average daily rate if they can increase their score by just one unit on TripAdvisor, say from 3.5 to 4.5! A 39% increase in revenue is a huge incentive to protect the brand from the negative connotation of a safety and security incident taking place on your property, even if it’s as simple as a slip and fall accident.

We envision a world where…

At Zendelity, we envision a world where all organisations have a system of record for all types and levels of safety and security actions and issues. Where the safety and security team have a 365-degree view of all safety risks across the property and access to the real-time data necessary to improve response times. Where managing operating compliance is as simple as viewing a dashboard, running a report or receiving an automatic notification.

We envision a time where operations will promote their ‘safety and security score’ as a badge of honour, as a means of competitive differentiation.  Similar to a ‘5-star hotel’, customers and guests will look for a ‘safety and security report card’ and those with a good track record will differentiate.

Safety and security have become a complicated web

We envision a world with smarter cities, where emergency services are able to respond faster and with more accuracy when they arrive on site due to improved situational awareness. Where both the on-site emergency response team and the emergency responders can act as one, to reduce the risk and improve safety during an incident.

Safety and security have become a complicated web, the operating practices you employee to manage that risk will determine your success. So, ask yourself this, are the logbooks, checklists, and manuals really still good enough, are you willing to stake your business on it?

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

Author profile

Rebecca Wormleighton Chief Operating Officer, Zendelity

In case you missed it

Why the touchless office is another argument for going passwordless
Why the touchless office is another argument for going passwordless

Security experts have discussed the demise of the passwords for years. As early as 2004, Bill Gates told the RSA Security Conference that passwords “just don’t meet the challenge for anything you really want to secure.” Change has been slow, but the sudden increase in remote working and the need for enterprises to become touchless as they try to encourage teams back to the office is increasing traction. Here we look at the future of passwordless authentication - using the example of trusted digital identities - and share tips on choosing a solution that works for your organisation. The move away from passwords was beginning to gain momentum pre-pandemic. Gartner reported an increase in clients asking for information on ‘passwordless’ solutions in 2019. Now Gartner predicts that 60% of large and global enterprises, and 90% of midsize enterprises, will put in place passwordless methods by 2022. This is up from 5% in 2018. The many limitations of passwords are well-documented, but the cost of data breaches may be the reason behind this sharp upswing. Stolen credentials – usually passwords – and phishing are the top two causes of data breaches according to the 2019 Verizon Data Breach Incident Report. Each breach costs businesses an average of anywhere between £4M to £8M depending on which studies you read. A catalyst for change As in so many other areas, the pandemic has been a catalyst for change. Newly remote workers using BYOD devices and home networks, sharing devices with other family members, and writing down passwords at home all make breaches more likely. And seasoned home workers represent a risk too.  It also means that enterprises are developing new procedures to mitigate the spread of disease. This includes a thorough examination of any activity that requires workers to touch surfaces. Entering passwords on shared keyboards or touchscreens falls squarely in this area of risk. As does handling physical smart cards or key fobs. Enterprises are expanding their searches from “passwordless” to “passwordless and touchless,” looking to replace physical authenticators. In the quest to go touchless these are items that can be easily eliminated. The future of passwordless authentication Using fingerprint or facial recognition often only provides a new front-end way to activate passwords Common alternatives to passwords are biometrics. But, using fingerprint or facial recognition often only provides a new front-end way to activate passwords. Passwords are still required for authentication after the biometric scan and these live in a central repository vulnerable to hackers. With one successful hack of the central repository, cyber-criminals can swipe thousands of details. In other words, biometrics on their own are not an improvement in security, only a better user experience. They need to be combined with a different approach that adds another layer of security. A more secure option is to move away from the centralised credential repository to a decentralised model. For example, one based on trusted digital identities. This is where digital certificates are stored on users’ phones. Think of encrypted digital certificates as virtual passports or ID cards that live on a worker’s device. Because they are stored on many separate phones, you are able to build a highly secure decentralised credential infrastructure. A solution that uses people’s phones is also compatible with touchless authentication systems. You can replace smart cards and key fobs with a phone-based security model and reduce the number of surfaces and items that people touch. This is especially beneficial for workplaces where people have to visit different sites, or for example in healthcare facilities. Replacing smartcards with a phone in a pocket reduces the number of items that clinicians need to take out and use a smartcard between and in different areas, which may have different contamination levels or disease control procedures. How do trusted digital identities work?   Workers unlock their mobile devices and access their trusted identity using fingerprint or facial recognition Here’s an example installation. You install a unique digital certificate on each user’s mobile device — this is their personal virtual ID card. Authorised users register themselves on their phones using automated onboarding tools. Workers unlock their mobile devices and access their trusted identity using fingerprint or facial recognition. Once they are authenticated, their device connects to their work computer via Bluetooth and automatically gives them access to the network and their applications with single sign on (SSO). This continues while their phone is in Bluetooth range of their workstation, a distance set by IT. When they leave their desk with their phone, they go out of range and they are automatically logged out of everything. Five tips on choosing a passwordless solution More automation means less disruption Consider how you can predict and eliminate unnecessary changeover disruptions. The task of onboarding large or widely dispersed employee populations can be a serious roadblock for many enterprises. Look for a solution that automates this process as much as possible. Scalability and your digital roadmap Will you maintain remote working? Having a high proportion of your team working remotely means that passwordless solutions will become more of a necessity. Are you expecting to grow or to add new cloud apps and broader connectivity with outside ecosystems? If so, you need password authentication that will scale easily. Encryption needs and regulatory requirements If your workers are accessing or sharing highly sensitive information or conducting high-value transactions, check that a solution meets all necessary regulatory requirements. The most secure passwordless platforms are from vendors whose solutions are approved for use by government authorities and are FIDO2-compliant. Prioritise decentralisation Common hacker strategies like credential stuffing and exploitation of re-used credentials rely on stealing centralised repositories of password and log-in data. If you decentralise your credentials, then these strategies aren’t viable. Make sure that your passwordless solution goes beyond the front-end, or the initial user log-in and gets rid of your central password repository entirely. Make it about productivity too Look for a solution that offers single sign on to streamline login processes and simplify omnichannel workflows. For workers, this means less friction, for the enterprise, it means optimal productivity. Security improvements, productivity gains and user goodwill all combine to form a compelling case for going passwordless. The additional consideration of mitigating disease transmission and bringing peace of mind to employees only strengthens the passwordless argument. The new end goal is to do more than simply replace the passwords with another authenticator. Ideally, enterprises should aspire to touchless workplace experiences that create a safer, more secure and productive workforce.

Be our guest: How to manage visitors with both safety and service
Be our guest: How to manage visitors with both safety and service

In today’s fraught times, business continuity and success hinges on how you manage the visitors to your company. By prioritising safety and security, and coupling them with top-notch attention and customer service, you win loyalty and gain a reputation that will serve you in years to come. An excellent way to accomplish this is by identifying and implementing the best visitor management system for your company. And visitor management systems go beyond ensuring the safety of your visitors and staff safety from your visitors. A feature-rich VMS will track your guests' activities, so you can better understand their preferences for future visits. That way, you can manage visitor experience and tailor amenities and preferences. Both customer loyalty and brand reputation benefit. Visitor management systems: who uses it, and why is it used? Visitor management refers to all the processes put together by an organisation to welcome, process, and keep track Visitor management refers to all the processes put together by an organisation to welcome, process, and keep track of all the guests daily. A visitor management system (VMS) is the technology used to manage guests for their convenience, safety, and security. Several features are typical in today’s applications. They include preregistration tools,  video intercoms, self-check-in stations, and health screening. In visitor management, the term "visitor" doesn't only refer to guests but also anyone without an authorized access credential. For instance, an employee without their access credential logs in as a visitor. The same applies to a delivery man or a technician carrying out routine maintenance. A VMS helps to account for everyone within the organisation at any given time. Who uses visitor management systems? You need a visitor management system to manage a school or hospital, an office, or even a residential building. Here's why: Visitor management system for schools: schools are among society’s most vulnerable facilities. A VMS is almost mandatory in this setting. It helps to identify visitors, detect intruders, and alert security of any unauthorised access. Visitor management system for offices: A VMS accounts for guests at all times. They include clients, maintenance contractors, delivery men, employees without credentials, friends, and family, Visitor management system for hospitals: access control is essential in hospitals, and managing visitors plays a major role. Hospitals offer access to pharmaceuticals, medical records, newborns, and expensive equipment. It is crucial to monitor restricted hallways and sections with video intercoms and track unauthorised persons' movements. Residential visitor management system: tracking people's movement is a key VMS component. In case of a crime, knowing who had access to the building within a specific time frame can help in the investigation. Plus, tracking the activities of visitors can deter future crime. Why is the visitor management system important? A video intercom makes it much more difficult for a visitor to impersonate a known guest. VMS accounts for everyone within the organisation in cases of emergency. VMSs can prevent intruders and alert the security department of a breach. A VMS creates a positive visitor experience, which shapes perception of the organisation. With a trusted VMS in place, employees can focus on being productive. Health screening gives staff peace of mind. It increases employees' willingness to return to work in the midst of the COVID 19 pandemic. How does a good VMS address occupant and visitor safety? The necessary technology to ensure building safety The best visitor management systems contain the necessary technology to ensure building safety. To maximise occupant and visitor safety, a VMS should have the following features: Job one of a VMS is visitor identification. It also helps deter potential criminals. Some VMSs go beyond identification by running a quick check on the visitor's ID and alerting security of any discrepancies. By identifying and proving a visitor's identity, the VMS ensures the safety of employees and other visitors. VMS helps with compliance A good visitor management system helps the organisation follow regulations, such as for occupancy. In the COVID era, some states may require health screening for guests. Health screening helps protect the building's occupants from exposure to health hazards. Information security VMSs also aid in information protection. It takes mere seconds for a rogue visitor to download files into a jump drive, photograph exposed blueprints, or copy customer lists. Visitor management systems restrict visitor access to parts of the building and track the whereabouts of guests. Visitor privacy With pen and paper systems, walking up to the receptionist often gives visitors full view of the visitors list. Visitor management systems seal that vulnerability. Visitors can check in without fear that anyone nearby can see their information. Emergency evacuation With a good VMS, the exact number of people within the building is always known. In the case of an emergency, first responders can use VMS data to identify everyone on site. This is a safety net for both the occupants and visitors to the organisation. How to manage building visitors System features depend on the purpose and setting of the VMS. Yet certain features and processes are essential. Preauthorisation and health screening The first step is knowing the visitors upfront. Preauthorisation allows everyone to know who is coming and when. Guests specify the time and purpose of their visits. You get to welcome and accommodate your visitors accordingly. Some systems may also be able to upload documents of interest, such as proposals, contracts, presentations, or agendas. Health screening is critical today. It signals that the organisation cares about its guests. A visitor is more likely to visit an organisation that prioritises health and safety. Health screening is a way to protect your staff and send the right message. Video intercom Along with health screening, video intercom is a key element of VMSs. It enables secure video identification with remote, touchless, and COVID-safe access into buildings. Intercoms are a safe and secure way to communicate with audio and video without physical contact. Video allows you to visually verify the visitor. The audio component enables spoken communication. Some systems even use facial recognition technology and mobile app unlock. When integrated with access control, visitor arrival is seamless. Upgrade to touchless access Touchless access is the safest and most secure VMS option Touchless access is the safest and most secure VMS option. It is more sophisticated because it receives visitors without them having to lift a finger. It's also convenient and effective. In this time of the novel coronavirus, the demand for hands-free systems is surging. VMS has pivoted to met this demand. Many organisations are finding how touchless systems increase safety in the workplace. Visitor logging is essential for managing guests to your building. Besides being a source for verification and data tracing, it also helps in real-time to know who signed into the building and who hasn't signed out yet. Tracking the movement of visitors within the facility makes it clear where they are at all times. This way, there can be an effective emergency action plan for visitors and other occupants. This feature has use in contact tracing, health investigations, and other investigations, such as for theft.

What does 2020 mean for the future of security trade shows?
What does 2020 mean for the future of security trade shows?

Trade shows have always been a basic element of how the security industry does business - until the year 2020, that is. This year has seen the total collapse of the trade show model as a means of bringing buyers and sellers face to face. The COVID-19 pandemic has effectively made the idea of a large trade show out of the question. Today, even air travel seems incredibly risky, or at minimum a huge hassle. The good news is that the industry has adapted well without the shows. A series of “on-line shows” has emerged, driven by the business world’s increasing dependence on Zoom and other video conferencing platforms. The fact is, 2020 has provided plenty of opportunities for sellers to connect with buyers. It’s easy to dismiss these sessions as “Death by PowerPoint,” but some of them are incredibly informative. And conveniently accessible from the comfort of a home office. Internet transforming businesses We have already seen how the online world makes it easier than ever to connect with customers. In the consumer space, businesses like Uber, Shopify and Airbnb have proven that the Internet can transform how business is done. But in the security industry, we hear: “You can’t replace the value of meeting face to face.” That’s definitely true to some degree. A lesson of 2020 is the need to take a hard look at the economic model of trade shows However, the reality of 2020 suggests that there are alternatives that are almost - emphasis on almost - as good. And that don’t cost as much. And that don’t take away as much time from the office. And that don’t involve the effort of schlepping luggage through an airport yet again to a hotel in a beautiful city you will never see where you will spend three days in a big exhibit hall eating overpriced hot dogs and regretting your choice of footwear. Economic model of trade shows Sure, you’ll meet up with old pals, and get some value out of the experience. But how much value versus the cost? A lesson of 2020 is the need to take a hard look at the economic model of trade shows - how much they cost versus the value they provide. Considering how well we have gotten along without them, one wonders how and why trade shows have become such an integral part of our industry, and of hundreds of other industries, for that matter. I have had many conversations with exhibitors at trade shows in the last several decades. I have heard probably thousands of complaints about the slowness of the foot traffic, the high costs of exhibiting, the price and hassles of travel. The question I have often wondered (and asked): Is it worth it? Defray the costs Usually, the complaining exhibitor will reluctantly admit that it is, and/or provide some other justification, such as one of the following: All my competitors are here. If I don’t exhibit, it sends the wrong message to the market. That’s why I need to have the largest booth near the front of the show, too, because it’s all about perception and positioning ourselves in the market. We need the show for the sales leads, which drive our sales for the next six months. If I meet one large end user who turns into a big sale, the extra revenue pays for it all and makes everything worthwhile. This is the only time I get to see my sales staff or other coworkers from around the country. We have a sales meeting this week, too, so it helps to defray the costs. Success of alternatives The realities of 2020, and the challenges to the business world, will impact the nature of commerce for years to come Given the experience of the year 2020 without any trade shows, might some of these justifications melt away? At a minimum, companies will be taking a hard look next year to evaluate what they missed about the trade show experience, and more importantly, what the impact was on their business (if any). What is the future of trade shows? After the 2020 hiatus, exhibitors and attendees alike will be starting with a clean slate, taking a fresh look, reexamining the value proposition with new eyes, braced by the successes (while acknowledging the failures) of alternatives that emerged as necessities during a global pandemic. Ensuring safety and security The realities of 2020, and the challenges to the business world, will impact the nature of commerce for years to come - including trade shows. During the pandemic, we have all had to reinvent ourselves, deploy new strategies, work around new challenges, and in the end, hopefully, emerge better for it. There’s no reason trade shows shouldn’t undergo the same transformation. And it’s likely the “new normal” could look very different. The security market has found new opportunities during the pandemic, including new applications for existing technology and a renewed emphasis on the importance of ensuring safety and security. That positivity will hopefully carry our industry triumphantly into the new decade, and trade shows will adapt to find their place in the newly revitalised industry. As it should be.