Retailers face a number of threats, some specific to their brand and merchandise, others based on their geographic location. Keeping employees and customers safe requires a two-pronged approach: establishing the right culture and providing a safe and secure physical environment.
For employees, this means investing in security awareness training for staff, which is simply a matter of them one, paying attention (e.g., implementing a “no smartphone use” policy when on shift), two, knowing what to look for and, three, knowing what to do. Do employees know what the signs of workplace violence look like? Are they empowered and educated on how to report and manage a potential issue (or how not to from a liability standpoint)? Do they understand how to operate the electronic security controls put into place? Most importantly, have they been trained on what “suspicious behavior” looks like, or how important their instincts are? For customers, however, it's very much about providing a physical environment that feels (subconsciously) safe and secure, complemented by staff who take a customer-centric approach to establishing “surveillance.”
Ultimately it needs to start at the top. Senior management of every organization should document, support, fund and adhere to security policies, thus setting the example for the troops. It also starts at the beginning: Are employees properly vetted prior to being hired? The internal threat in the retail environment is a greater vulnerability than the external.
So, what's a retail operation to do? First and foremost, it's to understand the exact threats and vulnerabilities that apply to the individual retail location. Threats in an urban storefront vs. a suburban mall are significantly different. This might, for example, affect the placement of products to protect from “snatch and grab” losses. Post that, it’s developing controls aligned specifically to those vulnerabilities. In terms of creating a safe and secure physical environment, retail operations should become familiar with CPTED principals (Crime Prevention Through Environmental Design).
On the surface, CPTED can appear complex, but it’s not. CPTED is simply creating a physical environment with security in mind; it’s not an additional expense, but rather aligning existing expenses to security objectives. Natural sightlines, natural access control, creating territorial reinforcement, and keeping a well-maintained space are all necessary investments, and there’s no additional cost to design these elements to reinforce safety and security. Specifically, lighting, landscaping, architecture, colors and textures, and signage encouraging customers to “see something, say something” can be designed to create a secure environment, not just to undesirables (“I don’t belong here”), but for employees and customers as well, who instinctively feel that “this is my space.” Furthermore, implementing a “two-person rule” during critical times (such as store opening and closing) can protect against both internal and external threats.
Finally, technological security solutions are growing exponentially with the incorporation of video and audio analytics against artificial intelligence. Such technology allows for the automatic identification of “suspicious behavior” and real threats such as the detection of a firearm via video analytics or the use of audio analytics to detect gunshots. In addition, radio frequency identification systems have advanced such that product locations can be automatically monitored live, not just at points of entry/exit.
In-house security resources are the first step in identifying and executing a security program. However, in-house specialists are sometimes unaware or inexperienced in the more complex strategic elements such as conducting training or staying current on emerging controls and technologies. As such, retaining an experienced and independent security consultant can efficiently and effectively deliver strategic training, policies and guidelines (such as CPTED) which can then be tactically implemented by the in-house security team.
John V. Philippi CPP, PSP, MBA, is regional vice president at Guidepost Solutions, a provider of global security, investigations, compliance and monitoring solutions.
Related story: Retailers Need to Take Mobile Device Security Seriously
John Philippi is regional vice president, security and technology consulting for Guidepost Solutions. He's a security subject matter expert with over 30 years of experience. His work at multinational organizations has focused on protecting them from negligence liability through the development of best practice policies and procedures and the design of effective and efficient systems and operations. He can be reached at firstname.lastname@example.org.