Monday, November 17, 2008

What to look for in a good security consultant

You want someone with a healthy level of dysfunction and paranoia. In normal society these character traits are not desirable, but in a person or company you are sourcing to protect your physical or intellectual property these are exactly the traits you want.

You would be better served by a person or company who wonders:

  • What way are they trying to get over now
  • How can I prevent this from being taken without seen
  • What are the blind spots
  • Can I place something here to monitor that is inconspicuous
  • What area of coverage does this allow me
  • How do I prevent people from tampering with either the feed or recorded information
  • What about if there is a power outage
  • How much is the loss of this costing in increased expenses
  • How can I catch a lying or dishonest person
  • What can I do to allow a dishonest person enough latitude to hang themselves

Bottom line you want a person or a company whose attitude is that of an auditor – I trust every word you say and because you are honest you do not mind if I verify and compare your words and actions to ensure alignment. Next time you retain a security professional just remember a person who trusts all people are people of their word and honest while they may do a fair job you would be better served by the personally referenced above.

That is not to saw an auditor like attitude means a person will be impersonal – far from it, just thorough.

No comments:

Add to Technorati Favorites