My office was broken into not once, but twice. Here are 12 things we learned that you can use to protect your valuables.
The heart-sinking feeling that accompanies a midnight call from your office alarm company sends shivers through the best of us.
This happened to our office - not once, but twice over the course of two weeks. And on both occasions we knew it was a genuine break-in because of the alarm zones that had been activated.
The trail of smashed window pieces and debris confirmed the situation when we arrived at the office, but the more scary moment was when we wondered whether the intruders were actually still in the building. The police advice was not to enter and to wait until they had arrived to clear the building. When compromised or cornered, intruders have been known to hide away until the police have gone, so a thorough search is necessary.
When we entered the building we soon discovered what was missing - in our case, the Apple iMac 27in computers were the order of the day. Three had been taken - not the leads or ancillaries, just the hardware. While there was other equipment in easy reach, they had specifically targeted the iMacs.
The sequence of events that take place, from the initial discovery through to dealing with the insurers, is quite a time consuming experience. Having been through it, we can share with you the following steps you can take to make the process easier if the worst does happen:
1. Contacting the police
Most small businesses arrange to have their alarm monitoring company contact key staff - ideally senior employees who are within a short distance of the premises. Nine times out of ten the call will be a false alarm, but if you suspect there is a genuine problem call the police en-route to the premises. Hopefully they can apprehend any intruders who might still be present. If there has been a break-in and the police are not there, don’t put your personal safety at risk by charging Rambo-style into the building. Wait for the police.
In our case there was a possibility that the intruders could be on the premises. Given the size of the office, the police had to call for back up - a minimum of four people was necessary to clear the building. The police arrived within 10 minutes and on arrival they wanted a clear briefing of all the exits, location of lights and details about alarms. Be aware of your surroundings while waiting for the police - we waited with the car doors locked and the lights on, just in case the intruders were still lurking.
2. Keep emergency phone numbers for staff and glaziers handy
Make sure that you have emergency contacts accessible and updated regularly. These should include out of office numbers for staff, landlords and suppliers. If there is damage to the property you’ll need glaziers to board-up windows or doors. This was the most time consuming task for us. We didn’t have any preferred numbers handy and it took some searching before we could find a friendly glazier that was prepared to get out of bed at 2am. The cost to board-up our window was $350.
3. Keep an inventory of your equipment
The police will want the serial numbers of all missing equipment so they can circulate these to pawnbrokers and money exchange outlets. This will require a detailed inventory. Photographs of unique items will also assist the police with their enquiries. We had all this on hand because our assets register is updated with appropriate serial numbers as equipment is replaced. Also remember to keep the original receipts as proof of purchase.
4. Shop around for insurance
Insurance is a vital business expense which provides peace of mind and eases the financial burden of replacing IT equipment. Every policy has conditions, so make sure you are happy with the replacement value of items stolen from your office, while in transit or even from staff members’ homes. Shop around for the best quote - the devil is in the detail so do your research before agreeing to the terms. In our case everything was in order and our insurance company agreed to an instant replacement. However, their loss adjustor was slow to authorise the claim so it is essential you keep on their case.
5. Check you have appropriate alarms & CCTV
These are a must. While they don’t prevent all intruders, they at least act as a deterrent. Make sure all systems are tested regularly and staff alarm code numbers are changed on a routine basis. Staff should be fully briefed on their operation and all systems should comply with Australian Standards. Place warning signs around the business promoting the security features and display your company name and street numbers, including at the rear and side entrances, to assist emergency services. Lighting is essential at all entrances - this will not only prevent intruders lurking in the dark but also increase staff safety while they are locking up during the winter months. A basic CCTV installation for four cameras starts at around $4,000 and increases to $6,000 depending on the resolution of the cameras and network control options.
6. Label IT equipment with indelible markings
Engraving and micro dotting are further deterrents. Doing this makes it harder for someone to trade your items and it affects their resale value. It's a worthwhile and inexpensive measure. Make sure a micro dotting warning is displayed on your entrances. There are DIY kits available from as little as $50 that can tag about 250 items. One company that we looked at was www.nanotag.com.au.
7. Make sure that staff know that you’re not responsible for their personal files
Businesses should not be held liable for staff assets that are hosted on company equipment, such as photos, music and personal documents. Staff should be made aware of this through a code of conduct or computer use policy which makes it clear from the outset that the company is not liable for any loss. This is also relevant in the wider context of unlicensed software and music.
8. Don’t forget to back -up
It goes without saying that you should have systems in place to backup all your data every day. Not only that you should have backups stored off-site. We won't go into detail about this here, but we have plenty of articles on this site explaining your options. We suggest starting here, which is a list of all our articles about backup. Pay particular attention to this article about off-site backup, and this article about disaster recovery.
9. Create a contingency plan
Small businesses often do not have the funds for Disaster Recovery Planning (DRP), which is generally geared towards big business, such as the banking industry. However you should at least have a Continuity of Operations Plan (COOP) for the event of serious loss, whether through burglary, flood or fire. This plan could involve staff working from home or sharing an office. It could also provide for the recovery of data, assets and facilities.
10. Have office security procedures
Not every business has the luxury of a 24-hour security team sitting behind a bank of monitors. Many small businesses have to divide the responsibility for security among a few trusted employees, so protective measures should be followed by the book. Staff safety is paramount so make sure there is a procedure for locking up the premises, such as having a minimum of two people present. Brief all your staff on your alarm duress facility and outdoor lighting, and make sure there’s a departure check-list on all exit doors. Try and keep the numbers of staff with keys and codes to a dependable few - too many codes and keys is just asking for trouble down the line.
11. Put anything portable out of sight
The rule of thumb is that intruders have a five-minute window to get in and out - especially once the alarm is activated - so anything that is portable should be out of sight. Intruders don't have time to open every drawer or fumble through cabinets in the dark, so items that are hidden are more likely to be spared.
12. Crime Prevention Officers
All local police HQs provide a crime inspection and a detailed assessment of your premises for free, so take advantage of this service and setup a visit. They advise on everything from recommended security measures through to staff safety.