iXero and Security 360® – Changing the Security Paradigm
By Edwin Henderson, iXero
An All-Too-Frequent Nationwide Dilemma.
In a remote Colorado town southwest of Denver in the shadow of Pikes Peak, a small security company with big goals is trying to change the way people think and act about organizational safety and security, particularly in schools and businesses.
iXero, based in Woodland Park, CO, and comprised largely of former career military and law enforcement professionals, has provided myriad security solutions for international and domestic clients since 2016. In early 2018, in the aftermath of the tragedy in Parkland, FL, and the subsequent tragedies in Santa Fe, Highlands Ranch and Santa Clarita, the iXero leadership was convinced of 3 things: 1) The organizational security status quo is not working; 2) Indicators of potential danger were available but were either not heeded or acted upon; and 3) There must be an effective way to identify the indicators - and act appropriately on them - well before they result in tragedy.
Rather than take a position in the ever-present debate on the efficacy of more gun control, iXero took a ‘gun agnostic’ approach. iXero’s experts realized that the components of traditional security systems (fences, entry control points, cameras, guards, etc.) are too often insufficient by themselves to ensure the level of safety that organizations need for a productive learning or work environment. Clearly various configurations of these components are critical pieces of safety and security solutions. However, they serve primarily as deterrents and are of limited use once an incident occurs. Moreover, their usefulness is largely dependent upon extant policy, procedures, training and proficiency; and an overall ability (and willingness) to react effectively.
Since the shooting at Columbine High School twenty years ago, school security has become a cottage industry. Countless vendors offer myriad products designed to protect or preserve life; from various types of barriers and door/window indicators to instant safe rooms; from apps that aid communication and information sharing to triage kits complete with hemostatic bandages and stretchers. All these tools, while effective, are reactive. Additionally, they require familiarity and proficiency to use and rely on staff or students to act during an emergency in ways few, if any, have specific training or practice.
A Better Mousetrap
What iXero proposes is to change the paradigm of what comprises effective safety and security. First, iXero promotes a proactive, rather than reactive approach. Second, iXero wants to be a security partner rather than a vendor. In fact, iXero does not sell or promote any particular security components. The company’s goal is to provide tailored, holistic security solutions that integrate with an organization’s existing security components and provide a level of physical and psychological security consistent with the organizational structure and environmental requirements, whether they be learning or commercial productivity. One of iXero’s unique security partnership techniques involves creating a sustainable ‘learning culture’ of safety and security within an organization. This is done through a trademarked process called Security 360®.
Safety and security involve a proper mindset as much as they involve physical components. That mindset must be held both individually and collectively and is grounded in awareness and confidence. The awareness is the conscious and subconscious understanding and acknowledgment of the various vulnerabilities that are ever-present in everyone’s immediate environment. The confidence is in individual’s and respective organization’s abilities to mitigate the vulnerabilities to the point that they don’t hinder required daily activities. It derives from the reassurance that both the individual and organization have the knowledge, training and trust in one another such that each is accountable to the other and each will act to protect the other as best they can in an emergency. This mindset is what enables military and first responder organizations to successfully perform complex tasks and missions safely under high-stress conditions.
Security360® Basics
Establishing a culture as described above in organizations not accustomed to such a mindset is a significant challenge. iXero believes that it can use Security360® to overcome that challenge by partnering with an organization and demonstrating ‘what’s in it for them’. The process begins with a comprehensive Vulnerability Analysis of the organization. Vulnerabilities are unique to an organization, can be external or internal and have any mix of physical, environmental, socio-economic or cyber aspects. They can also exist based on organizational structure. Once vulnerabilities are identified, they are prioritized by impact significance using organization-specific criteria. The prioritized vulnerability list then shapes and informs later Security360® steps in providing a tailored security solution.
Step two involves Security Assessments and Gap Analysis. Through physical inspection and focused interactions with organizational personnel, iXero’s subject matter experts (SMEs) conduct comprehensive assessments in three primary realms: physical security, cyber security and organizational governance. This gives the SMEs a snapshot of the respective programs’ health and effectiveness. They then use applicable national, state and local statutes, standards or guidelines to identify whether there are programmatic gaps, either in structure or practice. In absence of the above guidelines, iXero will use applicable industry best-practices as the basis for comparison.
Once the Assessments and Gap Analysis are complete, iXero provides recommendations to close the identified gaps. Recommendations could involve adding or upgrading hardware/software components (cameras, doors/locks, fences, etc.), creating or revising various security-related policies, developing or revising safety and security training or a combination of these.
Follow-on steps are the heart of the partnership and involve the implementation of the recommendations chosen by the organization. With an ongoing relationship, iXero can provide services such as classroom training, drills and scalable exercises and periodic program audits to ensure optimal effectiveness of both the programs themselves and the individuals responsible for performing required actions.
The Security360® process is applicable in virtually any organization requiring a safety and security program. It can be scaled up or down to fit an organization’s security requirements and budget. The key difference in the iXero approach and a key to success is buy-in throughout the organization; the acceptance that everyone has responsibility to protect the organization’s assets, whether those assets are physical property, data or personnel such as children.
In fact, organizational buy-in has an additional facet when schoolchildren are involved, as a recently thwarted school violence incident in New York indicates. When working with schools buy-in is required by not only the school staff, but the parents as well (Richards, 2019). iXero and school districts will have to work closely with parent-teacher organizations and the like to ensure they are informed about and endorse proposed security measures and methods, to include not only mitigation and emergency action procedures, but also planned disciplinary measures for offenders. Concerns also often center around protection of privacy and sensitive information, the protocols for handling both of which are outlined in the Federal Educational Rights and Privacy Act (FERPA) and the Health Insurance Portability and Accountability Act (HIPAA). iXero is aware of and carefully crafts its solutions to ensure compliance with these and any other pertinent federal, state or local statutes.
A saying in the Navy is ‘everyone is a safety officer.’ Once a tenet like that is internalized by an organization and becomes part of daily routine, that organization is well on its way to zero incidents – or iXero.
In subsequent articles, various components of the Security360® process will be discussed in more detail.
Reference.
Richards, E. (2019, December 2). A New York village averted a potential school shooting. Parents are still furious. USA Today. Retrieved from https://www.usatoday.com/