Here’s an interesting “anthropological” take on security, as reported by Bruce Schneier: When a company grows past 150, it’s time to issue name badges.

That’s because – Schneier quotes the research – “150 is the cognitive limit to the number of people a human brain can maintain a coherent social relationship with.”  Of course, this presumes that one troubles to meet and relate to all 150 members of his or her growing company, but that’s perhaps another matter…

Generally, the research suggests that there are “several layers of natural human group size” that increase with a ratio of approximately three: 5, 15, 50, 150, 500, etc. The smallest, three to five, is a “clique,” 12 to 20 constitutes a “sympathy group,” and 30 to 50 was the typical size of hunter-gatherer overnight camps.

We’d be inclined to issue name badges at fewer than 150 employees, but then we’re perhaps excessively security conscious. Certainly, we’d ask Bruce Schneier, or any other visitor, to sign in, please.

SecurityInfoWatch.com provides these 10 readiness pointers for Swine Flu in the workplace:

1. Define reliable information sources to monitor for situational awareness on the influenza outbreak.

2. Top management documents a set of guiding principles that outline commitments the firm will make to protect employees and ensure duty of care; types of preparedness measures the firm will create and maintain; the budget available for planning, and individuals responsible for implementing these programs.

3. Maintain a robust Crisis Management and Communications program to enable executives to make key decisions on a timely basis and communicate messages to both internal and external stakeholders.

4. Maintain a Business Continuity program that documents key products and services that will receive prioritized attention during a time of reduced staff availability.

5. Implement a robust employee health program to guide ’safe workplace’ protocols, such as facility access, social distancing and surface cleaning.

6. Document Human Resources provisions that outline actions employees should take if they become ill and how to handle sick leave and family care issues.

7. Strategies for remote work and connectivity backed up by actual IT capabilities in terms of VPN bandwidth and hardware availability.

8. Prepare guidance for expatriate employees and travelers.

9. Discuss the firm’s pandemic preparedness efforts with key vendors, suppliers and other business partners.

10. Determine the firm’s position on the procurement and stockpiling of both pharmaceutical and non-pharmaceutical protective measures. (Antiviral stockpiles make more sense for certain types of businesses and less for others.)

An excellent essay on what goes into successful crisis/disaster planning appears in the June issue of Security Management. William M. Lokey, a program director for James Lee Witt Associates, Washington, D.C., lays out the components and commitments required for reliable disaster readiness.

In the context of Hurricane Katrina, Lokey asks, “Why were some companies unprepared to provide the most basic necessities for their employees while others not only survived the catastrophe but also excelled at helping others? There’s a simple answer: Some companies devote resources to planning, training, and conducting disaster response and recovery drills—and some do not.”

That’s the key: having a written, practiced plan. Based on his own extensive experience, Lokey provides guidance on developing one, including its media relations aspects.

“A disaster plan is a set of promises that a company makes,” he says at the conclusion of the piece.  ”They spell out how a company intends to behave when tragedy strikes. More than a document, a disaster plan is a process that is designed to evoke appropriate actions by anticipating problems and creating possible solutions. By being aware of common problems from past incidents, companies can help to ensure that staff will be ready to meet those promises and, in the process, to give aid and comfort to the affected community.”

Here’s a link to the new report on federal contracting in Afghanistan and Iraq, by the Ccommission on Wartime Contracting in Afghanistan and Iraq. It’s a lengthy document that likely provides insight into federal contracting and procurement generally, as well as these two embattled settings.

This won’t be cheery reading, but one gets insights where one can.

Here’s a lengthy post full of insights into how the security and IT functions are merging at companies large and not so large. “Convergence” is the increasingly familiar term. 

Based on questionnaire responses from 100 companies, the report – generated by Security Management - has lots of aspects and is worth culling for your own interests. In short, though, the pressure is growing on security to survive as a distinct profession. 

What especially caught our eye came at the end - a projection of what the world may be like in 2020: “By 2020, many of the things we take for granted will be extinct, such as print newspapers, iPods, most desk-top computers, supermarket check-out lines, car keys, and a legion of other obsolete technologies. The security industry must do whatever it takes to ensure that its profession doesn’t become aged and unfit. The comet is approaching, but there’s time to deflect it.”  

Security poroviders - especially those involved with perimeter security - have an opportunity and challenge to explain the availability and benefit of given security solutions to school administrators.

SecurityInfoWatch notes that, while school districts are reporting increasing security breaches (both IT and physical - IT mainly from inside and physical from outside school buildings), school district budget administrators need selling on given security approaches.

Patrick Fiel, ADT’s public safety advisor for education, puts it this way: “So, I think (schools have) got to put security to the forefront, balance security with education and then take it to the superintendent and to the school board  and say ‘Hey, these breaches of security are very expensive and by putting in the solutions we’re recommending, we could reduce our costs considerably and save the school money down the road.’”

Wth 67 percent of CDW’s participating school districts reporting physical security breaches, the benefit of controls that would. for instance, direct vehicles through barrier-protected entrances becomes worth hearing about. Head back to campus, and explain your wares, what they can do for anxious administrators and board members.

Anyone seeking to sell security systems to the U.S. Army should be aware that the Army is switching to a centralized, in-house engineering acquisition system.

“We realized there was nobody [with systems engineering expertise] looking across all of our programs,” said Ross Guckert, assistant deputy for acquisition and systems integration at the Office of the Assistant Secretary of the Army for Acquisition, Logistics and Technology.

For example, the Army has had 16 different battle command systems on record. A unified battle command system will be the new organization’s pilot program.

How this new acquisition approach will relate to purchasing security systems is something that vendors will want to follow and understand.

PRO Barrier emphasizes aesthetics and blending with the environment in its barrier designs. Perhaps we should consider partnering with a French company that actually grows barriers. Sinnoveg is a French-based tree nursery and horticultural research center that specializes in “securitizing sites, goods and persons by a concept of anti-intrusion security integrated into the environment.” Its key technique is “based on planting of a hedge of thorny plants, weaved into each other and into metallic elements of reinforcement.”

You may have heard about the use of social media (SM) - websites like Facebook, Twitter, Flickr and Craigslist – to spread information “virally” during emergencies. SM is an emergency response channel with both positive and negative implications. It’s good to be aware of the possibilities both ways. Here’s a pertinent article from a recent edition of Nature: “Crisis Communication – Messages appear on Internet-based social networks within minutes of disasters occurring. Lea Winerman investigates how to harness this trend to create official community-response grids.”