This essay will consider the topic of crime prevention within the workplace. The essay will consider different types of crimes, and how they occur within the workplace. There will be an analysis of what different characteristics different types of crimes have, and the writer will consider what types of crimes may be seen as the most problematic in terms of the prevention of crime in the workplace. The ultimate focus of the essay will be the identification of which types of crimes are the most challenging to deal with in an office environment from the point of view of a security manager, and an explanation of why.
Background and context for the study of what crimes are the most problematic in the workplace
This section will consider the importance of security in the workplace. It will also consider the processes in the workplace that may be vulnerable to crimes.
Workplace security is becoming more and more important to businesses departing from traditional business structures to forms that are more complex (Asfahl, C. and Rieske, D. (2009) p. 142; Bogardus, A. (2004) p. 120). This complexity may in part be attributed to the impact of technology on the modern business. Businesses use IT much more frequently now and this increases the number of parties who have access to the business and the resources of the business (Brooksbank, D. Wilson, J. and Oliver, E. (1999) p. 13).
Different types of crimes that can occur within the workplace
There are many different varieties of crimes that can occur in the workplace (Coombs, W. (2008) p. 264; Gill, M. (2006) p. 42-45). Crimes may be committed in the workplace by different actors including employees of the organisation, and or external actors. Employees for example are internal actors, and they have the potential to commit fraud, theft, cybercrime or white collar crime.
Other crimes may be committed by actors who have no connection with the company, and examples of these types of crimes include burglary, robbery and or expressive types of crimes such as vandalism. Another broad classification of crime is where a crime is committed by an external party in consort with an employee (Asfahl, C. and Rieske, D. (2009) p. 142; Bogardus, A. (2004) p. 120). Additionally crimes committed against the employees of an organisation may be classed within criminal acts which impact on an organisation and examples of these can include theft of information or resources, or violence (Coombs, W. (2008) p. 264; Gill, M. (2006) p. 42-45).
All of these crimes have very different characteristics. It is also clear that these types of crime, where they affect workplaces can share generic structures and patterns. Burglary, and theft for example are crimes that may involve physical access to the premises or the resources of the organisation involved (Hopwood, D. and Thompson, S. (2006) p. 95; Kovacich, G. and Halibozeki, E. (2003) p. 242). It is usually the case that these types of crimes cause damage to doors, windows and other access points. In the aftermath of a crime of this nature the security of the organisation may be called into question, and factors such as key-holders, and the physical security of the premises may require review (Asfahl, C. and Rieske, D. (2009) p. 142; Bogardus, A. (2004) p. 120).
Because the crime affects a company it may also be the case that the crime causes loss not just to the company, but also possibly to employees of the company, who may for example have been storing valuables in the organisation. On the other hand fraud, white collar crime, and also crimes involving dishonesty are crimes that typically occur internally (Coombs, W. (2008) p. 264; Gill, M. (2006) p. 42-45). Theft from stock in a retail organisation, for example can require internal access and it may be argued that internal actors have easier access to employer resources such as stock, which is prone to be stolen (Brooksbank, D. Wilson, J. and Oliver, E. (1999) p. 13).
The crimes have much in common also. A typical result of crime within the workplace is to impose costs on the company for example. Other costs imposed by crime, and the possibility of crime include crime prevention. Police issue advice as to workplace crime prevention in the following terms : "Thieves often pose as delivery personnel, couriers, janitorial staff, maintenance workers, job applicants, new employees, as relatives of employees, as someone looking for a restroom, or as other seemingly legitimate persons. Many thieves walk through workplaces to see if they get stopped or questioned or to test any security measures that possibly may be in place. These individuals are prepared and will attempt to use false explanations. (i) Watch out for "head poppers" who open the wrong doors and pretend to be looking for specific offices; (ii) Redirect wandering or lost visitors roaming the halls to the correct office, information desk, designated waiting area, or the security office. (iii) Do not be afraid to question anyone you may be in doubt of, if it is safe to do so; (iv) Have a security person or police investigate the individualâ€¦. www.norfolk.gov".
Crime can affect the strategic position of a company. Take the case of a major pharmaceutical as an example. This company may have invested millions of pounds in developing a particular drug. Imagine a dishonest employee steals, and passes the information about the development of the drug to a third party in exchange for money (Asfahl, C. and Rieske, D. (2009) p. 142; Bogardus, A. (2004) p. 120). This type of crime can manifest much damage to the company in terms of their strategic position in key markets (Mathis, R. and Jackson, J. (2007) p. 478; Small, M. and Burgess, R. (2004) p. 21).
The next section will consider these aspects of workplace crime in the context of which crimes may be seen as more or less problematic by a security consultant.
Which crimes are the most problematic to deal with
Before considering which types of crimes are the most problematic to deal with, it may be useful to point out a few factors that will form the background and context for the analysis. It must be pointed out for example that crimes in the workplace do not always manifest generic effects, and so in many cases the effect of the crime will depend very much on the type of organisation that is affected (Brooksbank, D. Wilson, J. and Oliver, E. (1999) p. 13). This can be illustrated by considering two retail outlets - one a multi-national retail company, and the other a small local retail outlet. If a manager is stealing from the stock, impacting the profits of the company, it may be arguable that the damage is more easily absorbed by the former, larger company that has more resources, by comparison with the case of the small retailer whose liquidity may be more seriously affected by the theft (Asfahl, C. and Rieske, D. (2009) p. 142; Bogardus, A. (2004) p. 120). Clearly, therefore the consideration of how problematic a crime is, is a function, not always of the crime itself, but of a combination of the crime and the effects of the crime (Mathis, R. and Jackson, J. (2007) p. 478; Small, M. and Burgess, R. (2004) p. 21). Thus, different crimes may be seen as more or less problematic for different actors, companies and organisations who have different characteristics (Brooksbank, D. Wilson, J. and Oliver, E. (1999) p. 13). Nevertheless, this section will attempt to consider crimes from a generic point of view in an effort to make some generalisations as to the nature of workplace crime, and the ways that it can impact businesses. This process of generalisation will, it is suggested make it more easy to group together crimes that are the most problematic, and differentiate these from crimes that are less problematic.
Crimes may be classified in three ways for the purposes of considering which is more or less problematic. Workplace crime can be external to the workplace, and thus be committed by parties with no connection to the organisation, who attack the company externally. Examples include vandalism of the physical premises of a company, or a robbery (Coombs, W. (2008) p. 264; Gill, M. (2006) p. 42-45).
Workplace crime can on the other hand be committed by employees of the company, or organisation, and an example of this might be theft from the stockroom, committed by a group of employees. There are also cases where the crime is perpetrated by parties external to the workplace, but who are working in consort with employees of the company, and an example of this might be the case of a bank robbery, where an employee passes information about the security of the bank to a third party who then uses it to commit a crime (Asfahl, C. and Rieske, D. (2009) p. 142; Bogardus, A. (2004) p. 120). Thus, it may be argued that the relationship of the crime to any employee is critical to any assessment of how problematic that crime may be since the location of the perpetrator of a crime as internal or external to the company affects the ability to predict the possibility of crime. It is suggested that crimes that are committed by or by using internal employees are more problematic to the security manager. This is because internal employees know the "ins and outs" of a company, in terms of their computer and physical security (Coombs, W. (2008) p. 264; Gill, M. (2006) p. 42-45). This makes any crimes that they may commit less detectable, and it makes it easier for the vulnerabilities of a given company to be identified. This may be illustrated through the following example.
Consider the case of a shop robbed by two different parties - one an opportunistic thief who simply walks into the shop and demands that the till be emptied, and the other case a thief who is working in consort with an employee of the business. The former actor will take many more chances by comparison to the latter. The opportunistic thief may not be sure how much money is in the till, when they walk on the premises (Mathis, R. and Jackson, J. (2007) p. 478; Small, M. and Burgess, R. (2004) p. 21). On the other hand the thief working in consort with an employee can plan their robbery better, if they know basic things such as what time of the day the till is cashed up, with the funds counted and brought to the bank. Thus, it may be argued that crimes involving employees are much more problematic for the security manager than those that involve opportunistic actors, who commit crimes in a manner that does not involve access to the information that an employee would have. On this basis it may be possible to argue that different categories of crimes such as white collar crime, and theft represent a much greater risk to the company where they are committed by employees, as opposed to external actors (Hopwood, D. and Thompson, S. (2006) p. 95; Kovacich, G. and Halibozeki, E. (2003) p. 242).
Crimes may be seen as predicable, and less predictable and it is suggested that those crimes that are more predicable are less problematic for a security manager. It may be argued that crimes whose perpetrators are external to the company are more predictable. Thus these crimes are more easy to prevent, and the prevention process costs the company less (Mathis, R. and Jackson, J. (2007) p. 478; Small, M. and Burgess, R. (2004) p. 21).
Consider the case of robbery, burglary and crimes of expression such as vandalism. It is important to point out that these crimes are rare. These crimes may be committed by persons associated with the company, but it is suggested that it is more often the case that these crimes are random crimes, perpetrated by opportunistic parties, such as drunken revellers on the way home from a night out. Most workplaces have a physical premises, and it is easy to deduce that a way of preventing damage to these premises is to make access to the premises more difficult (Coombs, W. (2008) p. 264; Gill, M. (2006) p. 42-45). This will for example protect the premises from random and or targeted acts of vandalism, or criminal damage. Deterrents may also be set in place to deter these types of crimes. Thus, the use of security cameras for example can cause opportunistic prospective vandals to cause damage to other premises that are less well monitored (Mathis, R. and Jackson, J. (2007) p. 478; Small, M. and Burgess, R. (2004) p. 21). The use of movement activated lighting is also a good deterrent, and this may be seen as a good general solution to these types of crimes, since naturally criminal vandals are much less likely to be attracted to premises that are well -lit, since this may increase the chance that security cameras can capture identifiable images of them. Thus, it may be argued that crimes that are predicable are less problematic for the security manager. This is because these crimes can be deterred by using simple measures such as security cameras (Hopwood, D. and Thompson, S. (2006) p. 95; Kovacich, G. and Halibozeki, E. (2003) p. 242).
Crimes may be considered in terms of how they can be committed, and this is another factor that a security manager may take account of in considering which types of crimes are more or less problematic. Some crimes can only be committed in one manner, and at the other end of the spectrum are crimes that are more complex (Hopwood, D. and Thompson, S. (2006) p. 95; Kovacich, G. and Halibozeki, E. (2003) p. 242). Examples of crimes that may only be committed in one singular manner are vandalism, and robbery. Vandalism will typically involve damage to the physical premises of the company, and will involve a party accessing the premises and doing some form of damage, whereas robbery can involve parties physically removing resources from a company.
At the other end of the spectrum are cases involving fraud. Fraud is an incredibly complex crime, and it is suggested that it can occur in several different ways (Mathis, R. and Jackson, J. (2007) p. 478; Small, M. and Burgess, R. (2004) p. 21). It is also the case that whereas two different incidences of vandalism may share many of the same features, though remain unrelated, this is not necessarily the case in relation to fraud which can occur in so many different ways and involve elements of deception (Coombs, W. (2008) p. 264; Gill, M. (2006) p. 42-45).
Crimes in the workplace may also be classified from the perspective of response that a particular crime may demand. Crimes that are more problematic, it is suggested demand a more complex and more nuanced response (Hopwood, D. and Thompson, S. (2006) p. 95; Kovacich, G. and Halibozeki, E. (2003) p. 242). Thus, it is possible to classify crimes in terms of how problematic they are, according to the response that a given crime demands.
This may be illustrated by considering possible offences under the Data Protection Act 1998 in the workplace. Employers may have cause to consider that employees' confidentiality needs to be protected, since these employees may be working on computers. Imagine that the organisation concerned runs their IT system from a server that is unsecure, and does not have a password protection facility. In such circumstances, it is incredibly easy for DPA offences to be committed by other users of the system, since there is a high level of accessibility to individual email accounts, and data. A simple way to combat this is to secure the server, and introduce a password protection facility for users of the IT system. This is a fairly standard action, and as such the response that is required to prevent this type of DPA crime may be seen as less onerous than actions that might be required to combat other types of crimes. As such, cybercrime associated with the DPA may be seen as less problematic for the security manager (Coombs, W. (2008) p. 264). Now consider the case of a payroll, and purchasing system in a multi-national retailer, where many different users have the capacity to log in and use the system. The response that may be necessary to secure such a system is much more onerous, and this makes the possibility of fraud prevention, it is suggested a much more problematic task. As such, fraud on a payroll system may be seen as relatively problematic from the point of view of a security manager given the level of difficulty there is in overseeing the correct use of the system (Hopwood, D. and Thompson, S. (2006) p. 95; Kovacich, G. and Halibozeki, E. (2003) p. 242).
Using these criteria of the location of the perpetrator of the crime, the level of complexity of the crime, the way in which it is necessary or possible to respond to a crime and the question of how predictable any crime may be, it is possible to argue that fraud, cybercrime, white collar crime and dishonesty are all more problematic for the security manager as opposed to crimes such as vandalism, or burglary. This is because, it is less difficult to physically exclude potential perpetrators of vandalism and thus prevent the commission of these types of crime, than it is to exclude potential perpetrators of fraud, white collar crime and cybercrime (Hopwood, D. and Thompson, S. (2006) p. 95; Kovacich, G. and Halibozeki, E. (2003) p. 242). The latter types of crime often require a level of familiarity with the internal processes of the company, and so require for example computer passwords, and access keys. It is also the case that these types of crimes, due to these characteristics are more frequently committed by employees, given that their commission often requires access to internal systems, information or both.
It is suggested that fraud, cybercrime, white collar crime and dishonesty are all crimes that follow complex patterns, where similar crimes tend not to be repeated twice, in the same way. This pattern may be distinguished from crimes such as burglary, and vandalism for example, since the spectrum of how these crimes may be committed is more limited, and as such there is only a limited number of variations in which these crimes may be committed (Hopwood, D. and Thompson, S. (2006) p. 95; Kovacich, G. and Halibozeki, E. (2003) p. 242). As such it may be argued that the task of the security manager, in responding to, and attempting to prevent crimes such as fraud, cybercrime, white collar crime and dishonesty is a more difficult one, given the fact that these crimes tend to be characterised by complex patterns, intentions and motivations (Mathis, R. and Jackson, J. (2007) p. 478; Small, M. and Burgess, R. (2004) p. 21). It may be argued therefore that fraud, cybercrime, white collar crime and dishonesty are less predictable and this means that they are probably more difficult to respond to from the point of view of a security manager.
Turning to the consideration of the response to a crime, it may be argued that again fraud, cybercrime, white collar crime and dishonesty all require complex responses to prevent or identify them, and as such may be distinguished from crimes such as vandalism which requires a less complex response in terms of prevention and identification.
It is of course necessary to point out that no organisation, and no organisation's experience of crime is the same. As such, it must be pointed out that the work of a security manager, within these different organisations may be entirely different and entirely dependent on the structure, size and function of a given organisation.
Additionally, organisations with more resources may find particular types of crimes more easy to detect and prevent, because investment in particular equipment or personnel is possible. Again police issued advice on this issue is as follows: "Most thieves look for opportunities to test the security of workplaces. Incorporate some of these crime prevention tips into your opening, operating, and closing procedures: Have someone available to greet anyone who enters the workplace to ensure they are there for a legitimate reason; Suggest to employees not to prop open or leave unlocked; Outer security doors, Delivery doors, Stairwell doors (This can prevent suspicious individuals from entering your workplace unnoticed and undetected.); Lock all offices, conference rooms, or storage rooms that are regularly unoccupied; Ensure that all doors and windows are locked properly and any security alarms or devices are activated prior to leaving your workplace for the day; Start an "Office Watch" program in your workplace. The guidelines are similar to Neighborhood Watch and can aid in detection and alerting others of unauthorized visitors or potential criminal activity in your workplaceâ€¦. www.norfolk.gov".
So, take the case of a small retailer employing one person, as compared with a larger retailer employing dozens. In the latter organisation, it is suggested that it may be easier to identify fraud as the organisation may be able to afford to employ internal personnel to check for and identify this. The smaller organisation may be seen as more dependent on the honesty of the single member of staff, and as such the organisation may be more vulnerable to crime, making crime prevention harder and thus making possible crime affecting that organisation more problematic.
This essay has considered the role of the security manager in identifying and classifying different types of crimes in terms of how problematic they are from the point of view of a security manager. The essay has considered the reasons why security is important in business and other types of organisations, and has argued that the role of a security manager is becoming more and more important as businesses and other organisations rely more and more on IT and technology to function.
The essay has argued that this is a complex and subjective matter, and as such it may be argued that different organisations and different security managers may interpret the idea of a "problem" differently. In making this assessment, it has been argued that the resources, and size of an organisation will have an important impact on how problematic crimes may be seen to be, and also these factors may be seen to be determinative of the scale that a given "problem" may manifest for any given actor (Brooksbank, D. Wilson, J. and Oliver, E. (1999) p. 13).
The essay has argued, that in spite of these constraints it is still possible to distinguish between different crimes in terms of how "problematic" they are. This is because the different crimes that have been cited exhibit some generic characteristics that facilitate some level of classification. As such it has been argued that the crimes cited may be classified in terms of the response that they demand; how they may be committed; how predicable they are, and the relationship of the criminal perpetrator of a crime to employees of a given company.
Using this system of classification, the writer has concluded that a security manager might, in more cases than not argue that fraud, cybercrime, white collar crime and dishonesty are the most problematic crimes, as opposed to crimes such as vandalism, burglary or robbery for example. It has been argued that this is the case for several reasons. Some of the main reasons that have been identified is the fact that these types of crimes tend to follow more complex patterns in terms of motivation, intention and actual implementation (Brooksbank, D. Wilson, J. and Oliver, E. (1999) p. 13). Moreover these types of crimes often involve internal employees, and internal employees are arguably more difficult to supervise than external actors who may be excluded from the organisation using more exclusive security means such as security doors, cameras, firewalls, encryption or password protection facilities. It may also be argued that fraud, cybercrime, white collar crime and dishonesty crimes require a more complex response (Hopwood, D. and Thompson, S. (2006) p. 95; Kovacich, G. and Halibozeki, E. (2003) p. 242), and as such may be regarded as more problematic. Prevention of fraud, cybercrime, white collar crime and dishonesty is thus more problematic in terms of how onerous it is, and as such it may be argued that fraud, cybercrime, white collar crime and dishonesty would be seen as more problematic for the security manager.
It must be noted however that no system is classification is full-proof, and the one presented in this essay must acknowledge this as a possible limitation. It is the case that different organisations have different expectations in terms of security, and thus ultimately the manifestation of an issue as a "problem" will vary in line with these factors .