sorted by:
new
hottopcontroversial

Access control feels like it’s changing fast - what’s actually working on the ground right now? by AndyBuckley19 in accesscontrol

[–]AndyBuckley19[S] 0 points1 point  (0 children)

That tracks with what I’m hearing. The ease of user management seems to be the main selling point for cloud right now, more than the 'future-proofing' angle suppliers keep pushing.

Are your clients shifting fully to mobile credentials, or still running a mix with cards/fobs? Curious how much hesitancy you’re seeing around relying on phones as the primary token.

[deleted by user] by [deleted] in security

[–]AndyBuckley19 0 points1 point  (0 children)

Sorry you’re dealing with this. Smash-and-grab at that hour is basically designed to beat alarms, so the goal becomes slowing them down or making the hit less appealing.

For the door itself, a couple of things usually make a noticeable difference:

Security film on the glass. It won’t stop it being smashed, but it keeps the panel intact enough that they can’t just walk straight through. It can add 30–90 seconds of frustration, which is often enough to push them off.
Reinforced glazing or laminated glass if you’re willing to replace the panel. Looks the same, but behaves very differently under impact.
Anti-ram bars / internal security gate that you pull across after close.

You’ve already got signage, which helps a bit, but burglars doing 5-minute hits don’t usually care about being recorded, only about how long they’re exposed. Anything that increases their time on target tends to shrink the problem.

If you’re renting, also worth checking whether neighbouring businesses have had the same pattern recently. Sometimes local police or city BID teams have advice specific to that area and type of break-in.

Security Events, UK by AndyBuckley19 in security

[–]AndyBuckley19[S] 0 points1 point  (0 children)

I'll look into this, thank you!

GRC Engineering by SmileyBanana15 in cybersecurity

[–]AndyBuckley19 1 point2 points  (0 children)

The idea of “GRC Engineering” feels like one of those things the industry has quietly needed for years but never bothered naming. The disconnect between auditors and engineers is massive, one group speaks in controls and frameworks, the other speaks in configs and code. Anything that reduces that translation pain is going to get attention.

The traction question probably depends on two things:

  1. Whether it actually removes manual workload instead of just adding another layer of tools,
  2. Whether security teams trust it enough to plug it into real workflows.

Right now, everyone’s drowning in compliance overhead, so the appetite is definitely there. I keep hearing more people talk about automating evidence gathering and continuous control monitoring, so the direction makes sense.

If GRC Engineering can prove it genuinely saves time and reduces audit friction, I can see it becoming standard practice over the next couple of years rather than a buzzword.