Security Assessments

When asking for redacted sample assessment reports, please note that we have a policy against providing these. This is because our approach is so heavily tailored to the individual company that it might be possible to identify an organisation or location even with identifiers removed. Out of respect for our customers we will not share reports even when heavily redacted. We are happy to share our reporting template, which provides our methodology and the areas we consider for all our customers.

Those who have seen our security assessment reports comment on the level of detail and consideration given. We do not just box-tick. We start with an open source intelligence search and this informs how we approach a job. There will always be mandatory sections to be completed in a report but we will also talk to local businesses and people to get a feel for the area, look at crime statistics and highlight any specific threats or hazards by searching government registers. We ensure that, when looking at our summary of recommendations, you can refer back to the report and see the entire analysis and reasoning process. Our purpose is not to tell you how to spend all your money, but to provide options and rationale so you can consider how best to spend your money. We appreciate security is one of many competing aspects of your business and we will always attempt to provide a range of options so you can prioritise and balance the various risks to your business.

Because we understand how common bypasses or attacks are performed, we can advise on ways to mitigate the risk of these without necessarily replacing expensive hardware. For example, the under door tool has been around for decades as a way of covertly entering hotel rooms and offices. The expense
of retrofitting replacement hardware is such that the vulnerability still exists. With a little understanding, the addition of a cheap piece of plastic in the correct location will make under (and over) door attacks nearly impossible. It just needs someone familiar with the attack to advise your estates team.

We keep an eye out for methods of entry which are becoming popularised on YouTube, or formerly specialist tools which are becoming cheap on Amazon, of which the under door tool is a perfect example. This is mostly to facilitate accurate threat modelling for our specialist services, understanding which techniques previously only known to government-types are now readily accessible to all.

The sharing of information online is impossible to control, which we believe to be a Good Thing in the main. For us, it allows us to keep up with trends and techniques that might have been exchanged behind closed doors in times gone by. We have also seen how ChatGPT and other AIs are being used by criminality. Efforts to censor these systems are constantly ongoing, but so are efforts to bypass such censorship. We run our own, locally held, AI models to help us assess what information a criminal might be able to extract from an AI, but without disclosing sensitive information over the internet.

Destructive methods of entry are usually comprehensively covered by a physical security hardware  provider. Newly installed systems are usually very robust. What tends to happen over time is that systems which worked perfectly to start with come up against maintenance issues and become subject to the most enduring type of repair; the temporary fix. This can lead to locks with incorrectly sized cylinders which are just begging to be snapped. Latches or their strike plates may be replaced, making them easily slipped with a screwdriver. Or, fire exits have weather stripping replaced and are no longer secure from double door tool attacks. The advent of cheap, high-power battery tools has also meant that certain systems which were robust are now no longer capable of providing the deterrent or delay they once did. Revolving doors and window bars are examples of this.

Just a simple change in operations can mean your security no longer works as the installer intended and the overall efficacy is undermined.

You may have paid thousands for your security but undermine it in ways that displease your insurance company in the event of a claim or even put your staff or customers at risk, breaching your duty of care.

These gates likely cost thousands, coming from a different budget than the padlock, which has clearly rusted beyond use. This model likely has a plastic core, could be cut with tiny bolt cutters, and has no business being near anything that requires securing with 10ft high fencing. The hardest way to unlock this gate is with the key, potentially causing other issues if part of an emergency egress plan.

Whilst you can get security assessments for free, these companies make their money by selling you the hardware to mitigate the issues. There is absolutely a place for this, and we know a couple of excellent companies we would be happy to direct you towards if they fit your needs. The best part about these companies is that they will know intimately the capabilities, quirks and so on of their hardware and the people doing the assessment will likely be involved in installation. The main downside is they are funded by their conversion to sales of the hardware their company can provide and may have bonuses or other incentives to move specific products.

Styx Security makes its money directly from the assessment, by suggesting cost-effective solutions to issues rather than replacement hardware wherever we can. We do not do the work ourselves, that’s for your preferred contractor or estates department to do, but we are happy to identify how we would access an area, educate on the techniques and pass on tips or modifications that would make our lives harder or negate the vulnerability entirely. We will not suggest replacing all your door handles at huge cost if we can suggest a shroud or something simple.

Home