Client’s Challenge: The Company Others Hire to Protect Their Data Seeks to Validate Its Own Data Protection Capabilities
When you’re responsible for protecting and preserving the confidentiality, integrity and availability of your clients’ most valuable information – from intellectual property and critical operational data to irreplaceable high-level top secret information – it’s essential to ensure that security-related best practices are consistent across all the regions of your global footprint.
With that imperative in mind, the Executive Vice President and Chief Security Officer of a major international data center management company asked Hillard Heintze to assess security operations at ten of the company’s facilities in Mexico.
Our Solution: Nine Data Security Site Assessments Across Mexico
Three days later, senior experts from the Hillard Heintze strategic security risk assessment team arrived in Mexico City – and nine other locations in other Mexican states and jurisdictions – and began their intensive review. In line with the client’s wishes, no warning was provided to each facility’s management team until one hour before the arrival of the assessment team.
Through interviews, site inspections and document reviews, the Hillard Heintze security assessors observed, requested and captured a wealth of insights and information on more than 42 capabilities, resources and assets related to the maturity of each facility’s security, emergency preparedness and business continuity practices. In addition to inspecting the sites’ physical locations, the assessment team gathered data on factors such as crime, power outages and weather patterns in the immediate vicinities and gathered further insight, intelligence and guidance from U.S. law enforcement and intelligence representatives posted to each respective city and region.
Impact on the Client: Explicit Guidance on Where Improvements in Data Center Security Are Most Needed
The findings of this assessment provided this global leader with an unvarnished, fact-based, attorney-client-privileged perspective on where the most critical and compelling opportunities to improve security existed at each individual facility. The company is currently in the process of deciding where, when, how and in what order to put these recommendations into effect.
Unplugged: The Project Manager's Post-Engagement Perspective
“This was a highly sensitive engagement. It always is when region-specific differences are at play – across areas such as workforce readiness, process control metrics and standards, and attitudes toward internal policy compliance, among many other domains.
We were on a fact-finding mission. But sometimes we also had to play the role of diplomat – taking measures to avoid leaving a negative impression on the management tier in these facilities about what ‘their American bosses and counterparts’ expected them to achieve in physical and environmental conditions that often varied significantly from those encountered outside Mexico.”