Joe McDonaldJoe McDonald, Chief Security Officer

 

The Networker

 

“If a badge holderbreaches any of our security policies, either purposely or accidently, access is removed and the person is never again granted badge access to our facility. Why? Because this is the level of security our customers require,” explains Joe McDonald, CSO at Switch.

Switch, based in Las Vegas, is a technology company comprised of data centers whose customers need to process data within a facility that has nearly infinite resiliency, capacity and security. 

With responsibility for all aspects of security, which includes infrastructure, information, personnel and physical and additional oversight of Incident Management, McDonald meets customer demands. “Our industry requires a high degree of physical security as a key component to the resiliency efforts of its offering,” he explains. “Security in depth, paralleling concentric circles of physical security, measuring delay, and the value of detection and time to respond is common exercises of the department as are open source intelligence modeling for managing security and a seemingly constant string of audits testing for compliance and analytics of change.”

With the completion of the SuperNAP, a 100 megawatt data center, Switch now has the most powerful in the world. Security is a critical part of the company’s business, marketing, sales pitch and lifeblood. “Our data centers are our tangible assets, as well as Switch’s advanced patented methodologies to manage and operate the centers. Critical risk is a constant and set to evolving requirements of management. Risks are driven, pushed, and realized with increasing criticality and our paradigms shift accordingly. Everything from the protection of intellectual property, the threat to unpatched programs or newly introduced malware, potential environmental or weather event, utility service delivery issues and even the next person who walks into the mantrap – everything effects risk,” shares McDonald.

Perhaps every risk has been assessed at Switch starting with its location. “Las Vegas is void of natural disasters and has great resiliency. “Our command centers are redundant and are designed to withstand everything from a threat through an evolving event,” shares McDonald.

Switch has a total view on risk and resiliency and security is a part of that view. “Switch has considerable well thought-out and developed security protocols, which to some may seem offensive. My goal is to provide for this heightened level of security, without compromise, through layers of customer service that equates to unending vigilance and situational awareness,” he says.

“Switch identifies each prospective entrant, who then receives an hour orientation on our security policies and must ask permission to enter the facility. Some may find this level of security offensive, but our motto is vigilance through customer service. Our security team member is the first and last person our employee, customer or visitor will see each day. And we are old school, requiring officers to address everyone by name, sir or ma’am. We focus on excellent service and security. Our holistic approach has attracted customers and grown the business faster,” notes McDonald.

At the center of the security infrastructure is SECOM. “Though not my intention, security and Security Command became somewhat the face of the company,” he explains. What is common to us is obviously memorable to our guests.  If you were to review articles about Switch, security is often the first part of the article, though not always accurate, it helps set us apart from other data centers.”

Switch has a simple report card for measuring security’s value, “Value is proven by no incidents, by providing constant vigilance, respond to incipit triggers thwarting real events and being ever present with consistent levels of skill, authority and leadership,” says McDonald. “And our CEO expects continued excellence, flexibility, creative proactive approaches, leadership, commitment and performance.”

An avid security professional and ASIS Board of Directors member, McDonald notes what every CEO should know about security with enthusiasm:

•  Require your senior security professional to be certified.

•  There is more risk to poor security than no security.

•  Security requires commitment, involvement and continuous training.

•  Without genuine executive backing, the cost of security doubles.

•  Intelligence and threat analysis are vital operations within security.

•  Cyber security needs to be as common as locks, doors, shredders and NDAs.

As a result, McDonald is in the perfect situation. “I enjoy my CEO; he is a genius with unbelievable talents who has built a phenomenal company.” A staunch networker and believer in certifications (he has three); he recognizes that security leaders need more knowledge than ever before to succeed. “Personal ethics and the ability to communicate to the C-Suite are vitally important for career success,” he shares.

If he were not a CSO, he suspects that he would probably be standing a post protecting something or advising others how to protect.

 

Security Scorecard

•           Revenue/Budget: Confidential

•           Security Budget: Confidential

•           Critical Issues:

            –          New Requirements of FISMA

            –          New Construction

            –             Hiring

 

Security Mission

•           Asset Protection/Loss Prevention

•           Business Continuity

•           Corporate Security

•           Cyber Security/IT Security

•           Disaster Recovery

•           Drug and Alcohol Testing

•           Emergency Management/Crisis Management

•           Intellectual Property

•           Investigations

•           Physical Security/Facilities

•           Regulatory Compliance

•           Workforce/Executive/Personnel Protection