The Cannabis industry in Michigan is expected to reach $1.5 Billion! That is a lot of money and unfortunately many businesses have nowhere to put it. Most banks are FDIC insured which ensures normal customers are covered by the federal government up to $100,000. However, because of the legal status of cannabis in the United States most banks won’t accept money from these businesses, so many are forced to go to specialty banks with high fees or store the cash in some other manner. Because of this most transactions are made in cash.

               The SAFE Banking Act which was introduced to The House Financial Services Committee would be a giant leap for these businesses constantly concerned about the security of their profits. It aims to remove the prohibition of cannabis as a form of money laundering which in turn allows income from those businesses to be deposited VIA a traditional bank and FDIC insured.

               While cash is a big concern product and mature plants are also targeted by thieves. A mature plant could be worth upwards of $1000.00 each depending on cultivation methods and strain. Class A growers in Michigan are the smallest operations and are allowed up to 500 plants even at a lower value that is a huge loss, whereas processors and provisioning centers have various values based on individual products.

               In the meantime, it is important for cannabusiness to properly secure their operating income. At a minimum a timed drop safe that is properly secured to the floor should be used for excess cash. All tills should be locked until a transaction is made. A camera system should be in place to view transaction as well as entrances and exits to the building. I recommend also including a hold-up/panic button at each point-of sale location and in the business office.

               Greenhouses and other cultivation operations can be a huge target for internal theft and shrinkage. It is important to monitor the cultivation area thoroughly to mitigate the loss of buds, seed, and plants. Best practices for these environments is to required workers to wear uniforms without pockets and to provide a proper camera system. Any bags carried into the area should be checked before employees or visitors leave. Secure all exit doors from the outside by removing hardware and monitor them.

               Several robberies occur after-hours when no one is in the building. Protection of property at night can be done using exterior cameras, a well-lit parking lot and building entrances, and sturdy locking hardware. If it’s a new build minimize the number of windows or install 3M safety film to delay an attacker from getting inside while simultaneously alarming once the threat is detected.

               If your cannabusiness needs to meet state security compliance or you are looking for a review/audit of your existing system, please contact me and I would be glad to assist you.

Great tools when in good hands

Recreational drone usage has increased dramatically over the past 5 years due to less expensive hobby quality quadcopters and even interest in the higher end drones by amateur pilots in the hobby community. In the business world drones are used in many ways such as aerial footage in the film industry, crop monitoring in agriculture, 3-D scanning in the construction industry, and large site surveys in many industries. However, like any other tool their misuse can be disruptive or dangerous.

Illegal Drone Operations at Airports

               Recently several accounts at London’s Gatwick Airport made world news of a quadcopter hovering slightly above the runway blocking planes and delaying flights. On flight lines all debris and other objects must be secured for fear the aircraft engines will suck in the debris and cause damage which could lead to a catastrophic failure of the engine. In this situation a $1300.00 drone caused service disruptions to 120,000 passengers. One European airline Easyjet said the series of drone incidents cost it over £15,000,000 which comes $19,561,000.

Weaponized Hobby Drones

               Terrorists continue to look for new means to attack their targets at home and abroad. In August 2018 President Nicholas Madura of Venezuela was giving a speech at an event to honor the 81st anniversary of the country’s national guard. During the speech two explosive laden drones flew toward his booth thankfully the Venezuela military used radio frequency jamming to ground one of the drones and the other crashed into an apartment building near the event with no injuries to bystanders.

Drone IED's In Modern Combat

               In Iraq ISIS the terrorist organization who rose to prominence after capturing Mosul began using quadcopters against Iraqi, Syrian, and US forces. These hobby quality quadcopters were drones were packed with explosives. During the battle of Mosul it is estimated that ISIS flew over 300 drone missions with this strategy seeing mixed results. This most likely influenced the attacks in Venezuela.

New Regulations For Hobbyists

The United States and Canada have now implemented rules for both recreational and commercial drone pilots requiring them to be licensed with The Federal Aviation Administration in The US or The Ministry of Transportation in Canada. New rules limit drone flying by airspace, speed, time of day, line of site among other requirements. Drones must still respect Temporary Flight Restrictions like private and commercial pilots and yield to all manned aircraft.

Defending Against a Airborne Threat

               Electronic drone defense systems have yet to take the mainstream, but there are products available for anyone looking to defend against drones. High threat and high security environments are great places to use this technology and there are many solutions that may fit your use case, here are a few.

               Shotguns- small facilities with little pedestrian traffic are a great application for this. AMTEC Less Lethal Systems make a 12-gauge shotgun shell The SkyNet Mi5 Anti Drone Shell a fitting name. These shells use a small weighted net housed inside the shell. When fired at a smaller hobby drone like a DJI Phantom or Mavic it raps around the drone and stops its propellers from moving. The drone will then fall to the ground although, still functional it can simply be switched off once it is recovered.

               Anti-drone guns- There are two types, a net launching gun like Droptec’s Netgun and a radio frequency jamming gun such as Droneshield’s Drone Gun. These “guns” are…. The system is man portable and shoulder mounted like a rifle or shotgun. Once pointed at the drone it jams the signal between the operator’s controller be it a cell phone, r/c style controller or other wireless control device. The added benefit here is if the drone is in fact weaponized with a remotely detonated explosive the signal between the detonator and bomb will also be jammed.

               Drone Catchment Systems- SearchSystems a UK based company created a drone called the Sparrowhawk based on DJI’s Matrice which is anti-drone well… drone. It is controlled by a pilot and can chase down most drones with easy and either drop a net on top of them or rap the assailant drone and force it to the ground.

               Regardless of the steps regulatory agencies are taking to limit drone activity in the airspace criminals, terrorists, and other nefarious people will still use these devices to further their goals of disruption, terror, and illegal surveillance. In this new three-dimensional threat environment processes and strategies will have to be adapted for critical assets and business operations to protect personnel, citizens, equipment, and information.

(IoT) The Internet of Things:

Everyday we see more and more IoT devices come on to the market. The Google Home and The Amazon Echo had a great year and a projection by the Forrester Report Forecast shows that by the year 2022 there will be close to 244,000,000 similar smart home devices in American households alone. That is a ton of new devices and many more potential vulnerabilities.

The cool factor:

IoT devices have many functions from the ability to find and play a Netflix show with your voice ( my daughter always hides the remotes) or find a recipe and read it to you as you're cooking. The cool factor and low price tag on most devices make it easy to accept into your home.

Security Holes

In a previous post I spoke about Wi-Fi connected children's toys which are also considered IoT devices. Security vulnerabilities exist in anything that is connected to the internet be it a computer, smartphone, smart home device, or even smart refrigerator. Once security is bypassed it can be controlled just as you would control it and while some devices have very little personal information or control functions Google and Amazon store a lot of personal search data, Consider a device that tracks your location, or a smart home device you can order a pizza from. I know I would be pretty upset if my door bell rang and a delivery person was standing there with 15 pizzas asking for payment or a $2,000 stereo system that was charged to my Paypal account and delivered elsewhere.

Preventive measures:

What can we do to stop it? Unfortunately, if you buy one of these devices it is up to the manufacturer to update there security protocols and push out software to fix the problem.


  • Assess your risk. Do you need a smart refrigerator? If you do can you password protect it? Or use 2-factor identification to confirm ordering groceries online?

  • Read reviews on reputable tech forums such as Cnet or Tech Republic

  • Choose what data the device will see. The more access you allow a device the more information will be vulnerable. Do your online banking on a computer with a Virtual Private Network (VPN) or a secure browser like Avast's secure browser.

  • DO lock your device if you can. If there is an option to password protect, it do it.

  • DO NOT write down your passwords. I see this all of the time in both home and commercial offices where a yellow sticky note is attached to a monitor with the software name, username, and password.

  • DO NOT save your passwords on your machine. I know, I know its hard to remember all of them, certain websites have different password requirements and some even restrict maximum number of characters, but this is not only a cyber security measure its also physical. You don't have to be a hacker or programmer to get into a system that is unlocked and has usernames and passwords saved.

  • If you can't remember a password reset it and create a new one. Use a combinations of letters, numbers, and symbols that meet the requirements and also mean something to you. It can be anything, but it has to be memorable.

  • DO NOT use the same password for everything. This is a major concern. If someone is able to get your password through a vulnerability or physically from a note or book and it happens to be the same password on all of your accounts you can compromise your bank account, medical information, and other deeply secret personal information.

#Security #IoT #InternetofThings #SecurityVulnerability

Contact Us

402 S. Lafayette Ave. Ste 112 Royal Oak, MI 48076

Phone 1.248.368.9640


  • Facebook Social Icon
  • Twitter Social Icon
  • LinkedIn Social Icon

©2017 by Bastion Security Group LLC. Proudly created with