I’ve walked into estates on Palm Beach Island where the security architecture looked expensive and worked like theater. Cameras nobody was watching. Alarms nobody was responding to. A patrol vehicle driving past at random times that a competent adversary would map in a week.
The people paying for it thought they had protection. What they had was decoration.
If you’re reading this and you’re evaluating security for a Palm Beach Island estate, new or replacing what you have, these are the eight questions I’d ask before I’d write a check. Some are obvious. Some aren’t. What matters is the answers.
1. Where is your operations center, physically
Not “where are you based.” Where does the response come from when something happens at three in the morning.
If the answer is Miami or Fort Lauderdale, do the math yourself. During normal traffic, that’s 60 to 75 minutes. During season, with the ongoing federal protective operations around Mar-a-Lago affecting South Ocean Boulevard closures, that number stretches past 90 minutes. During hurricane season with bridge access affected, it stretches further.
Our operations center is 8 minutes from the Royal Park Bridge. That’s not marketing. That’s the reason we can respond to incidents in a window that actually matters.
Ask them where the operations center is. Verify it on a map. Time it yourself.
2. What's your background before this
I spent 12 years in Air Force special operations. Iraq. Built combat search-and-rescue infrastructure for SOF units. Technical rescue specialist. When I transitioned out and looked at civilian executive protection, what I saw was mostly theater — presence without intelligence, optics without outcomes.
That contempt is why HKDS exists.
Ask the person you’re hiring what they did before this. Not what their company did. What they did. If the answer is “20 years in private security,” you’re hiring somebody who learned this business inside the same industry that produced the theater in the first place. If the answer involves special operations, federal protective services, or serious military time, you’re at least talking to someone who knows what the standard is supposed to be.
3. Show me your Florida licensing
Florida requires specific licensing for security operations. Class B for security agencies. Class D for unarmed personnel. Class G for armed personnel. HKDS operates under B 3500148.
The Florida Department of Agriculture and Consumer Services maintains public records. Verification takes two minutes.
Anyone can claim licensing. Verify before you sign anything. This is table stakes.
4. How do you handle staff and vendor vetting
This is where I’ve seen the most exposure and where most standard programs are weakest.
I mentioned the housekeeper who still had the gate code from a staff member fired six months earlier. That’s not an unusual finding. That’s a pattern. The FBI’s IC3 data continues to show that a large share of high-value residential incidents involve someone with legitimate access — a current or former staff member, a vendor, a contractor.
Ask them how they vet. Ask them how they off-board. If their answer is “we do background checks,” push. Everyone does background checks. Ask about the four-tier framework we recommend for principals in this profile. Ask about periodic re-screening. Ask about how they handle vendors whose companies you engage but whose specific personnel rotate.
If they don’t have structured answers, they don’t have a program.
5. How do you integrate with the current Palm Beach environment
The ongoing traffic advisories from the Town of Palm Beach, the enhanced federal security posture following the February breach, the USCG marine security zones when the principal is present — this operational picture isn’t going away, and it changes how estates actually operate.
If the provider you’re talking to can’t tell you specifically how they coordinate with federal protective personnel when the President is at Mar-a-Lago, how they route vendors during the South Ocean Boulevard closure, how their evacuation planning accounts for the current bridge access constraints — they’re operating on 2023 assumptions in a 2026 environment.
6. What's your cyber-physical integration
The threats in 2026 don’t respect the boundary between physical and digital. A phishing attack on your household staff member’s phone produces physical exposure within days. A compromised smart home system produces physical access. Voice cloning against your household manager produces both financial and downstream physical exposure.
Our detailed coverage on the cyber-physical translation gap covers what this actually means operationally.
Providers who only handle physical security have left the digital vector open. Providers who only handle digital have left the physical vector open. Ask specifically how they close the gap.
7. What documentation do you produce
If your board, your family office, your insurance carrier, or your corporate governance ever needs to review your security architecture — what does this provider actually document?
Post-Thompson corporate governance now expects structured threat assessments, documented methodology, and reporting frameworks even for private residential principals. Ask what they produce routinely. Ask for a sanitized example. If they can’t show you anything, they don’t have anything.
8. What's your engagement structure
Are they going to sell you a proposal with a fixed scope and a fixed price, or are they going to talk to you about a standing retainer with variable operational intensity?
The theater providers sell you proposals. Standing retainer with variable intensity is what actually works over time. Threats change. Your travel changes. Your household changes. The security architecture has to move with all of that.
If they can’t structure that kind of engagement, they can’t actually protect you over time. They can just sell you a moment of coverage that expires.
One more thing
I said eight questions. Here’s a ninth I always end with.
Ask them to tell you the last time they told a prospective client “no.” Ask them to tell you about a client they turned down and why.
Real security providers say no. To the wrong client. To the wrong scope. To the wrong risk profile. The providers who take everyone are running businesses, not protection programs.
We take clients where operational alignment matches. When it doesn’t, we tell them, and we recommend where to look next. That’s not a marketing line. That’s how you actually run a protective operation.
Where to Go From Here
Before you engage anyone, us included, start with the Estate Operations & Insider Risk Checklist. It’s the 15-point audit we run on every new principal. Fifteen questions you can answer yourself. It will tell you where you actually stand before any provider tries to tell you where you stand.
If you’re ready for a direct conversation, the security audit page is where that starts. Confidential. No obligation. If we’re not the right fit, I’ll tell you.
For the specific evaluation framework for executive protection engagements, read How to Choose an Executive Protection Company.
I’m John Hamilton. I founded HK Defense Solutions after 12 years in Air Force special operations because civilian executive protection was mostly theater and I wanted to build something that wasn’t. We operate estate security and executive protection across Palm Beach Island and the broader corridor. Licensed Florida Class B (B 3500148), D, and G. Contact us here.