Security Trends: One Step Ahead
By Jillian Ruffino
Published in the August 2006 issue of Today’s Facility Manager
In many ways, a facility manager is like a parent. Instead of shouldering the responsibility for a few lives, however, he or she is responsible for the safety and well being of every person within a facility. There are several areas of facility management where, if mistakes are made, someone could get injured—or worse. Nowhere is this statement more accurate than in the field of security.
The days of living in denial of the potential dangers that can affect buildings are long gone. The devastating attacks on 9/11, subsequent threats to the country, and strikes on its allies overseas have disabused the nation of any idea that it is impregnable.
Alongside relatively new fears of terrorist attacks, facility professionals must also continue to get updated and remain stalwart against the usual suspects. As Jon D. Groussman, president and COO of Naples, FL-based CAP Index, Inc., explains, “It’s important to remember that the most pressing security issue today is protecting tenants, employees, and visitors from traditional crimes against persons and property, including larceny, assault, robbery, and burglary.”
According to the U.S. Department of Labor’s Bureau of Labor Statistics, from 1999 through 2004, 14% of fatal occupational injuries were caused by assaults or violent acts, 10% were homicides, 7% shootings, and 1% stabbings. (Data excludes statistics related to 9/11.) These numbers mean that 35% of work related fatalities were caused by violence in the workplace.
Theft is another common occurrence. As Brian J. Andrew, president and CTO of Brijot Imaging Systems, Inc., headquartered in Orlando, FL, says, “The second issue is people removing unauthorized items from facilities, whether they are stealing manufactured goods or merchandise, or employee or company property. The biggest threat here isn’t burglars or other external thieves, but company employees themselves.”
The consequences for theft of this kind are expensive and time consuming. Andrew continues, “American businesses spend billions each year on such incidents, including crisis management, worker compensation, damaged property, lost productivity, and employee turnover.” He maintains that facilities cannot afford inadequate security measures.
The Gap In Security
One of the latest major security breaches to make the headlines combined a failure in two crucial areas: physical and electronic safeguards. According to a statement from the Department of Veterans Affairs (VA), “The VA has recently learned that an employee, a data analyst, took home electronic data from the VA, which he was not authorized to do. This data contained identifying information, including names, social security numbers, and dates of birth for up to 26.5 million veterans… The employee’s home was burglarized, and this data was stolen.”
Fortunately, this robbery was part of a series of break-ins in the employee’s neighborhood and was not targeted at stealing this precious information. It does, however, illuminate the latest issue in security—the convergence of physical and electronic security.
The breach at the VA illustrated a potentially catastrophic deficiency in both areas. This employee should not have been able to leave the VA facility with unauthorized items in his possession. Perhaps this was never properly communicated to the facility manager or security coordinator by the technologist responsible for the information. After it was stolen, the confidential, electronic data for millions of people was compromised.
Physical security encompasses measures that prevent aggressors from gaining entrance to a facility, including all access control procedures. It can also prevent building occupants from exiting the facility with sensitive materials or stolen goods. Electronic security makes the contents of a message or file unintelligible to anyone not authorized to read it.
These divergent types of security are strengthened when they work in conjunction with one another. Steve Birkmeier, director of marketing for Arteco Vision Systems, based out of St. Louis, MO, observes, “More and more, different types of security solutions, including fire, video surveillance, and access control, are operating on the building’s IT infrastructure. Understanding concepts like bandwidth and file size, for example, will help facility managers make clearer decisions when it comes to the selection process.”
Mark Visbal, director of research and technology for Alexandria, VA-based Security Industry Association, adds, “The issues of electronic physical security/IT convergence and systems integration are the two most pressing issues today. The ability to share infrastructure and data, as well as the reduction in labor to supply multiple systems, are driving these efforts. Equally important is the increased security gained for IT assets through the linking of physical and electronic access control.”
In order to unite these areas of security, facility managers must work closely with information technologists. Groussman says, “It is imperative that facility management professionals learn to incorporate a holistic approach to security management.”
When it comes to security, today’s facility managers need cooperation from Information Technologists (IT). Jay Vaitkus, global product and market manager for Indianapolis, IN-based Stanley Security Solutions, remarks, “The modern facility manager will more and more be relying on the IT professional to supply, protect, and maintain the computers and networks used to stream, defend, and manipulate the digital information we rely on every day.”
IT and facility professionals are very different creatures, so it is important for both to have complete comprehension of their mutual goal. “The integration of physical and electronic security measures in virtually any facility requires significant cooperation and planning by facility management professionals and IT,” says Groussman. “Typically, these professionals have very different backgrounds, skill sets, responsibilities, and overall mission as they relate to the company.”
His recommendation? “It is often helpful to have both groups meet with a representative group of ‘end users’ who can help shape the plan.” He believes that a ‘safety mindset’ must develop among all occupants of a building.
Andrew concurs: “People too often assume they are secure when they are not. We call this ‘steam on the bridge.’ Why would a spaceship’s bridge suddenly become enveloped with steam after it lands? Security in the movies and TV is like that steam; those devices and capabilities showcased on even some of our more realistic media don’t exist, but people still buy into the idea that they do.”
Andrew’s point may not be relevant for long. With the convergence of all security systems into one streamlined, efficient operation, those elements of security that seem futuristic today could soon be a reality.
To join these two somewhat disparate but ultimately linked areas of security, it is also useful to bring in an outside party who will be able to assess the facility’s needs clearly. It can be easy for both parties to lose sight of the big picture when managing the finer points of daily operation. Vaitkus recommends that facility professionals “contact an integrator who can perform a security and risk assessment for the facility. An experienced integration firm or consultant is instrumental to help design a solution.”
Visbal takes this approach one step further. He says, “From the results of the risk analysis, a risk mitigation plan should be developed. This plan will include a blueprint for securing the premises and will include physical and electronic security measures targeted at the unique requirements of the premises.”
Facility professionals and IT need the ability to create risk management programs in order to respond to constantly evolving threats. Visbal continues, “There are software programs commercially available to help in this critical task. The degree of risk mitigation is calculated by many of these programs. Having this level of documentation also allows the tenant or owner to approach the insurer for discounts based on the assessment and mitigation plan.”
Insurance rates and liability are critical issues when it comes to security. Without an adequate plan, the price of insuring a facility can escalate. When incidents do occur, the expense can be excessive. Joseph Ricci, executive director of Alexandria, VA-based National Association of Security Companies (NASCO), comments, “Increased regulation and emerging liability will force corporations, through their facility managers, to develop more cost effective security measures to protect tenants and assets.” These precautions, including hiring an assessment specialist or using risk management software, should alleviate losses.
Facility managers must also have a clear and open dialogue with IT. Groussman explains, “The technical side of IT must understand the purpose and operational feasibility of a particular security measure. They must consider how it will endure over time and with any unforeseen changes that could occur. Will the technology adapt?” All of these factors must be properly communicated between the facility professional and IT.
New Technology: Pushing Integration Forward
Working with IT should not preclude management from developing a close understanding of the security systems in his or her building. The facility professional must be ready to learn about new technologies and remain up to date with the forces that are shaping security today.
Visbal’s guidance includes this message: “The facility manager that has security as part of his purview will be required to expand his (or her) knowledge base to include a much more sophisticated understanding of developing technology, including its applications, limitations, integration, and deployment.”
As facility professionals and IT work together, it may become increasingly clear that better technology, not extra people, strengthens security. Andrew advises, “I think the best thing any facility manager can do is invest in building technology instead of simply increasing budgets for additional security staff. Capital spent on new technologies that operate independent of personnel or with minimal operator intervention saves money in the long run by reducing the time and expense required to employ and train the staff needed to secure all building areas.”
End users need to push for companies to stay up to date with new threats and respond with progressive tools. Integration will not occur if the equipment is not there to support the process. “What is needed now to expedite the future is for facility managers to push manufacturers and vendors to allow this easy automation and integration to happen sooner rather than later,” says Andrew. “The new automated systems that are needed will track, identify, and isolate suspicious persons without ever putting personnel or bystanders in harm’s way and without requiring constant manpower on the ground.”
New cameras that can detect bombs and concealed weapons not only eliminate the need for live security guards, but can perform functions a human cannot—at least not without invading an individual’s personal privacy. These systems prevent visitors or employees from bringing something dangerous into the facility or taking out valuable or sensitive materials. “Security is becoming much more proactive rather than reactive because of technology,” observes Birkmeier. “We will continue to see a decrease in the time between when a security event happens and when the perpetrator is apprehended.”
Taking advantage of these innovations is important. Ricci notes, “Biometrics, especially hand geometry readers, will continue to be integrated in access control, time, and attendance systems. Further integration between building systems, human resources, and IT access will continue to develop. The role of the security officer will have to evolve to serve the emerging technology applications.”
This new technology will also make life easier for facility managers. Vaitkus foresees, “For access control, we are seeing a shift to more user friendly interfaces and the ability to access information from remote locations.” He also says, “Nobody has the staff to stare at video monitors or search through hours of video to find a key event. We are talking about video that includes fence line detection, detection of objects of interest, objects that speed up and slow down, and objects that are left behind or are removed.”
The Next Step
Security will continue to grow and change in the coming years. Experts agree that this field is in a period of unprecedented expansion.
Visbal says, “All aspects of security are experiencing rapid development. This trend will continue on a global scale for decades to come. Because this field is developing so quickly, the facility manager entrusted with this function will have to dedicate an increasing amount of time and resources to understanding and implementing security solutions on a premises-wide basis.”
Vaitkus agrees: “Five years ago, it was almost unheard of to have cameras monitoring public drinking water reservoirs. Now deployments are going on all over the country. The same thing is happening for cameras set up down the interstate systems. We are now monitoring buses, trains, and aircraft.”
Andrew predicts, “In the future, we will see fully automated, fully integrated systems. You can expect all of your security products to be IP-enabled, with disparate devices connecting together to form a comprehensive system. Your computer will not just manage electronic security, but physical security as well.”
When the proper actions are taken, and security is carefully planned, the integration of physical and electronic measures will create buildings that are safer for every occupant. This bodes well for facility managers who, like most parents, hope to get a little sleep at night.
This article was based on interviews with Andrew, Birkmeier, Groussman, Ricci, Vaitkus, and Visbal.
Other posts by