At the Frontline: Securing the Hearst Corporation

Aug. 12, 2008
How Ted Lotti keeps one of the world's largest media companies secure

Keeping the facilities and staff of one of the world's largest media corporations safe is a job that requires a wealth of experience in dealing with multiple types of security issues.

The recently opened 47-story Hearst Tower in downtown New York City, not only houses the publishers and editors of many of the Hearst Corporations publications, it also plays host to celebrities and politicians, who regularly visit the company's headquarters. Among the high-profile media properties that the company owns are the Houston Chronicle, the San Francisco Chronicle, Good Housekeeping magazine, Popular Mechanics magazine, the Oprah Magazine, A&E Networks, and ESPN.

One of the people responsible for taking on these security challenges and ensuring the safety of the thousands of people who occupy the Tower at a given time is Ted Lotti.

A 26-year veteran of the New York Police Department and former commanding officer of the Queens County District Attorney’s Office, Lotti joined Hearst as their Deputy Director of Corporate Security in June of 2006, several months before the company’s newly renovated headquarters opened.

In this "At the Frontline" Interview, Lotti shares his insights on high-rise security and how he keeps the staff and facilities of the Hearst Corporation safe.

How do you utilize access controls and keep track of people coming in and out of your entrance and exit points at Hearst Tower?

Every entrance into the building is access controlled. So you either have to have an (access) card to get in or you have to be checked into our visitor register program or announced. To access every floor in the building, 44 floors, you to have a card and you have to be authorized. We can monitor in real time, any floor, any person that I want [to find out] where they are in the building.

In a building the size of Hearst Tower, what goes into evacuation planning in case of a fire or terror attack?

A lot! We had to submit our EAP (Emergency Action Plans) plans with the fire department. We’re very lucky that we have Tishman Speyer as our property management company. With their vast experience at Rockefeller Center and all their other properties, they were a great help putting together the EAP plan. Every building has to submit to the fire department and get pre-approved just for that. We even sat down and put a whole plan together just in case there’s a blackout for the summer, which has happened before. It is not an emergency situation, but you still have to evacuate the people out of the building without elevators and worry about their medical conditions [in regards to them] walking down the stairs in the heat.

What steps have you taken to harden Hearst Tower against potential terror attacks?

We do have (bollards) at the front entrance of the building. The glass is tempered glass to begin with because that is the structure of the building. But otherwise we just depend on our security program, the officers and the equipment that we have.

How do you handle issuing access cards for employees at Hearst Tower and other facilities?

Just in New York alone we have five office buildings and what we did is set them all up on the same system so that from the central command center here in the Hearst Tower. I can authorize an employee’s card to be used at any one of our facilities and I can still monitor it right from the central station.

What kind of challenges are involved in bringing in a private security firm like AlliedBarton on board, which you did when Hearst Tower opened, and how do you get their officers in sync with your security program?

We were fortunate in that when AlliedBarton [inked a deal with Hearst] it was the first time Hearst had contracted a security company for the new building. The reason they picked AlliedBarton was because of their training abilities; it’s a big company with plenty of resources and support if needed. Since we were starting out new, I was fortunate enough to select the staff from the beginning, not like the usual where they go take over a security contract and half the officers are already there. Out of 43 (officers) in last two years, we’ve probably just had four that have moved on. Half of them are either going to college or have college degrees; I have one going to law school, I have one with a master’s; two went onto law enforcement. I believe you treat them well with respect and benefits and in return you get good work. We pay them above the industry standards, and we treat them as part of the corporation itself. Hearst is a family-owned organization and they’re a part of the family and in return they do a great job.

With so many threats company faced by companies today via the Web, how do your physical security and IT security departments interface with one another?

We have an internal IT security desk. Part of the IT staff is just dedicated for security because of production of the magazines; a lot of the magazines are going on the Internet now so they’re very weary of sabotage and hacking. I know they’re always up to date and on top of all the latest threats on the Internet.

Since the anthrax mail scare in late 2001 that targeted several politicians and media outlets, how has mailroom security changed and what types of technologies have been implemented to reduce the chances that someone could be hurt as a result of a similar type attack?

We have an intake room now that sorts everything out. We have an X-ray machine so that we have the ability to, if necessary, to check it. But the biggest thing is that we do have a screening room. Everything goes through the screening room first before it’s distributed in the building. If there is anything suspicious, we are notified and evaluate it, and of course with anything suspicious our first response is to call police.

How do you handle the various types of threats that Hearst editors and reports receive, as well as those directed specifically at Hearst Tower or any of the company's other facilities?

We try to identify where the threat came from first of all and assess the threat level. The publishers and the editors do get numerous threats via voice mail, via Internet, via letters -- and without sending off alarms or sirens we identify where the threat came from and then we assess it and take appropriate action. There are people out there just venting and just have nothing better to do. Popular Mechanics magazine that wrote a whole book which counters the theory from the group that believes the government setup the 9/11 attacks. So Popular Mechanics wrote a whole book arguing their points, and the group protested against Popular Mechanics and they’ve been getting threats on that. So we just monitor where they’re coming from.

How has the role and perception of security at corporations changed over the last 10 years?

[A company's views on security] change with everything that’s out there that presents a challenge. Security personnel have to be better trained, and much more aware of both physical presence and the damage someone can do on the Internet. Hacking and internet security programs are just as vital as being prepared to stop someone walking through the front door. So you just have to be prepared for all the different challenges that are out there.