Practices for Smooth Industrial Security Operations

June 10, 2020
Understanding the nature of workplace violence offenders allows for minimum risk mitigation and effective risk management

Several people were killed or wounded, including the suspect, during a shooting at the MillerCoors brewery building in Milwaukee on the afternoon of February 26 this year The incident underscores the fact that the top risk to industrial manufacturing is workplace violence (WPV). Thirty years of risk assessment experience in the industrial manufacturing industry revealed two common shortcomings in the sector: 1) A failure to implement a proper workplace violence prevention and intervention program; and 2) A failure to implement effective physical security measures, especially access control, which is the foundation for any successful security program.

How to Spot a Potential Threat

Understanding the nature of workplace violence offenders allows us to look more specifically at the industrial manufacturing setting and apply minimum security mitigations for effective risk management. There are five types of workplace violence offenders shown in the table below.

The risk assessment is going to reveal which offender categories are most applicable, but let’s deal with the three most common-- the current or former employee (Type 3); the truck driver (Type 2), and domestic issues (Type 4) that may impact the workplace. 

Dealing with potential violence associated with current employees requires effective training, reporting protocols, and a capability to evaluate reports of persons of concern. The key to training is going beyond the one dimensional “red flag” behaviors that have been taught for years but have proven to be insufficient to reliably identify potential offenders. Hundreds of workplace violence deaths each year indicate training needs to improve. We believe training needs to include a three-dimensional approach starting with the recognition of employee baseline behaviors which may include some of these traditional “red flag” behaviors. Since humans are good at detecting changes to baseline behavior, the alarms should sound when employees recognize a change in a coworker’s behavior who also exhibits some of the typical “red flag” indicators. Detecting that change is the time to make a report confidentially or directly to a supervisor of human resources. A report must be made when you combine the “red flag” behaviors with a change in baseline behavior and then add in a life-changing event such as a divorce, arrest, legal difficulties, financial problems, or the loss of a job. 

In the instance of terminating an employee, supervisors should be flagging the convergence of these three conditions so that appropriate planning can be put into effect for the day of the termination and for the weeks and potentially months after. While the details may never be widely known about an employee in Aurora, IL, he suspected he was going to be fired and brought a handgun to his termination meeting. Immediately after he was fired, he shot and killed five coworkers and wounded others. (

Identify and React

Could better planning result in a more controlled set of circumstances in a termination meeting preventing injury and death? We strongly believe so.  Provided that the meeting is managed without incident, what comes next?     

Industrial security strategies that might be considered after a hostile termination or where threats are made by the departing employee might include:

  • Ensuring access credentials are disabled during or immediately after the termination meeting. Confirm that a separated employee has not been issued multiple active credentials (not recommended) and if so, ensure they are all disabled.
  • Communicating the separation to all employees (in a tasteful way) to reduce the risk that the terminated employee will be allowed back into the workplace by an unknowing coworker.
  • Assessing physical security. While periodic testing should already be in place, perimeter doors and security measures should be tested for effectiveness. We recently witnessed a case where an employee was terminated, was escorted from the building, and immediately returned to the workplace to confront a supervisor reentering the building through a defective door that was not closing properly. This occurred in one of the twenty-two states where guns in the parking lot cannot be prohibited, so while it did not end up as an active shooter situation, it was a serious “near hit.”
  • Possessing the ability to quickly deploy an armed capability in situations like this that can emerge without warning. If you do not have a capability under contract, and particularly with a pandemic such as COVID-19, you are not going to be able to get those resources quickly when you need them most. 

Sitting at the Dock on the Bay

Another common weakness in industrial sites and a potential source of workplace violence is the shipping/receiving function. There are a few things to consider here. For facilities with fences and gates, if there is inadequate screening of vehicles entering the secure area, or the person opening the gate does not know if a truck is authorized to enter, anyone arriving at the gate may get admitted, potentially giving them unrestricted access to a facility.

Truck drivers may get angry for a variety of reasons associated with delays in pick up or when dropping off materials. Companies cannot know for sure if there are weapons in a driver’s vehicle, therefore, if gate access and the physical space in which the interaction between the truck driver and employee are not managed correctly, the risk for someone getting hurt goes up. Consider the following measures to manage the risk associated with truck drivers:

  • The proper screening which includes ensuring the person doing the screening is aware of the name of the transportation company (and potentially the driver) and the product pickup and delivery transactions expected that day.
  • Establish a secure building perimeter to ensure that a driver cannot enter a facility through an opening not designated for entry.
  • Set up a containment area to prevent unrestricted access of the driver to staff and the facility.
  • Consider providing training to staff who interface with drivers on how to manage and de-escalate anger in various scenarios. 

Train for Signs of Domestic Violence

The final workplace violence issue for industrial facilities is domestic violence. Train staff to understand the effect that domestic violence may have on employees. Encourage them to report any changes in family status and any real or perceived threats to a supervisor and create a culture that removes the barriers to reporting workplace violence concerns. There is no case that better illustrates this point than an ongoing domestic violence case in 2017 that played out at a California elementary school where slain teacher Karen Smith and the estranged husband who shot her and two students shocked the community.  (

 Ensure the Resiliency of Physical Security Solutions

The second area of weakness is common physical security and access control. Except for current employees, all other workplace violence offenders would likely originate from outside the facility, making access control essential. The first line of access control is at a site’s perimeter, a building’s perimeter, or inside a publicly accessible reception lobby. In whatever manner access control is achieved, it needs to be flexible and adaptable to rapidly changing conditions. For instance, in the case of the facility that has, it’s first line of defense on the interior of a reception lobby, the outer entrance should be equipped with electric locking and a means to screen visitors with audio and video if there is no direct line of sight. 

This capability should be set up as a proactive action, not reactive once a threat emerges. For smooth industrial security operations, it is important to embrace the concept of dynamic threat response planning and ensure that your physical security and security systems are implemented with the ability to adjust the security posture for common threats that may arise. For years now, many of the more sophisticated access control systems allow for pre-programmed threat levels which, with the click of a button, allow for certain card populations to be automatically deactivated and new reader and access group behavior patterns to be implemented at a moment’s notice.

Regular inspections and testing should be conducted on access control mitigations which should include at a minimum:

  • Fence and gate inspection
  • Door testing for mechanical integrity -- meaning doors close and latch without human intervention
  • Key control audits
  • Alarm testing and review of alarm activity. The excessive door held open and door forced open reports need to be investigated and the root causes identified.

                o   The door held open alarms are typically abuses by insiders that create a vulnerability that might be exploited by an adversary to access a restricted                       area and commit an act of workplace violence or compromise an asset.

                o   Door forced alarms are even more serious and could be the result of people entering electronically access-controlled areas with keys (which destroys                     that audit trail), door hardware being deliberately manipulated to allow for entry without a credential (such as taping down a latch) or improperly                     specified door hardware such as an ADA lever with a thumb turn lock which can be used to leave the door hardware unlocked even though the                     access control system commands the lock to be secure. 

Guard force management is another area requiring a focused effort. With all the mergers and consolidation which has consumed a lot of the effort and energy of security officer services providers, industrial facilities need to carefully manage the contracts which can easily go into the hundreds of thousands to millions of dollars per year. Organizations that enter into these agreements thinking that the guard company is going to come in and manage their security challenges will be greatly disappointed. In a recent audit on a national level contract, one of the major security services providers was over six months into their contract with the client and had not even deployed updated post orders at any of the sites. Security officers were using forms and reports with the wrong company’s information and nobody from the services provider was regularly visiting the posts. When challenged about the shortfall, after a lengthy wait, the security services provider produced some boilerplate documents that had duties not relevant to the sites in question and had another company’s name in the document.

In order to combat this problem, we recommend that industrial facilities recognize that they need to be prepared to take a leadership role in defining the services required and how work is to be performed. Do not rely upon the security services provider to do this for you. Some other tips that might help achieve better results include:

  • Establishing key performance indicators (KPI) in the contract which might include:

                    o   Turnover

                    o   Missed tours or tour data points

                    o   No-shows

                    o   Correct and Timely Submission of Billing

                    o   Adherence to standards

                    o   Training, & Qualifications

                    o   Adequate performance on monthly spot checks

  • Conducting monthly random post inspections and documenting those results to discuss in quarterly KPI meetings.  For sample monthly audit inspection and quarterly KPI forms,
  • Ensure you have regular meetings with your security officer service provider, quarterly at a minimum.  If you want to really drive performance, consider setting up a system inside the contract where the security services provider can be rewarded with additional profit for exemplary service or in the case of poor performance, have some of their profitability and fee at risk.

The Bottom Line

In summary, to stay out of the national news, industrial sites need to recognize that workplace violence is the most significant risk, and security leaders should focus on the following security mitigation:

  • Implement a workplace violence prevention and intervention program consistent with the industry’s best-known standards –  Look for the standard titled, “Workplace Violence Prevention and Intervention Standard (WVPI.1).”
  • Consider the most common sources of workplace violence such as truck drivers, current or former employees, and domestic violence which may spill over into the workplace.
  • Provide more advanced training to employees and supervisors on workplace violence prevention training which goes beyond the simple “red flags” methodology and recognizes that when several specific conditions occur together, it substantially increases the likelihood of violence.
  • Establish a pre-planned set of measures to quickly modify a site’s security posture in the event of a dynamic threat.
  • Establish effective access control measures and test them regularly, particularly excessive door alarms which can be indicators of larger problems.
  • Properly invest in appropriate oversight of contracted security officer services to realize the substantial investment that you have made and to reduce the risk of incidents.

 There is much more that could be said here, but these are some fundamental areas of weakness we see time and again when assessing industrial and manufacturing sites. If sites embrace this guidance, the likelihood of a serious incident may be reduced.

 About the Author: Frank Pisciotta, CSC, is president of Business Protection Specialists, Inc., a nationwide independent security consulting firm focusing on industrial, manufacturing, corporate security program development, including planning for dynamic threat response and security system design services. The firm has launched an online training capability to quickly build competency in non-security professionals who are asked to manage security, but who may not have had any prior training (Click Here). Pisciotta has managed more than 4,500 security-consulting engagements in his thirty-year consulting career. He possesses a master’s degree in public administration, a bachelor’s degree in criminal justice, and was board certified in Security Management by the American Society for Industrial Security as a Certified Protection Professional in 1994.  Pisciotta serves as the Vice-Chair on the ASIS Council for Food Defense and Agriculture Security. He can be reached at [email protected].