We all have seen the rampant adoption of IP-based security solutions in access control, in video, and everything in between. We have witnessed new players enter the market, IT- and IP-centric resellers and specifiers who fully understand IP-specific design issues. This new technical expertise is sorely needed in many instances. However, basic principals of the physical side of security may be overlooked in systems designed by companies with no expertise or history in physical security.
Without the involvement of a security professional and the assessment that he or she performs, the core building block of the design is absent.
A Proper, Professional Assessment
The professional security assessment provides the who, what, when, where, why and how of the system design. Based upon the depth of your contract with the consultant, you might receive a top-down analysis that takes into account your corporate culture, your risk and vulnerabilities, possible gains in efficiencies and changes to your business' operational policies or procedures. You should also receive critical ROI data to help upper management understand that security is not just a sinkhole for corporate expenditures.
If you don't have a professional consultant assess your security needs prior to designing a system, you risk incurring liability due to the improper implementation of an ad hoc security program. A professional security consultant understands the concept of foreseeability. We all have read about the court cases and precedents as they relate to ineffective or improper use of a security management system or lack of a formalized security plan. A security professional can assist you in navigating these difficult waters.
Building Interoperability
Once the basics of the assessment have been completed, you can address other issues, such as interoperability. This interaction between different systems within your business will allow you to efficiently share data and resources. It will maximize your operational effectiveness and your investment in your new security management system. Without the assessment as the first step in the process, those efficiencies might never be achieved.
Physical security systems may be able to interoperate with logical security systems and building management systems or share data with HR or ERP systems in real time.
Data sharing can increase efficiencies between different departments in your organization that have unique data sources. If a complete accounting of your business structure is not addressed in an assessment, none of these efficiencies will be identified.
Device Selection and Layout
Now let's look briefly at the nuts and bolts of electronic security system device selection and placement. Why is there a camera placed at a specific location, and what is its purpose? What's in the camera's field of view, and what information will the live or recorded video provide the security department when properly used? At what angle is the camera positioned on its subject, and would the resulting video be useful in identifying an incident for forensic purposes?
How many times have we seen on television video clips from a robbery in which only the top of the perpetrator's head is in view? Or clips whose quality is so poor that you see only a vague image of a person without being able to identify any features? These are real possibilities if the person designing the system doesn't have a comprehensive understanding of traditional security practices.
Surveillance is not the only application that benefits from a proper assessment as part of the design process. Why, for instance, has a specific door been identified as access controlled, while another has not? Proper assessments assist the designer in identifying device placement in both general and specific terms. Correct placement increases security and avoids the “shotgun” approach to design, which wastes resources.
Without a Professional Assessment
Here is an example of a real-world design in which a security professional was not involved, no assessment was performed and no one understood the client's business. The site was a commercial high-rise belonging to a corporation. The company did not have any ties to the federal government, was not a defense contractor and was not involved in intelligence gathering. It had no sensitive material, nor was it involved in any sensitive research.
The company was not on anyone's list as a potential target, yet the designer mandated glass-break detectors on all the upper floors of this office building. Unless there was a credible threat that someone was going to land a helicopter on top of the building, rappel down a rope, then attempt to cut through a commercial-grade exterior glass wall 10-plus stories above the street, why did they place glass-break sensors on all the upper floors of this high-rise? Surprisingly, this design approach has been taken at other commercial properties. Someone, it seems, has watched too many movies.
Best of Both Worlds
As our industry continues moving forward into the IP-centric world, we will need the expertise of both the IT and the physical security disciplines. If you find a consulting organization that has expertise in both of these realms, you are already ahead of the game. There are many good security consulting groups and engineering firms with proficiency in both fields. Still, this is not yet universal. You, the client, must demand that the companies designing your systems take a team approach.
You need to make sure that all areas of expertise are represented on your team, and that you obtain a proper assessment of your organization and its needs from a physical security expert. That expert can then work with the other disciplines your project may require to provide a comprehensive analysis and design. You might have to budget more up front, but in the long run you'll save valuable time and money, not to mention your job.
Jack Meltzer is the director of architectural engineering and consulting support services at Lenel, A UTC Fire & Security Company. Prior to joining Lenel, he was president of Wornall Electronics, a security systems integration firm. Mr. Meltzer has more than 25 years of both civilian and military security experience with expertise in integration, design and consulting. He has been a member of ASIS International since 1988.
