Technology changes but the basics remain.
There can be little doubt that security has changed over the recent years. We face a radically new threat landscape and huge technology leap realised by the internet of things (IoT). IP-enabled security has clearly brought many advantages, transforming security systems into a more integral operational role rather than just a security tool, thus raising client expectations and attracting IT departments and new security providers from the IT sector.
That said, the strength of the security professional is in understanding security and risk and the fundamental role of electronic security measures remain the same: the protection of assets. So the process for defining appropriate security measures and their suitability and fitness for purpose for a facility has changed little, revolving around undertaking a risk analysis and security survey, which should be methodical, systematic and thorough.
The protection level for a building primarily depends on risk. The risk analysis identifies probable targets – people, property, information, and the probability and impact of an attack, while the security survey ensures that all pertinent information to design and implement commensurate security systems and measures is obtained.
Stage one is about intelligence gathering: collecting information on the organisation, its operations and objectives, followed by a risk assessment to identify assets requiring protection and their value/attractiveness. As well as defining the threats – break ins, robbery, arson, trespass, insider attack etcetera – and the type of adversary likely to be encountered.
Stage two, involves obtaining details of the facility, including the location – whether inner city, commercial rural, etcetera – previous history, boundary, building structure and condition and any existing protective measures such as alarms, bolts, bars. This should be a structured process undertaking observations, interviews with key employees, crime prevention officers and, if possible, insurance assessors.
It should be supplemented with historic data, crime records, site plans and drawings, where available. A survey checklist ‘Location Survey Checklist’ based on the BS EN 50131-7 standard is also advisable as a useful aid memoire.
The final stage is the site walk through, or the survey. In the journal task, this would involve assessing the physical vulnerabilities, current security measures and their condition, and the types of system and devices to further mitigate the threat. The survey leads to the system design stage, which takes into account people, processes and the technology that needs integrating to meet objectives.
Starting with the ABC of risk, area, boundary, contents, is good practice, so the site survey begins at the boundary working towards the core to ensure a layered security approach. The shell of the building consists of all parts of the boundary of the structure: walls, floor, roof, including moveable parts such as doors and windows.
The shell needs viewing from outside as well as inside to ascertain any weak points. As well as the outer shell, there may be further shells within that require protection, for example a storeroom containing high value goods.
As the survey progresses through the building, there needs to be a careful assessment of the type of security device required and its deployment. It must take into account any influencing factors that may compromise the level of security, such as specifying the wrong device, or lead to potential sources of false alarms relevant to each technology type, such as water pipes, HVAC systems, lighting, electromechanical interference, extraneous noise, draughts, animals, signs and stock movement and other special considerations.
Once concluded the survey notes/information leads to the system design document, which also needs to incorporate adherence to the relevant standards and NSI/SSAIB codes of practice.
BICSI (July 2012). Electronic Safety and Security Design Reference Manual, Third edition. BICSIÒ ISBN 1-928886-60-4
Mary Lynn Garcia (2008). The Design and Evaluation of Physical Protection Systems, Second Edition.
British Security Industry Association BSIA