The Evolution of Risk and Why You are More Vulnerable Today

Data is beginning to be a much more significant factor in prevention, prediction, response and analysis of criminal activity

Up until 20 years ago, the word “security” might evoke the image of a night watchman, armored truck or closed-circuit video camera wired to a VCR. The main entrance to all but the most secure government or sensitive facilities would encompass nothing more than a set of glass doors and perhaps a receptionist behind a desk visually checking ID cards.

Events between 1999 and 2001 changed those ideas forever. Within the first three years, the Enron scandal had provided impetus for the Sarbanes Oxley Act and all manner of compliance laws to follow; the ILOVEYOU computer worm introduced us all to the virus and cyber threats; and September 11 redefined terrorism and ushered in a new age of security.

New Technologies for Better Security

Over the next several years, organizations began to put new strategies in place to address the need for greater safety and security. At the same time, as the internet and network capabilities matured, physical security evolved to tie in more closely with Information Technology, or IT, spurring the creation of a new generation of digital technologies. These new networked security products produced a wealth of data, creating a need for software and personnel to collate, correlate and analyze it.

Among the new digital products most quickly adopted and deployed by every type of organization were IP video surveillance cameras. Security managers were already accustomed to using analog cameras on a closed-circuit network, and they quickly recognized the value of the improved images and other potential advantages of the new digital approach. Although IT departments initially pushed back against the use of company networks for video streams—they were rightly concerned with the integrity of the network—both Security and IT soon agreed on methods to manage the increased traffic. And, because the new IP-based approach had so many advantages over the older analog approach, the shift from analog to IP was swift and unstoppable.

While video surveillance may have been one of the first solutions to make a migration from an older technology or approach to a new, more effective approach to security, there are other elements of physical and cybersecurity that are starting to recognize such changes are needed.

The Importance of Facility Entry Points

Without question, one of the most vulnerable and critical points in a facility is at the entry. Whether the concern is compliance, cybersecurity, terrorism, violence, theft or any of the hundreds of other risks facing businesses, it is of fundamental importance to secure any location where people can enter the facility. From a security perspective, the objective is to keep any unauthorized individuals out of the building or off the campus. Further, within each building, the objective is to ensure that any individual division, area, wing or room can only be entered by those who are authorized to be in that place at that time.

As with video surveillance, the security industry’s approach to entry began to change with the recognition of a greater need for security and with the advent of the network. Better locks were developed, and access control readers were placed at doors both outside and inside facilities, requiring a card swipe or tap to unlock the door. As the technology matured, the products became more sophisticated, with Wi-Fi locks, mobile credentials and biometrics among the developments.

Door Technology Needs a Security Upgrade

However, what has been slower to change is adoption of newer security door technologies. The majority of facility doors, both exterior and interior, are still standard swinging doors. There are many different form factors and types of locks for these doors, and the software that manages their locking and unlocking has become more advanced. However, the doors themselves still work in the same way as they always have; when unlocked, they swing open and then closed again. They may close, and/or re-lock, automatically— but once they are open, there is no barrier to entry for one or more people.

Even if a door is held open for only a few seconds, it fully negates the security function of the doors, since multiple unauthorized individuals can enter this way. There are many ways this can happen. A person may slip quickly through behind another, while “pretending” to search for their ID card. One authorized individual can enter and pass their credentials back through the door for a second person to use. Or the door may simply be held politely for the next person to pass through.

Placing security officers or installing tailgating analytics technology at each entrance can help to mitigate these risks. However, guards can be misled by a false ID or a good story. For example, “white-hat” penetration testers have proven that a clean-cut man wearing khaki slacks and a polo shirt, carrying a ladder and a clipboard, and claiming to be there to provide some kind of maintenance, will almost always be allowed to enter without credentials. Further, most tailgating technology is reactive, alerting management only after the unauthorized person has already breached the facility.

As a result, even with better locks, software and access control, standard swinging doors present a shortfall when it comes to safety and security. It is the doors themselves that are the problem. In an environment where the need for better risk mitigation is clearly recognized, why have entry doors that lag behind other security approaches?

The primary reason is that entry has hisengineers and consultants who plan and design buildings, and the contractors and construction companies who build them. For these groups, security is not part of the education process for their disciplines, nor is it a fundamental consideration factor for them during the design and construction process.

Security Entrances: Better Than Swinging Doors

Security entrances can solve many of the problems of entry while offering numerous additional benefits. Unlike standard swinging doors, a security entrance, such as a turnstile, security revolving door or mantrap portal, is designed to allow entry of only one authorized user at a time. Some types of security entrances require local supervision and operate as a deterrent, while others work in such a way to prevent any type of tailgating. Regardless of type, compared to a swinging door, they are definitely a physical security upgrade due to their ability to significantly reduce the risk of infiltration.

As the understanding grows for proactively developing a safety and security strategy in the planning for any new facility or campus, these considerations will become paramount to architects, engineers and consultants as well. Facility directors will be hired earlier in the process to oversee and direct that segment of planning, and school curricula will almost certainly change to accommodate a greater recognition of security and safety needs. Overall, addressing the potential risk profile of a building or campus’s future occupants will become a more basic and foundational element of the process. However, while this may be beginning to happen now, it is far from prevalent.

Facility directors who are planning a move to a new location in order to accommodate growth or other change must now take a strong position in considering these risk factors in today’s environment. Going further, their professional risk mitigation strategies need to include not only safety and security, but also the potential for corporate and personal liability in the event of an incident. Not only can their finances be severely impacted or destroyed, but ruinous civil and criminal suits can be brought against them personally. In developing these strategies, it is essential to include entry, as it plays such a central role in risk prevention.

In fact, entry should be one of the fundamental factors to use in determining which architects, engineers, consultants and other providers to choose in the earliest stages of discussion when planning to build a new facility or campus, or to move to one which has just been built. It must be given equal consideration when making a move to an alreadyexisting location, since older buildings are much less likely to incorporate entry solutions designed to mitigate today’s risks. And for corporate executives, managers or stakeholders who are not planning a move, now is the right time to consider retrofitting your current entries and doors to better address the types of risks faced by organizations.

Upgraded Doors Link to Advanced Data

At this moment in the evolution of security solutions, data is beginning to be a much more significant factor in prevention, prediction, response and analysis of criminal activity. New players in the security industry are developing highly advanced software to identify the potential for both physical and cyber-criminal activity based on a wide range of information supplied by multiple diverse systems. Much advanced from standard swinging doors with access readers, the future of entry includes both predictive intelligence and accountability, both based on data.

Numerous entry solutions already existing today can provide useful data that ties into powerful software to make these kinds of predictions. For example, security revolving doors may be integrated with biometrics, analytics and access control to fully eliminate tailgating and to verify that the identity of the person entering matches the credentials being presented. As mentioned above, these entrances can also prevent or eliminate tailgating; they can also provide a range of benefits beyond security. Because they are “always closed”, they make it easier to maintain and regulate temperatures inside a building, reducing its environmental impact. They can also add prestige to the visual image of the facility, provide a more welcoming appearance to personnel, students and visitors.

Keep Making Improvements

The meaning of the word “security” has irrevocably changed in the past two decades. Organizations, campuses and corporate stakeholders are now at risk in ways that would have been unimaginable 20 years ago. However, by defining a sound safety and security strategy that incorporates entry as a fundamental element, you can optimize your risk profile and make a meaningful improvement for your organization, personnel and students.

This article originally appeared in the May/June 2019 issue of Campus Security & Life Safety.

Digital Edition

  • Campus Security & Life Safety Magazine - July August 2019

    July/August 2019

    Featuring:

    • Making Security Inclusive
    • Reducing a Carbon Footprint
    • Taking a Connected Approach
    • Proactive Security for Active Shooter Situations

    View This Issue