Are yesterday's security measures still measuring up?

There is ample evidence at a significant portion of recent innovations in security systems during the last 10 years can be attributed to equally

Office buildings are required to be accessible to people with physical dis abilities, for example. Ten years ago, this type of accessibility wasn't nearly as uniform as it is today More and more business enterprises require a "7x24" approach to facility operations, and represent a proportionate impact on security planning challenges. work hours are far more flexible, and more people than ever split their work hours between the office and home - or telecommute and only show up in the workplace for meetings and other special events. Workplace trends in recent years require a new security perspective on the part of the building owner, at the very least, facility executives must follow traditional security planning tenets with one eye on the new workplace dynamics.

Security priorities are established through an inventory of the corporate assets that need to be safeguarded. To identify which assets are most critical to the company and, therefore, warrant an investment, facility executives should revisit the company's mission, the type of professionals employed to carry out the mission and the technology in place that supports the people and the mission.

"Assets can be defined as anything that makes a business run and makes it profitable, including people and equipment," says David G. Aggleton, CPP, president of security consulting firm Aggleton & Associates Inc.

Similarly, facility executives are faced with serious threats from sources that were considered unusual and infrequent a decade ago, such as disgruntled employees and terrorists. Executives must determine the likelihood of these threats and how they relate to their facilities.

Some threats, such as terrorism, are impossible to predict. But a thorough risk analysis can help determine what level of security is sufficient. This analy sis can determine which risk categories buildings fall under by determining types of threats and their likelihood. Risk analysis can be performed by consultants or even facility managers, using software programs designed specifically for this task.

The other function of a risk analysis is a look at a building's current security system. Is the current system meeting the needs of the facility? Is it protecting the assets that are critical to operation? If not, the system must be considered vulnerable.

The three main vulnerabilities of a building, according to Richard P. Grassie, CPP, president of Techmark Security Integration, are the lobby or main entrance, loading dock, and physical and intellectual resources.

"The lobby is the single most important part of a building, says Grassie. It is the first means of directly controlling the activities of visitors and employees. The configuration of this area, or how visitors gain access, is crucial to securing the whole facility.

While the importance of the lobby is easy to recognize, a second vital area - the loading dock - is too often overlooked.

Security Management, the monthly magazine of the American Society for Industrial Security (ASIS), recently surveyed office property owners about their security practices. In the resulting article for the May issue "Building in Terrorism's Shadow" senior editor Michael Gips reported that only 55 percent of the surveyed companies visually inspect vehicles at loading docks, and a mere 32 percent videotape drivers entering the loading dock area. Again, knowing who is coming and going is critical to building security.

The third area of vulnerability is physical and intellectual resources. The former includes delivery personnel, movers and others who are not employees or tenants of the building.

Intellectual resources include computers and Internet access. How well these areas are controlled directly affects the success of the office security system.

New Priorities

While all threats should be considered when conducting a risk analysis, some - such as theft and workplace violence - deserve special attention in today's office environment. Though theft is not a new phenomenon, the potential monetary loss of expensive office equipment and personal belongings makes it a significant threat in today's workplace.

According to the Business Security Resource Center (BSRC), employees steal more than $52 billion annually from their employers. One-third of all bankruptcies are caused by employee theft. If facility executives think theft isn't a consideration at their facilities, they should consider the fact that 95 percent of all businesses experience employee theft, according to the BSRC. A U.S. Department of Justice survey found that annually an average of more than 2 million personal thefts occurred in the workplace during 1987 and 1992, and more than 200,000 motor vehicle thefts.

It isn't just businesses that are vulnerable to motor vehicle thefts that were reported. When building occupants are victimized, the damage extends beyond the monetary value of the items lost. Occupants need to feel safe in the workplace; if they don't, productivity will suffer.

Taking steps to prevent office theft need not require large investments. Sometimes, increasing safety simply in_ wolves employee and tenant awareness.

"Instead of taking personal responsibility for security, we add layers of technologies," says Ronald Hauri, CPP, manager of security operations and systems for W.W.Grainger. "But it all starts with the individual."

Hauri suggests that employees perform their own surveillance, making themselves aware of their surroundings; that makes them more likely to identify strangers and potential threat.

Surprisingly, some of today's common workplace practices make identification more difficult than it was 10 years ago. Business casual dress codes can be problematic because they allows potential thieves to blend into an office environment. Flexible hours and off-site employees can exacerbate the problem because the workforce is less familiar with each other, which in turn makes it more difficult to identify strangers.

Hauri says that access control is one of the simplest solutions for office crimes. It is generally cost-efficient, and very effective if people use it properly. Unfortunately, many employ ees today desire an open atmosphere at work. They want the freedom to come and go at their leisure; they don't want security systems impeding their movements.

"Facility managers and employees need to remember that, if it's inconvenient for the employee, then it's incon

Financial problems

Legal problems

Strained family relations

Occupational failures venient for the thief," says Hauri.

Computer theft is another emerging concern for office facility managers. The number of computer devices, along with their portability, makes them an irresistible target for thieves. laptops have become especially vulnerable because they can fit in gym bags and large purses.

Hauri says that many companies are making computer devices more recoverable, using bar code systems and electronic article surveillance (EAS) to identify and track individual devices.

The World Bank in Washington, D.C., found another way to protect increasingly popular computer notebooks. Security specialist Gordon McIntosh

says the company responded to computer theft by creating high-security storage areas, which contain alarms and high-security lock sets, monitored by closed circuit television (CCTV). Some storage areas also include access control. According to McIntosh, the company has incurred no losses since the installation of these storage areas.

Workplace violence, though a real threat, can often be reduced through simple security measures. One way facility managers can reduce the risk of workplace violence is to pre=screen potential employees. Preventing the hire of a potential risk greatly reduces the threat of workplace violence. Surprisingly, though, many employers simply don't take this precaution. And the reasons are unclear, says Grassie at Techmark.

"Most of our clients have refrained from pre-employment screening for some reason."

Many managers don't realize that background checks dramatically reduce risk, and can conceivably save them money down the road by reducing training costs and liabilities.

The Workplace Violence Research Institute recommends developing a prevention policy, which would establish a system for documenting violent incidences in the workplace. It is encouraging to know that 93 percent of Pinkerton's survey respondents have a formal reporting process in place for instances of workplace violence. Risk can only be determined by collected data and estimates, so reporting is an important aspect of analysis.

The research institute also suggests that every company produce a written policy on workplace violence, which would indicate zero tolerance of violence and outline the consequences of such action.

Hauri at W.W. Grainger suggests that when an outsider poses a specific threat, facility managers and employ ees can help identify potential offend ers prior to their arrival by posting photographs at strategic control points within the facility. Also, in cases where employees fear a violent incident caused by someone they know, prevention can be as simple as relocating the potential victim within the office space.

"The goal is to lower the exposure of the potential victim," says Hauri. While employees may balk at some

measures designed to increase security, they often welcome steps to prevent violence in the workplace.

Gips of Security Management found that "workplace violence was a motivator far increased security because the threat is tangible and realistic." Facility managers can take advantage of the height ened awareness and implement simple security procedures that greatly reduce the threat of workplace violence.

Keeping Up With Changes

As challenges become more complex, security plans must be continuously analyzed to make sure they are providing adequate protection. Unfortunately, too many facility managers take a reactive - rather than proactive - approach to security.

For example, only if an unusually high number of unauthorized personnel are entering a building is the facility's access control evaluated. Only if information is being stolen electronically from a building is the facility's computer security scrutinized.

Communication with building occupants is one way to gauge the effectiveness of security systems. According to Pinkerton's annual survey, 77 percent of survey respondents throughout the United States rely on the security awareness of its employees to rate the effectiveness of their systems.

Impacts Positive and Negative

The positive impact of an appropriately upgraded security system is easy to identify: increased safety, resulting in fewer crimes and less liability.

But security systems don't always meet the goals set when the systems were installed. For example, a security system that is too inconvenient for building occupants will not be used correctly, if at all, offering no payback for the investment. One office facility experimented with a biometric reader several years ago, but its occupants found that the system was too tedious and time-consuming to use. The equipment became useless.

Another potential problem arises when the fear of a specif is event occurring is much greater than the actual risk. If facility executives base their security system designs on such fears, they'll find themselves trying to explain why significant investments have produced minimal results.

"If we focused on every single threat, buildings would become fortresses," says Grassie at Techmark.

How do facility executives develop a security plan that balances protection with flexibility? The key is to match security measures with facility needs.

In an office building, where occupants are always coming and going, access control systems can accommodate that flow. Card readers are available that provide the right blend of convenience, protection and cost efficiency.

Buildings with spaces exposed to risks beyond those faced by the typical office building may take additional measures. Grassie at Techmark says that many computer centers use "man traps," in which one access controlled door has to be shut before the next door can be opened. In theory, at least, this controls the flow of people into a restricted area.

In some buildings, equipment simply can't taKe the place of people, and security personnel are still a necessity. Oftentimes, security officers provide a strong security presence and add a human element to the security system, which is an important put of some companies' images. Other technologies, such as CCTV, provide ideal backup for security personnel.

At What Price?

For most facility mangers - who are generally concerned with operating costs and paybacks - a key question is "Why?" Why invest in upgrades that don't have distinct paybacks? How can such upgrades be justified to top executives? Why spend time addressing security risks when the incidents seem unlikely to happen? Why make time for a security analysis today when there are so many other pressing priorities?

The answer is simple, if not always obvious: Effective security does affect the bottom line. The economic results of a well-oiled security program include increases in productivity because employees feel safe and reductions in liability and monetary losses caused by workplace crime. Costs of upgrades can be minimized when security work is performed in conjunction with other building upgrades or when systems are integrated. Also, the cost to educate employees within an office environment, thereby increasing security awareness, is usually very small.

Right Time, Right Ph-ice

When facility managers update their security systems can be just as important as how they update their systems, at least when it comes to costs. For many buildings, it is often prudent to integrate security with other building systems, such as lighting, HVAC and fire or life safety systems. The time to do that is when those components are being upgraded.

Over 10 years, the World Bank in Washington, D.C., for example, consolidated its offices into seven buildings - each with its own security and fire or life safety systems - into a single building. It made sense to upgrade and integrate secucity along with upgrades to the building's sprinkler system, life safety, HVAC and other automated systems. The cost of integrating several building systems is typically easier to justify than attempting individual upgrades. Security upgrades done at this time require less of a capital investment.

Protection Equation

"Security is very subjective," says Aggleton at Aggleton & Associates, Security measures are based not only on individual buildings' risks, threats and vulnerabilities, but also on corporate culture and building use. Security equipment is only part of the protection equation. Facility managers must do their part to educate employees and tenants, analyze existing systems and reduce risks through pre-employment screening, appropriate protection measures and dependable equipment.

Continued analysis and maintenance of their security systems will snake facility managers' jobs easier - and make building occupants and property safer. That is, after all, the function of security.

E mail comments and questions to nicole.sturdevant@tradepress.com.

Reader Feedback:

Was this article: Very Helpful - circle 170 Helpful - circle 171 Somewhat Helpful - circle 172 Not Helpful - circle 173