Home > Articles By Issue > Safety and Security > August 2006

Photo provided by Brijot Imaging Systems.

One Step Ahead

Working with information technologists to integrate physical and electronic security measures can help protect a facility.

By Jillian Ruffino

In many ways, a facility manager is like a parent. Instead of shouldering the responsibility for a few lives, however, he or she is responsible for the safety and well being of every person within a facility. There are several areas of facility management where, if mistakes are made, someone could get injured—or worse. Nowhere is this statement more accurate than in the field of security.

The days of living in denial of the potential dangers that can affect buildings are long gone. The devastating attacks on 9/11, subsequent threats to the country, and strikes on its allies overseas have disabused the nation of any idea that it is impregnable.

Alongside relatively new fears of terrorist attacks, facility professionals must also continue to get updated and remain stalwart against the usual suspects. As Jon D. Groussman, president and COO of Naples, FL-based CAP Index, Inc., explains, “It’s important to remember that the most pressing security issue today is protecting tenants, employees, and visitors from traditional crimes against persons and property, including larceny, assault, robbery, and burglary.”

According to the U.S. Department of Labor’s Bureau of Labor Statistics, from 1999 through 2004, 14% of fatal occupational injuries were caused by assaults or violent acts, 10% were homicides, 7% shootings, and 1% stabbings. (Data excludes statistics related to 9/11.) These numbers mean that 35% of work related fatalities were caused by violence in the workplace.

Theft is another common occurrence. As Brian J. Andrew, president and CTO of Brijot Imaging Systems, Inc., headquartered in Orlando, FL, says, “The second issue is people removing unauthorized items from facilities, whether they are stealing manufactured goods or merchandise, or employee or company property. The biggest threat here isn’t burglars or other external thieves, but company employees themselves.”

The consequences for theft of this kind are expensive and time consuming. Andrew continues, “American businesses spend billions each year on such incidents, including crisis management, worker compensation, damaged property, lost productivity, and employee turnover.” He maintains that facilities cannot afford inadequate security measures.

The Gap In Security

One of the latest major security breaches to make the headlines combined a failure in two crucial areas: physical and electronic safeguards. According to a statement from the Department of Veterans Affairs (VA), “The VA has recently learned that an employee, a data analyst, took home electronic data from the VA, which he was not authorized to do. This data contained identifying information, including names, social security numbers, and dates of birth for up to 26.5 million veterans… The employee’s home was burglarized, and this data was stolen.”

Fortunately, this robbery was part of a series of break-ins in the employee’s neighborhood and was not targeted at stealing this precious information. It does, however, illuminate the latest issue in security—the convergence of physical and electronic security.

The breach at the VA illustrated a potentially catastrophic deficiency in both areas. This employee should not have been able to leave the VA facility with unauthorized items in his possession. Perhaps this was never properly communicated to the facility manager or security coordinator by the technologist responsible for the information. After it was stolen, the confidential, electronic data for millions of people was compromised.

Physical security encompasses measures that prevent aggressors from gaining entrance to a facility, including all access control procedures. It can also prevent building occupants from exiting the facility with sensitive materials or stolen goods. Electronic security makes the contents of a message or file unintelligible to anyone not authorized to read it.

These divergent types of security are strengthened when they work in conjunction with one another. Steve Birkmeier, director of marketing for Arteco Vision Systems, based out of St. Louis, MO, observes, “More and more, different types of security solutions, including fire, video surveillance, and access control, are operating on the building’s IT infrastructure. Understanding concepts like bandwidth and file size, for example, will help facility managers make clearer decisions when it comes to the selection process.”

Mark Visbal, director of research and technology for Alexandria, VA-based Security Industry Association, adds, “The issues of electronic physical security/IT convergence and systems integration are the two most pressing issues today. The ability to share infrastructure and data, as well as the reduction in labor to supply multiple systems, are driving these efforts. Equally important is the increased security gained for IT assets through the linking of physical and electronic access control.”

In order to unite these areas of security, facility managers must work closely with information technologists. Groussman says, “It is imperative that facility management professionals learn to incorporate a holistic approach to security management.”

Working Together

When it comes to security, today’s facility managers need cooperation from Information Technologists (IT). Jay Vaitkus, global product and market manager for Indianapolis, IN-based Stanley Security Solutions, remarks, “The modern facility manager will more and more be relying on the IT professional to supply, protect, and maintain the computers and networks used to stream, defend, and manipulate the digital information we rely on every day.”

IT and facility professionals are very different creatures, so it is important for both to have complete comprehension of their mutual goal. “The integration of physical and electronic security measures in virtually any facility requires significant cooperation and planning by facility management professionals and IT,” says Groussman. “Typically, these professionals have very different backgrounds, skill sets, responsibilities, and overall mission as they relate to the company.”

His recommendation? “It is often helpful to have both groups meet with a representative group of ‘end users’ who can help shape the plan.” He believes that a ‘safety mindset’ must develop among all occupants of a building.

Andrew concurs: “People too often assume they are secure when they are not. We call this ‘steam on the bridge.’ Why would a spaceship’s bridge suddenly become enveloped with steam after it lands? Security in the movies and TV is like that steam; those devices and capabilities showcased on even some of our more realistic media don’t exist, but people still buy into the idea that they do.”

Andrew’s point may not be relevant for long. With the convergence of all security systems into one streamlined, efficient operation, those elements of security that seem futuristic today could soon be a reality.

To join these two somewhat disparate but ultimately linked areas of security, it is also useful to bring in an outside party who will be able to assess the facility’s needs clearly. It can be easy for both parties to lose sight of the big picture when managing the finer points of daily operation. Vaitkus recommends that facility professionals “contact an integrator who can perform a security and risk assessment for the facility. An experienced integration firm or consultant is instrumental to help design a solution.”

Visbal takes this approach one step further. He says, “From the results of the risk analysis, a risk mitigation plan should be developed. This plan will include a blueprint for securing the premises and will include physical and electronic security measures targeted at the unique requirements of the premises.”

Facility professionals and IT need the ability to create risk management programs in order to respond to constantly evolving threats. Visbal continues, “There are software programs commercially available to help in this critical task. The degree of risk mitigation is calculated by many of these programs. Having this level of documentation also allows the tenant or owner to approach the insurer for discounts based on the assessment and mitigation plan.”

 

Insurance rates and liability are critical issues when it comes to security. Without an adequate plan, the price of insuring a facility can escalate. When incidents do occur, the expense can be excessive. Joseph Ricci, executive director of Alexandria, VA-based National Association of Security Companies (NASCO), comments, “Increased regulation and emerging liability will force corporations, through their facility managers, to develop more cost effective security measures to protect tenants and assets.” These precautions, including hiring an assessment specialist or using risk management software, should alleviate losses.

Facility managers must also have a clear and open dialogue with IT. Groussman explains, “The technical side of IT must understand the purpose and operational feasibility of a particular security measure. They must consider how it will endure over time and with any unforeseen changes that could occur. Will the technology adapt?” All of these factors must be properly communicated between the facility professional and IT.

Continue to rest of article >>