Differences between proprietary and contract guard services

SecurityOperationsManagmentChapter10.pdf

Home >Government homework help >Differences between proprietary and contract guard services

285

Operating Physical- and Technology- Centered Programs

The ultimate purpose of any security system is to counter threats against assets and strengthen associated vulnerabilities. —Joseph Barry and Patrick Finnegan

Most of the costs of security operations are personnel costs created by security services. But it is the nature of management to drive down costs, whenever possible, while main- taining or improving quality of services or product. Is this realistic? An important means by which security operating dollars can be made more effective is through the judicious use of physical- and technology-centered programs. These are concerned with physical security measures and with electronic technology—often computer-based—used to safeguard people, to reduce chances of theft, to evaluate ongoing operations, and to safe- guard assets against damage or loss. Well-designed and executed, such operations may decrease the number of personnel required to implement and maintain a high-performance protection program. If conceived and implemented poorly, however, physical- and technology-centered programs can produce unsatisfactory results. Further, if badly conceived and implemented, such initiatives can produce a sense among workers that management is “putting systems above people.” Clearly, physical- and technology-based measures should enhance the use of protection personnel and other resources, not detract from them.

We begin this chapter by briefly citing the theory of situational crime prevention con- cepts first encountered in Chapter 1, and then we consider the use of non-personnel-based resources to mitigate the risk.

SITUATIONAL CRIME PREVENTION: A PHILOSOPHY OF CRIME REDUCTION

Law enforcement and criminal justice practitioners who create crime prevention programs usually are concerned with a set of defined priorities. These include community crime mitigation programs, juvenile deviance, and coordination with prosecutors and the courts,

McCrie, R. D. (2007). Security operations management. ProQuest Ebook Central <a onclick=window.open('http://ebookcentral.proquest.com','_blank') href='http://ebookcentral.proquest.com' target='_blank' style='cursor: pointer;'>http://ebookcentral.proquest.com</a> Created from apus on 2020-08-10 13:18:09.

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

as well as police staffing and environmental and technological strategies. By contrast, persons concerned with security operations management for a corporation or institution have little short-term control over many environmental and circumstantial factors. These include where the facility is located, policies and programs related to juvenile offenders, the responsiveness and leadership of local criminal justice programs, and how well local police do their job. These differences have influenced the ways in which law enforcement and private security firms tend to view the causes of crime and disorder. The difference historically have been substantial.

Over the years, legions of criminologists and social critics have written on supposed “root causes” of crime, and the social disorganization and individualism that perpetuates deviance.1 These same writers largely fail to consider why a few individuals in a particu- lar social, ethnic, political, economic, and even familial situation commit crimes while most do not. In the end, the manager concerned with reducing losses does not speculate on what is neither quantified nor provable, but rather concentrates on what can be accomplished in security programs based on the results of accepted research activities. In part, this means deterring or suppressing crime rather than focusing on apprehending and prosecuting violators.

For example, a facility can be designed to make it less amenable to loss. In many circumstances, however, the manager faces situations in which changing the facility design—using architecture and engineering methods to create spaces that are less amenable to crime, loss, or injury—is not an option. Instead, personnel, procedures, physical measures, and technology must be altered to prevent or mitigate losses. The clear trend in recent years is for security executives generally to become involved early in the design considerations of a new facility. This allows their insights into loss control to be implemented at the earliest stages. (This process is discussed near the end of this chapter.) Several architectural and engineering firms have loss-prevention specialists who stay abreast of protective and life safety measures so that such advances may be designed into new facilities. Other specialized consultants offer services that lower property risks to existing sites through better security planning and design.

In the 1970s, the architect Oscar Newman studied public housing in New York City and elsewhere and determined that crime rates vary according to territoriality, surveil- lance, image, and environment.2 “Territoriality” refers to the sense of possession by resi- dents or workers of an environment and the tendency of people to defend this territory against those who would commit criminal acts within or near the area. “Surveillance” relates to the ability of people within buildings to view people outside their immediate environment. “Image” refers to the general reputation of a place. And finally, “environment” refers to the nearby area that renders the zone safe or unsafe.

Defensible space, therefore, defines an area where surveillance is extensive, the image is positive, and the nearby environment is safe and protective of residents and visitors. Newman’s theory produced a design strategy called Crime Prevention Through Environmental Design (CPTED), discussed in Table 10.1. Defensible-space theory concludes that crime may be reduced by improving surveillance of public areas, demarcating private versus public space, and improving the image and environment of an area.

Research on defensible space concepts sometimes concludes that the concepts are not always successful at reducing crime because they fail to take into consideration the

286 OPERATING PHYSICAL- AND TECHNOLOGY-CENTERED PROGRAMS

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

cognitive processes individuals use to adapt to physical environments.3 Patricia and Paul Brantingham analyzed crime rates by occupation and economic specialization and have determined that crimes like murder and assault occur in areas of economic decline and neglect, whereas white-collar crimes occur in areas in which a high number of potential victims exist.4 Research has also found that certain environmental changes increase public use and decrease fear.

More recently, CPTED has evolved to include the concept of situational crime pre- vention, which argues that crime may be reduced in a particular area when aspects of the environment are changed, often involving little cost or effort. For example, making it harder to commit a crime by modifying the environment—by installing better lighting, broader surveillance through visible patrols, CCTV, and alarms that will call police to the scene quickly—can decrease crime in an area.5

Situational Crime Prevention: A Philosophy of Crime Reduction 287

Table 10.1 Crime Prevention Through Environmental Design (CPTED)

CPTED argues that changing the environment through design can make certain types of crime less likely to occur. Antisocial and criminal behavior will not disappear, but the frequency will decline because the environment is less hospitable to potential offenders. This is because the area seems better protected by its owners and thus the would-be criminal is deterred from offending due to being more likely to be detected and arrested. The principle is based initially on research involving residential buildings, although the same concepts relate equally to commercial and institutional property. CPTED posits that private and semiprivate spaces are better cared for and, therefore, are safer than those for which responsibility is diffuse or public. CPTED is based on four principles:

Principle Methods of Applications

Territoriality Property looks cared for; broken windows are repaired; graffiti removed promptly.

Residents are seen making improvements or enhancements to their areas. Access control discourages unauthorized visitors and deters their entry. Controlled space is differentiated clearly from nearby transitional zones.

Surveillance Residents can observe outer areas from within their buildings with clear lines of sight to call for assistance in the event it is needed.

Hallways and public areas are designed to be open and nonconstraining. Cul-de-sacs and hiding places in public areas are designed out. Closed-circuit television (CCTV) and modern access and alarm systems

are likely to be in use. Image The property has a favorable image in the area and is looked at as

being well-maintained and cared for. Events and activities are programmed to increase use of public spaces.

Environment The area immediately beyond the property—nearby buildings, streets, retail space and parks—are equally well cared for.

Communications systems permit persons in both congested and isolated areas to call for assistance when needed.

Conflicting activities—such as a playground for toddlers and a basketball court—are separated.

Street furniture, sitting areas, and fountains are designed to serve locals while not attracting vagrants.

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

THE RISK VERSUS COST RATIO

The level of security in a particular area can depend upon many factors. Therefore, a range of options should be evaluated for their pertinence to a given condition. A broad spectrum involving widely varying degrees of risks and controls exists. At one end, con- trols are absent and risks for loss are high. At the other end, the reverse is true. The thesis of this book, indeed, the view of many security practitioners, is that weakness is eventu- ally exploited. Therefore, lack of adequate security increases the likelihood of losses. Further, as assets increase in value, the potential for their loss also grows, as shown in Figure 10.1. The following sections look at the continuum of security conditions and their management relevance.

• Protectionless security. The author’s grandparents lived in a small, safe community. Their front door was rarely locked. Once they left their house for a trip, they locked it, but left the key in the front door keyhole “in case someone needed to get in.” This seemed to make sense to them. Security depended upon the fact that residential burglary was rare at that time and place. Those who might be inclined to commit such a crime did not systematically survey the neighborhood to see what residences were unlocked and were easy targets. In time, the younger generations convinced their parents and grandparents that wisdom dictated that the key should be left elsewhere and it was henceforth placed under a nearby flowerpot.

Such seemingly protectionless behavior still exists in some residential areas. These circumstances are not thoroughly precarious, as vigilant neighbors, visibility of the residence, and a culture of low residential property crime make the risks less than would seem initially obvious. However, contemporary organizations realize that reasonable and adequate measures must be taken to protect their operations. The orderly and lawful behavior of others cannot be assumed. That means implementing appropriate security measures to protect the value of the assets located there.

• Minimum security. With little effort, this type of system impedes some unauthorized external activity, which is achieved by physical barriers and locks.6 Local or centralized alarms are not installed in such facilities. This level of protection is adequate for some houses, but not for commercial or institutional activities.

• Low-level security. This system impedes and detects some unauthorized external activity requiring modest effort by the offender. Doors and windows may be reinforced and a local alarm system may be installed.

• Medium security. Here the system impedes, detects, and assesses most unauthorized external activity and some unauthorized internal activity. This is achieved by the use of a properly installed centrally monitored alarm systems. Unarmed security officers may be on the premises for part of the day.

• High-level security. Relying on greater capital investment, adequate personnel, and well-considered procedures relative to the previous

288 OPERATING PHYSICAL- AND TECHNOLOGY-CENTERED PROGRAMS

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

T h e R

isk versu

s C o st R

atio 2 8 9

FIGURE 10.1 The risk versus cost continuum.

M cC

rie , R

. D . (2

0 0 7 ). S

e cu

rity o p e ra

tio n s m

a n a g e m

e n t. P

ro Q

u e st E

b o o k C

e n tra

l < a o

n click=

w in

d o w

.o p e n ('h

ttp ://e

b o o kce

n tra

l.p ro

q u e st.co

m ','_

b la

n k')

h re

f= 'h

ttp ://e

b o

o kce

n tra

l.p ro

q u e st.co

m ' ta

rg e t=

'_ b la

n k' style

= 'cu

rso r: p

o in

te r;'>

h ttp

://e b o

o kce

n tra

l.p ro

q u e st.co

m <

/a >

C re

a te

d fro

m a

p u s o

n 2

0 2 0 -0

8 -1

0 1

3 :1

8 :0

9 .

category, this system impedes, detects, and assesses most unauthorized external and internal activity. In addition to features found in lower levels, this level of security can include CCTV, access controls, advanced perimeter and interior (volumetric) security systems, highly trained and supported security officers, and management dedicated to constantly seeking programmatic improvements.

• Exceptional security. This advanced protective status impedes, detects, assesses, and neutralizes most unauthorized external and internal activity. This is achieved by tamper-resistant, complex systems and highly trained and vetted personnel capable of responding promptly to any alarm condition and most threats. Security robots may respond to an alarm condition neutralizing an intruder with noise, bright light, or harsh warnings.

• Failsafe security. This is a conceptual level of security in which serious losses over an extended period of time are highly unlikely because of the exceptional defenses that prevent such occurrences. Such a level of security is costly and impractical in most situations because the controls are deliberately restrictive and time-consuming to overcome, even for those with some authorization over control and custody of the assets to be protected. Fail-safe security is unlikely to permit losses, but its nature also suppresses normal economic activity.

Sales and marketing–oriented managers often battle against the recommendations for and installation of protective controls. They argue that such measures in retail set- tings discourage some purchases by establishing barriers to the setting. Meanwhile, secu- rity directors face the task of justifying and obtaining the maximum level of protection reasonable for the situation required. Lack of any security is not an option; neither is fail- safe security. The strategy for security operations is to find the right level of security measures to satisfy constantly changing requirements.

Determining the reasonable protection level for an organization involves evaluating four types of issues: the types of risks faced by the organization; the likelihood of their occurrence; the impact they would have on operations; and the resources reasonably available to identify the risks. This is a topic of considerable importance in justifying security programs and their expenditures. Some managers prefer to create programs based on their and their associates’ experienced judgment. Others use a matrix of risk types, likelihood, and impact, which can lead to an estimate of the resources needed. Other managers use software programs that guide them to identify risks and consider various possibilities of occurrences.7 These are converted into strategy during the plan- ning period to meet management’s objectives.

WHY PHYSICAL SECURITY IS IMPORTANT

Physical barriers have been used as a means of protection for centuries. Along with animals and human sentries, walls, fences, weapons, and locks have always been impor- tant means of protecting people. Early humans chose their housing with defensive features in mind, and communities were formed to take advantage of mutual protection.

290 OPERATING PHYSICAL- AND TECHNOLOGY-CENTERED PROGRAMS

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

Safes and vaults became important ways of protecting assets in early market centers when their owners could not be present and in locations where hiding places were limited. The ancient Egyptians, meanwhile, developed the pin tumbler lock.8 Early and medieval com- munities protected themselves from foreign armies as well as organized brigands with walls, fortifications, and careful placement of their structures. Such physical security measures had many advantages: they represented one-time-only costs; they were usually reliable and worked well for long periods of time; and they achieved their objectives by deterring or reducing opportunity for unauthorized entry.

John J. Fay defines physical security as “that part of security concerned with phys- ical measures designed to safeguard people, to prevent unauthorized access to equipment, facilities, material and documents, and to safeguard them against damage and loss.”9 The term encompasses measures relating to the effective and economic use of a facility’s full resources to meet anticipated and actual security threats. Concerns of physical security planners include design, selection, purchase, installation, and use of physical barriers, locks, safes and vaults, lighting, alarms, CCTV, electronic surveillance, access control, and integrated electronic systems. The term “physical security” includes physical obsta- cles, mechanical devices, and personnel-centered measures. These are supplemented by technology-centered processes for communications, control, and directing mitigation efforts. These depend upon electricity in order to operate. Typically, comprehensive secu- rity programs involve a combination of two or more distinct measures to protect people, physical assets, and intellectual property.

Security operations planners sometimes think first of physical security in their pro- tection strategies. Several reasons support this tendency: Physical security substantially requires a one-time cost only; physical measures are usually clearly visible and deter unlawful or unwanted acts; care and upkeep are limited; specific standards have been set in many cases to guide the security planner on decisions; and physical security measures are uncomplicated to purchase, install, and care for. Finally, security personnel provide a visible awareness of the protection program and suggest the capacity to respond to an incident as required.

Technology can be applied as a powerful tool in well-conceived security programs. All contemporary protections depend upon electronic components and systems to achieve their objectives. Technology performs complex monitoring opera- tions and possesses control features beyond the capacities of individual security per- sonnel. As a result, contemporary high-tech implements permit a higher level of confidence in protective programs than in the past. Just as changes in communica- tions, sensing, and computing have affected society at large, these developments also have reshaped the means and quality by which security services are performed. Indeed, a security planner learning of a new technological development is likely to wonder how it can be applied to enhance operating security programs in the future, if not immediately.

The following section on security countermeasures to loss is neither comprehensive in its scope nor detailed in its discussion. The discussion does, however, serve to provide an overview of physical security measures to consider when creating or assessing protec- tive programs. A final section in this chapter offers guidelines for designing and con- structing a complex integrated system with the aid of security engineers or consultants. In addition, the notes at the end of the chapter provide resources in which to further pursue individual topics.

Why Physical Security Is Important 291

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

SELECTING SECURITY COUNTERMEASURES TO REDUCE LOSS

The security planner should consider a variety of countermeasures if an event is likely to produce a significant loss to the organization. No single measure will be adequate; mul- tiple resources and strategies need to be evaluated in arriving at the best plan. The term “concentric circles of protection” reflects the concept that numerous protective measures separate the outer environment from the innermost protected locations. In planning the measures to be taken, thought is always given to the appropriateness, utility, and cost of the procedures, equipment, and personnel required to meet the expected objectives.

Effective countermeasures may serve one or more of the following objectives: deter- rence (that is, preventing or discouraging unwanted action); delay or denial (that is, impeding or stopping an unwanted action); and detecting (that is, discovering or ascer- taining the significance of a possible security breach) (see Table 10.2).

Facility Design: Location, Area, and Architecture

From earliest known times, humans have improved their safety and security by evaluat- ing the advantages of location and using its protective environmental advantages to the fullest. Natural barriers that provide an intrinsic protective value include bodies of water, marshy areas, deserts, mountains, and hidden areas such as caves and tunnels. These nat- urally occurring physical characteristics were enhanced with walls, fences, bars, moats, ditches, cleared spaces, and other adaptations. From neolithic times through the early Iron Age (4000 B.C. to 450 B.C.), lake dwellers created communities in the Alpine Arc from France through Switzerland to Slovenia, though similar settlements were found in

292 OPERATING PHYSICAL- AND TECHNOLOGY-CENTERED PROGRAMS

Table 10.2 Physical Security Countermeasures to Loss—Strengths and Relative Cost

Strength

Countermeasures Deter Delay Detect Relative Cost

Facility design x x x Low Animals x x x Low Barriers x x Low Signs x Low Locks, keys, containers x x Low Lighting systems x Low Closed-circuit television x x High Intrusion detection systems x x Moderate Access control systems x x x High Alarm systems x x x High Robotic systems x x High Communications x Moderate Information security systems x x Low to high Contraband detection x x High Fire detection and life safety x High

Source: Introduction to Security for Business Students (1998). Alexandria, VA: ASIS. This list includes physical and electronic crime countermeasures.

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

other parts of Europe. Lake-dwellers built dwellings on stilts on marshy areas. Why these locations were selected is unsure, but security is believed to be one of the factors. Medieval cities, for example, were often built on hilltops in order to take advantage of the superior lookout provided there, as well as the natural superiority height provides in repelling attackers. (Examples of such hilltop villages include Carcassonne in France and Urbino in Italy.) Fortified dwellings expanded over time, eventually becoming castles. These were developed partially to protect residents from endemic warfare, as well as against organized bands of thieves in Europe that threatened the safety and security of small communities.10

Location that had natural defense characteristics, often strengthened by structural barriers, serve many purposes. They were selected with discernment. The best locations served to define property boundaries; to control access to restricted or privileged areas; to delay and impede unauthorized entry; to channel and restrict the flow of traffic; to facilitate the identification of possible intruders or threats to the area; and to provide for efficient use of security personnel or other guardians.

In the contemporary organization, location matters just as much as in earlier centuries. In crime prevention research, the study of location holds considerable importance. Areas with high personal and property crime and persistent urban problems will lose residents, commerce, industry, and institutions. Further, new organizations will be reluctant to locate to such crime areas without considerable inducements. Nonetheless, it is possible for an organization to locate in a distressed area and thrive with appropriate physical security measures. However, employees and services may be reluctant to come to that location. Before committing capital investment in a new location, therefore, security-conscious managers carefully consider crime patterns in the immediate location and general area. This includes collecting crime data, studying law enforcement resources and culture, and determining how these factors relate to the security measures that must be put in place.

Animals

Some of the earliest protective sentries were animal, not human. Livy describes how geese on one of the hills in ancient Rome sounded an alarm when Gaullic invaders sought to surprise an army encampment at night from a steep and unprotected side of the hill.11 In current applications, geese have been used sometimes to protect NATO facilities.12

For centuries, dogs have played an important role as guards. Guard dogs usually patrol inside fenced areas and buildings without a handler, and are often used in facili- ties with no evening security personnel or workers, such as at retailers, car dealers, con- struction yards, and distribution facilities. In other circumstances, guard dogs work with handlers. Because of their superior sense of smell and acute hearing, dogs play a large role in searching for lost or hidden persons, contraband, and explosives.13

Breeds of dogs vary in their ability to be useful for security purposes. Canine breeds can be categorized as high or low in such diverse characteristics as reactivity, aggression, trainability, and capacity for investigation. Dogs used in security and police work for bomb or drug detection are trained by Pavlovian methods. The handler trains the dog every day to find hidden explosives or drugs and then feeds and praises the dog with each success. Security planners interested in using dogs for security tasks must select person- nel who will be trained with the animals and will be committed to their welfare over the lifetime of the animal.

Selecting Security Countermeasures to Reduce Loss 293

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

Barriers

Barriers may be constructed to further safeguard the protected area. For example, a body of water or deeply rooted shrubs may provide psychological and distance deterrents. Manufactured fences also provide an important barrier for physical security.14 If a secu- rity planner determines that a fence is desirable, related issues may be raised: Will one fence be enough, or would two fences with a patrol space between them be better? Will the fence have clear areas around it so that a good line of sight is maintained? What impediments to climbing will be used? To digging under the fence?

While fences may be made of many materials, chain-link fence is commonly used due to its availability, flexibility, cost, established use, and ease of installation. In security applications, fences are typically no. 11 American wire gauge or heavier, with 2-inch mesh openings. They are usually 7 feet tall and are topped by three strands of barbed wire or razor ribbon evenly spaced 6 inches apart and angled outward 30 to 45 degrees from the vertical. Since attackers may pass under the fence, the bottom may be designed so that penetration is difficult.

To many security planners, a fence may seem like an attractive security option: Chain-link fencing is a widely used visible deterrent requiring little maintenance. However, fences do have shortcomings and should be regarded as being able to provide only temporary deterrence. As Gigliotti and Jason note:15

Regardless of how elaborate fences may be, they still offer only a modicum of security. Fences are necessary, but investments in this area should be kept to a minimum as the money can be better used on other components of the total system.

Consider that someone wanting to pass from one side of a fence to the other has three options: They can go under the fence, through it, or over it. It is possible to go under a fence by digging a hole beneath it, though the time and effort required to successfully accomplish this make this approach onerous. Going through the fence is possible, as wire cutters can cut out an area for someone to pass through in a few minutes’ time. Finally, someone can go over the fence. Research at Sandia National Laboratories, Albuquerque, for the Department of Energy, determined that trained individuals with penetration aids like ladders, sheets, carpet fragments, and wood planks can scale over a fence in 5 to 10 seconds depending on the penetration aid used and whether someone was assisting in the passage or not.16 The average untrained individual surely would not be able to cross a fence so quickly, and the presence of the fence would discourage casual attempts. However, the inherent weaknesses of fences indicate that the security planner must think beyond this structure to make a facility safe from penetration. In addition, most fences present an unwelcoming, rigid impression, which may be unacceptable to an organization fostering a friendly working environment. Some facilities with medium- to high-security vulnera- bilities have decided not to use fences, but rather to rely on other means of protecting facilities.

An alternative to metallic fences is the use of plants such as hedges to serve as a nat- ural fence. Such measures are limited to facilities in which the hedge will not be needed for a few years as it grows to the proper height and depth so that it can serve its intended protective function. One of the most widely used protective hedges is Trifolium orange,

294 OPERATING PHYSICAL- AND TECHNOLOGY-CENTERED PROGRAMS

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

which grows in many types of soils, putting down deep roots in time so that even a jeep would have trouble driving through it.

Security Glazing

Glass is a transparent and brittle substance composed chiefly of silicates and an alkali. The raw materials are fused at high temperatures. Glass may be manufactured to suit a variety of purposes. For security needs, glass is often fused with layers of plastic, usually polyvinyl butyral (PVB), although laminates of polycarbonate have a robust protective value and are also transparent. Thousands of glazing configurations have been created, but only a few meet security standards. Some products can withstand bomb blasts, others can withstand burglary attempts. Transparent security glazing is best known for withstanding bullet discharges of various caliber weapons. Well-selected security glazing can provide performance, control, and cost savings. Transparent film placed over ordinary glass can increase bomb blast resistance and is frequently installed at high-risk locations.

Signs

Warning signs have an important deterrent effect. Placed at the perimeter of a protected facility, they discourage would-be offenders from a variety of unwanted behaviors. The excavated ruins of Pompeii revealed that two millennia ago, homeowners sought to deter possible housebreakers with prominent signs, some made of mosaics, warning cave canem (“Beware of dog”). That same message—but in English—still appears on the fences of construction lots, on the doors of garages and distribution facilities where guard dogs are found, and in countless other types of locations.

Much more common are warning signs that indicate that trespassers will be arrested and prosecuted or that electronic security systems are in use. Such signs are an indication of guardianship; that is, the owners and operators of the facility are aware of risks and have taken measures to protect assets. Such signs should be placed around the perimeter so that potential perpetrators from any direction will be warned of the protec- tive measures being taken.

Signs usually represent a small one-time cost. Although they will not stop deter- mined thieves, they will signal such individuals that they must move quickly due to the threatened risks of being detected and apprehended.

Locks, Keys, and Containers

As mentioned previously, locks were one of the earliest manifestations of physical security. The art of the locksmith has been respected over the centuries for its beauty, practicality, and necessity. Locks remain an integral part of contemporary physical security planning. Locks, along with their keys and the containers of which they may be a part, have many benefits for security programs. Simple to use, they are complicated to make. Involving a one-time cost, they may be used repeatedly with reliability over years of service. Locks and keys may meet different levels of security according to requirements of the location.

Selecting Security Countermeasures to Reduce Loss 295

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

They are easy to employ and can be designed into containers, furniture, doors, and machines with ease.

A disadvantage of mechanical locks is that they provide no evidence of who accessed the lock over its previous uses. This drawback is eliminated by the electronic locking systems now available. These systems may be opened with cards or tokens that are inserted or brought near (proximity lock) a sensor, which in turn opens the door.

The security planner should concentrate on a series of easy-to-understand principles in deciding what locks to use and why.

Key-Operated Locks Most locks use tumbler mechanisms to operate. That is, the key enters the keyhole and moves the variable tumblers into a straight line so that they then can turn the lock cylinder. If the correct key is not inserted into the keyhole, all of the tumblers will not be in a straight line (shear line) and the lock cylinder will not be able to rotate around the shell of the lock.

The most widely used key-operated mechanism is the pin tumbler, for which a wide variety of security levels is available. Mechanical pin tumbler locks are ingeniously cut so that a sequence of keys would operate a series of doors, such as on the floor of a hotel. A sub-master key would open all of these doors but would not operate on another floor of the hotel, where a different sub-master was used. Finally, a master key would operate on all of the floors. The disadvantage of this system was that if a sub-master key were lost or stolen, all of the doors operable by it would have to be rekeyed. If a master key were lost or stolen, all of the keys operable by the system would have to be rekeyed.

As every observer of action programs on television or the movies is aware, pin tumbler locks—despite their ubiquity—may be picked; that is, they may be entered without a normal key by manipulating the tumblers to the shear line so that rotation can occur. Picking is one of several ways by which mechanical pin tumbler locks can be defeated (see Table 10.3).

In addition to pin tumbler locks, other mechanisms are available, including mag- netic or optical locks. The security planner may wish to evaluate and compare the strengths and weaknesses of these other mechanisms with pin tumbler locks.

Lock Hardware and Mountings For moderate- to high-security applications, locks are mortised; that is, they are installed within the core of the door or locking device rather than attached on its surface. Mortised locks can be changed by a locksmith when needed, thus maintaining the level of security after the previous lock setting has been damaged or compromised and must be replaced.

A high-security lock on a low-security door inserted into a weak door-frame attached to a plasterboard or glass wall offers paltry security. The intruder will bypass the lock and instead attack the door, frame, or adjacent wall. Thus, all of these parts must have comparable resistance to attack; otherwise, the security objective will not be achieved. Bolts and locks must be inserted so that they are tamper-resistant and do not represent a temptation to the would-be intruder.

Vaults and Safes Vaults are windowless enclosures with the walls, floor, roof, and one or more doors designed and constructed to delay penetration. Safes are containers, usually with one or more locks, and are smaller than vaults. Both vaults and safes are constructed with tool- resistant steel as well as brick, concrete, stone, tile, or similar masonry. The lock may be either electric or mechanical, with other locks placed on inside containers.

296 OPERATING PHYSICAL- AND TECHNOLOGY-CENTERED PROGRAMS

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

Underwriters Laboratories (UL) provides standards for the burglary resistiveness of vault doors. For example, UL 808 signifies protection against expert burglary attacks by cutting torches, fluxing rods, portable electric-powered and hydraulic tools, and common hand tools. UL also promulgates standards for safes. A typical standard (UL 687) is for Class TL-30X6. This signifies a combination locked chest or safe designed to offer pro- tection against entry by common mechanical tools for 30 minutes on all six sides. The safe weighs at least 750 pounds or, more likely, is equipped with suitable anchors to the floor substrate or on other surface.

Burglar resistance and fire resistance are not the same things. Vaults and safes that are fire resistive demand a minimum thickness for walls on floors where they may be located. The National Fire Protection Association establishes minimum standards for the type of materials required to meet two-, four-, or six-hour fire protective classifications.

Lighting Systems

Violent and property crime, disorder, and accidents occur disproportionately at nighttime or in poorly lighted areas. Good lightning therefore represents one of the greatest deterrents to crime, disorder, or unauthorized access after dark. Dark commercial areas that undergo improved lighting become accessible to more people and stimulate use. The technical quality, energy costs, and longevity of different lighting systems vary widely, although standards exist for minimum-security lighting (see Box 10.1).

Selecting Security Countermeasures to Reduce Loss 297

Table 10.3 Pin Tumbler Lock Security

Pin tumbler locks are the most widely used mechanical lock type. Despite their popularity, this type of mechanism may have—depending on the lock type—inherent weaknesses of which the security planner should be aware.

Factor Consequence

Picking tools Widely available for sale Picking skills Taught in legitimate locksmith schools, but the skills are available

also via mail-order instruction courses and over the Internet Age of lock With use over time, pins and keys get worn down, making them

easier to pick Number of pins A three-pin tumbler has about 130 combinations; a six-pin

tumbler has about 65,000. However, for technical reasons, the number of possibilities is actually much lower. Yet the principle remains: more pins, higher security.

Angle of pins Pins that are vertically aligned to the cuts of the key are easiest to pick. Those that are aligned on different planes are extremely difficult or impossible to pick.

Control of master key Pin tumbler locks may be subdivided into master, sub-master, and other divisions permitting key control. However, if a master key is lost, stolen, or inappropriately copied, all the locks in the protective systems may have to be changed at great cost and inconvenience.

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

Protective lighting should permit the public—including security officers on patrol— to easily see physical features in their immediate environment. Light should be evenly intense along the patrol route. Illumination may be directed toward the outer area where unauthorized people may seek to approach a facility. When buildings are to be protected, lighter colors and unobstructed areas for clear vision are advisable.

Security planners also are conscious of the need for standby and movable lighting to supplement normal lighting conditions. Emergency lighting may supplement standby and movable illumination and is used during times of power failure or other occasions when normal systems are inadequate. Normally, local public utilities are the primary sources for power, but all comprehensive security plans anticipate periodic, unpredictable outages. In such cases, alternative power may be provided by standby batteries or diesel-driven generators.

Closed-Circuit Television (CCTV)

Television transmission that does not broadcast TV signals but rather transmits signals over a closed circuit via an electric wire or fiberoptic cable is called a closed-circuit

298 OPERATING PHYSICAL- AND TECHNOLOGY-CENTERED PROGRAMS

Box 10.1 Minimum Security Lighting Standards

Formal standards specify the minimum lighting required for different security applications. This topic can be complicated because of the irregular ways in which surfaces are illuminated at night. That is, a particular spot may meet minimum standards in one place, but the light may be inadequate a few feet away. Security practitioners take readings with light meters over several spots to determine whether illumination is satisfactory, that is, meets the minimum standards. This device measures illumination in footcandles; a “footcandle” is defined as the amount of light shining on a square foot of surface from a single candle one foot away. Generally, measurements are taken three feet off the surface—about waist- high—or on the surface itself. Lighting specifications can also extend to the width of the lighted strip. For example, a vital structure with non-glare interference requires a lighted strip 50 feet total width from the structure; pedestrian entrances inside a fence require a 25 feet lighted strip.

Surface Minimum Security Illumination

Perimeter fences 0.5 footcandle on either side of the fence Building exterior 0.5 to 2 footcandles on the surface Potential hazardous area 1 to 3 footcandles minimum Parking lots (Covered) 5 footcandles at about 3 feet above surface Entrances 10 footcandles on ground level

Source: Illuminating Engineering Society of North America (1993). Lighting Handbook, 8th ed. New York, NY: IES. Also note: C.M. Girard (1989). “Security Lighting.” In Handbook of Loss Prevention and Crime Prevention, 2nd ed., L.J. Fennelly, ed. Boston: Butterworth, pp. 279–93.

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

television (CCTV) system.17 These systems are invariably part of integrated security systems, which combine CCTV surveillance with image storage and other devices.

The first generation of CCTV cameras used for security applications relied upon cathode ray tubes (CRTs). These are vacuum tubes in which electrons emitted by a heated cathode are transmitted via a beam toward a phosphor-coated surface, which then becomes luminescent. CRTs have different performance qualities, requiring the systems designer to select different types of tubes according to the circumstances encountered. For example, some tube models are indicated for normal lighting conditions, other for night- time or dusk, and still others for where dark and bright light sources may appear in the same field of vision.

Beginning in about 1990, security planners have shown a marked preference for a new generation of camera: the charge coupled device (CCD). This is a camera that uses a chip—a solid-state semiconductor imaging device—that transfers information by digi- tal shift register techniques. Chip cameras have numerous advantages over CRT technol- ogy. As a result of their light weight, CCDs present less demand on their environmental housing and on motors that pan-tilt-zoom the mechanism. They are smaller in size, lend- ing themselves to aesthetic demands of the environment as well as use in covert surveil- lance. Of greater significance still is that picture quality is superior with no loss of definition at the edges of a visual field. CCDs are also rugged. The smearing and bloom- ing that plagued tube cameras and created burned spots do not occur with CCDs. Additionally, chip cameras offer good value with a lifetime use several times that of a CRT model.

Monitors CCTV systems involve more than cameras. Monitors are devices for viewing a television picture from the output of a camera. The monitor may display the video signal directly, live from the camera, from videotape or other stored media, or from special effects generators. CCTV monitors are designed to work with closed-circuit systems (see Figure 10.2). Often, but not invariably, they possess better performance characteristics than those made for consumers, and their price generally reflects this. Digital monitors are available in standard sizes of 5 inches, 9 inches, 12 inches, 15 inches, and 19 inches, with the 9-inch screen being used most widely. Larger-size screens are used when the application divides the screen into multiple images or when a security officer wishes to move an image from a small screen to a larger one for better visibility.

Text information may be superimposed on the visual screen and made part of the visual storage record. The text may include time, date, camera number, and location. Additionally, in some large monitor systems, text details can be superimposed on the field. This permits a console operator to make an informed decision by accessing records that bear upon the required action to be made.

Flat-screen monitors, not long ago costly extravagances, have reduced in price while quality has improved. Flat screens possess numerous advantages over conventional CRT models. It is likely that CRTs will cease to be made within the next generation as the attractiveness of flat-screen options grow steadily. Three types of flat-screen displays are available. Rear-projection is not used extensively for security monitoring, though it is applied in training sessions. The more desirable technologies are plasma and liquid crystal display (LCD). For security applications in big-screen displays, plasma has many advan- tages over LCD. Plasma permits a 160° viewing area from all sides compared with 120°

Selecting Security Countermeasures to Reduce Loss 299

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

for rear-projection and 40° for LCD. Plasma has a brighter picture, better color purity, and higher contrast ratio than LCD. An earlier complication of plasma display was image burn-in. An existing disadvantage of plasma is that the screen creates more heat than competitive technologies. For small screens (less than 37 inches), LCD is preferable. These flat panels are lighter and best for desktop placements. Both plasma and LCD have about the same lifespan rating (typically 60,000 hours to one-half brightness).

Images may be transferred from the camera to the monitor via coaxial cable (com- monly RG59U or RG11U), fiber optics, and, increasingly, wireless means such as radio frequency (RF) or microwave transmissions. Signals can also be transmitted via telephone lines, making it possible to monitor signals over the Internet.

Recording Devices CCTV images collected for security purposes often are recorded and archived temporar- ily. Real-time videocassette recorders (VCRs) convert the signal from a video camera onto magnetic tape. During playback, the video signal is reconstituted for viewing on a CCTV monitor or, if needed, printed copies of images may be downloaded. VCR videotape has a finite life depending on the speed with which the image was registered on the tape and the frequency on which the tape was rerecorded. Tapes that have been used beyond their normal lifetime may be useless for identification purposes. The advent of new digital stor- age media enhances the ability of an image to be retained for long periods of time, to be retrieved when needed, and to do so at low cost.

More recently, digital video recorders (DVRs) have been replacing VCRs. DVRs record video signals from CCTV with numerous advantages over earlier analog technol- ogy. Digital recordings provide many features unavailable from the previous generation

300 OPERATING PHYSICAL- AND TECHNOLOGY-CENTERED PROGRAMS

FIGURE 10.2 Hospital monitoring room (surveying over 200 camera locations).

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

of technology; for example, audio may be included with the imaging. DVRs may be PC- based or embedded. The PC-based version is made possible with the installation of cap- ture cards. Embedded-type DVRs record directly to storage systems. DVR software is available for three different operating systems: Linux, Macintosh, and Windows.

VCRs, DVRs, and other storage technology have made immense improvements in the utility of security systems. In particular, countless crimes have been resolved by the visual evidence collected by image-storage devices. These are further enhanced since contemporary systems often have built-in time/date/camera number generators. For pros- ecution purposes, the evidence collected by such images can be persuasive. Similarly, descriptive inserts on the screen can pinpoint where the images are being recorded.

A single CCTV system can include hundreds or thousands of cameras, if needed, within a unitary configuration. A video multiplexer allows the same system to encode, decode, or view live multiple scenes at the same time.

Video Surveillance Trends The strategy of how to use CCTV output has evolved over the past generation. In earlier years it was assumed that the best practice was for console monitoring staff to silently observe any action that might appear on the screen and then react to it. This was a futile expectation. The next phase was to regard the system both primarily as a deterrent and also as a recording medium to aid in the identification of a suspect in an incident or to confirm aspects of an event that was captured by the video system. Systems today have far better quality surveillance capacities. Further, the information flow has been expanded enor- mously by wireless technology. Real-time off-site video storage that can be “watermarked” permits the use of video to be stored for future retrieval and forensic use, if necessary. Since visual images may be stored on large servers, the capacity to maintain extensive libraries for longer periods of time than were possible with VCR cassettes is now a reality.

Seamless communications allow video information to be monitored conventionally at a console station or anywhere else. Security managers have the capacity to link a video or data feed to their personal digital assistants (PDAs), laptop or desktop computers, or photographic cell phones. Decision making for critical events can occur anywhere, as the information flow is transmitted fuller whenever wireless transmission can be accessed.

Technical Features Selecting the right lenses for CCTV systems is an integral part of a high-performance system. Most lenses used for security purposes are fixed focal length (FFL) and produce a single focal length. A focal length (FL) is the distance from the lens center to a location in space where the image of a distant scene or object is focused. FFL and FL are expressed in millimeters or inches. FFL lenses must be matched with the image sensor size or with a smaller sensor size. They cannot be used with a larger sensor size than that for which they are designed. For example, a 1/2-inch sensor formatted camera will require a 1/2-inch or larger formatted lens. The image size of the picture is determined by the FL of the lens and has nothing to do with format size. Lenses for wide-angle and telephoto viewing also may be selected for applications. Zoom lenses are variable focal length (VFL) lenses that allow a smooth, continuous change in the angular field of view so that the view can be made narrower or wider depending on the setting. This is generally accomplished by a motorized adjustment that can be directed remotely. For covert surveillance or privacy purposes, pinhole lenses are widely available.

Selecting Security Countermeasures to Reduce Loss 301

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

CCTV is increasingly integrated with other technologically advanced resources. For example, video motion detection (VMD) is a software-based hardware device that detects intrusion and generates an alarm condition set by the parameters of the security system. CCTV images may be used to confirm alarms from intruder detection systems, combin- ing the CCTV with another intruder technology, and using the alarm of this technology to establish a video link to a remote monitoring center.18

Intrusion Detection Systems

Intrusion detection systems deter and detect potential entry to a protected area by unau- thorized means. The security planner has an extensive choice of sensors that can identify such incursions to a protected location, each of which has advantages and disadvantages (see Table 10.4).

302 OPERATING PHYSICAL- AND TECHNOLOGY-CENTERED PROGRAMS

Table 10.4 Intrusion Detection Systems

Intrusion detection types are desirable for external perimeter and internal detection. No one system is ideal, and many security planners employ two or more different kinds of sensors to protect the same area. Each type listed below has numerous advantages and disadvantages in addition to the principal ones noted.

Type Advantage Disadvantage

Underground1 Hard to detect Costly to install Fence2 Increases deterrent value Does not detect tunneling

of fence Photoelectric Indoor, outdoor beams Can be spotted and avoided Microwave (exterior) Cheap, easy to install Requires line of sight Microwave (interior) Detects movement in area Prone to some false alarms Passive infrared Reliable; inexpensive Susceptible to defeat by

covering lenses Active infrared Can protect oddly shaped area May require repeated

adjustments Ultrasonic Covers large, diffuse area False alarm from traffic,

operating machines Sound Highest robbery detection Privacy concerns Capacitance Triggered by weight Avoidable, if known Vibration Identifies burglar tool use False alarm from nearby

operating motors Door/window switches Widely used, inexpensive Magnets can defeat Metallic foil Detect window attacks Cracks with age; unaesthetic Glass breakage Identifies breakage sounds Can produce false alarm from

street noise

1 Such as buried microphones, underground sensor tubes, and buried seismic sensors. 2 Such as taut wire, leaky cable, and microphone. Taut wires signal an alarm condition when someone places tension on the wire; leaky cable sends and receives an electric signal, which alarms when someone absorbs transmitted energy; and microphones collect audible signals of possible intrusion attempts. Note: Software for intrusion detection is a different topic and is related to protection of databases.

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

Sensors to detect possible intrusion may be used at outer or inner perimeters, within interior spaces, and for particular objects or at spots requiring protection. The sensors discussed in this section are electronic. The principle of all of them is simple: A normal system is disturbed; it then goes into an alarm state. An audio alarm may be sounded at the site or at a distant monitoring station where security personnel evaluate the circum- stances and respond as the situation warrants.

Numerous environmental and other factors need to be taken into consideration in order to determine which sensors are to be selected for desired security applications. More reliable sensors and systems are constantly being created.

The workhorse for interior (volumetric) motion detection is the passive infrared (PIR) sensor. This operates on the principle of heat detection. It is widely used in nonse- curity applications, such as to open doors in buildings. PIRs are sufficiently sensitive so that they do not cause false alarms from a wide ambient temperature range or from the heat of a small animal. However, PIRs may cause false alarms from hot spots caused by lights, bright reflections, and solar and mechanical heat sources. To overcome the possi- bility of false alarms, sensor manufacturers provide dual-technology sensors, incorporat- ing PIR with either microwave or ultrasonic technology. These sensors will not alarm unless both types of technology indicate an intrusion.

Access Control Systems

Access control systems control persons, vehicles, and materials through entrances and exits of a protected area. (The term is also used in computer security, where it has a dif- ferent meaning.) Access control systems use hardware and specialized procedures to con- trol and monitor movements into, out of, or within a protected area. Access to protected areas may be a function of authorization time, level, or a combination of both.

Access control depends upon the authorized person being correctly identified as part of the approval process. In a simple protective system, on-the-spot visual recognition of an unauthorized person, vehicle, or materials may suffice. However, large systems with numerous personnel and individuals with varying levels of authorization are best man- aged with systems that identify such persons automatically and with a high degree of cer- tainty. Such systems typically involve use of three features:

• Something that the person knows. This can be an access code or password supposedly known only to the individual.

• Something that the individual possesses. For example, an approved identification (ID) card or a token that cannot be easily counterfeited.

• Something physical and unique about the individual. This could be a biometric feature such as a fingerprint, iris or retinal signature, writing dynamics, voice, or a person’s facial features.

These characteristics can be designed into manual, semi-automatic, or fully auto- matic systems. Discriminatory levels can be set depending on the level of security desired.

Identification Numbers and Passwords Individuals may select or be assigned an ID number for use in access control devices such as keypads. In higher-level security systems, individuals may gain access by using a keyboard

Selecting Security Countermeasures to Reduce Loss 303

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

in which letters and symbols can be combined with numbers. Systems that use numbers only may be compromised; hence, the ID number or a supposedly private password must be regarded as a minimum effort at system reliability. A password must be combined with other identifiable means to achieve a higher level of confidence.

Nonetheless, the role of passwords seems assured for the next generation or so. Passcodes for pushbutton entrances are adequate for security barriers, but should not be confused with passwords, which may be unique to an individual. Computer passwords using Windows may be up to 135 characters in length. In practice, for security applica- tions a password should be at least seven characters long and be composed of upper- and lower-case letters, numbers, symbols, and punctuation. To periodically change the pass- word—a good idea—the user needs only alter one character, for example, changing a lower-case letter to upper-case. With letters, numbers, symbols, and punctuation to choose from, the security-conscious user is able to create a password that should be suf- ficiently robust to survive most directory-type attacks to discover it.

Password example: Ineed$s4myCars!

This example makes a whimsical statement that the user remembers easily. Upper- and lower-case letters, a number, a symbol, and punctuation mark are included. To change the password in the future, the user could change one lower-case number to an upper-case; in this example, the “n” could be capitalized, creating a new password.

Revised password: INeed$s4myCars!

In the event a person’s original password is stolen or successfully discovered, an entirely new password should be created.

ID Cards and Tokens A wide variety of ID cards and tokens are available that vary regarding facility of use, degree of security, ease of automatic and personal identification, and cost. Badges may be permanent documents with a lifetime measured in years, or they may be designed to expire within a defined period of time. Disposable self-expiring badges are available that self-void after being issued from ink that migrates from the back of the badge to the front, indicating that the time for its use has expired.

Widely used cards and badges may have one or more features, including visual images in color or black and white; logotypes; signature panels; key personal informa- tion; encrypted data; magnetic stripes; computer chips; and redundant features to make counterfeiting difficult or impossible. These ID cards may be visually identifiable, machine-readable, or both. Each factor affects use, image, and cost. Security operations planners often seek to commit to systems that may be used for extensive periods of time so that capital costs can be amortized.

While the control of visitors and employees is emphasized, such systems have numerous capabilities that relate to other management operating concerns. For example, such systems may be linked to time and attendance procedures in which individuals’ pay- roll data can be created from normal badge use. Also, some systems indicate where in an organization the individual may be found at a particular time. Above all, however, such systems have remarkable flexibility in allowing or denying personal access to defined

304 OPERATING PHYSICAL- AND TECHNOLOGY-CENTERED PROGRAMS

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

locations, much as an access control system for computer systems does. Records may be easily retained and consulted concerning access patterns. Lost cards may be replaced, while anyone who finds a lost ID and tries to use it could be shut out and called to the attention of security personnel. A single card could allow an individual into numerous facilities, including parking lots and locations in other parts of the world if the organiza- tion is managed by a single integrated system.

Biometric Features A password can be learned by another person, who could misuse it. An ID card, badge, or token may be lost or stolen and used by another until the card is no longer system- accessible. However, biometric features, such as fingerprints and iris or retinal informa- tion, rarely alter over a lifetime. Therefore, in theory, systems that use these features have a more reliable means of identification. There are at least two exceptions: Identical twins may have substantially identical biometric features, and certain progressive diseases may change a retinal pattern.

Biometric systems have been made more user-friendly in recent years. They are no longer as expensive and now rely on simple hardware interfaces. In earlier years, some bio- metric systems used long data signatures that organizations had to store and then sort through for identification purposes. The cost of storing data signatures and searching among an extensive data file for a match is no longer a significant economic issue. New commercial biometric applications—like facial recognition—have intriguing possible applications.

Like any system, biometric systems have limitations. Systems operate by first enrolling people, often taking several recordings of the physical feature crucial to the system. This analog information is transferred by an algorithm into a digital number according to a pro- prietary algorithm for the system. When a person seeking access presents a physical feature to be identified, the digital identifier will not be absolute, but will have some variability. Sensitivity can be adjusted by the systems operator. Hence, biometric systems usually iden- tify positively the person with the closest approximation to that found in the file.

False-positive (also called Type I or A) errors occur when an authorized person accesses a restricted facility when he or she should have been allowed. This is the more frequent type of error. False-negative (Type II or B) errors allow admission to someone who should not be admitted but is. This first type of denial often occurs because the subject was hasty at entering his or her physical feature. A repeat attempt often confirms identification. In using biometric systems, a tradeoff may exist between ease of use with faster throughput from the system and a corresponding increase in false- negative rates.

Radio Frequency Identification (RFID) The functionality and application of RFID tags, badges, and readers has been a striking feature of security systems in the 21st century. Applications are constantly expanding and include access control, mustering, emergency rescue, automatic weigh scales, time and attendance contractor control, parking control, safety, and supply chain management.

RFID technology incorporates tags made of silicon chips and a miniature antenna.19

The chips store a unique identification code. Scanners authenticate the tag or product with the chip as it moves throughout a facility or system.

The power of RFID systems is tremendous; some fear too much so. RFID cards can track movements of people much like a cell phone. Privacy concerns have been raised as

Selecting Security Countermeasures to Reduce Loss 305

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

a result. To aid supply-chain logistics, Wal-Mart and other mass merchandisers have required major suppliers to embrace compatible RFID technology. To control high-risk, high-value medicines better, the U.S. Food and Drug Administration has asked pharma- ceutical companies to develop standards for RFID and implement them. Security is also improved with such applications.

Alarm Systems

Mechanical alarms were first used in the mid-19th century.20 Today, alarm systems are predominantly electronic, although numerous types of alarms are available to meet a variety of needs. Alarm systems were created originally to deter, delay, and detect bur- glary, and that remains the main purpose of such systems. However, these alarm devices can detect and monitor other actions, including robbery (through a panic switch), smoke and heat signals, and requests for specific services. Such alarms may sound locally or be monitored by police, a proprietary system, or a commercial central station.

Underwriters Laboratories sets widely accepted and respected standards for alarm sys- tems and vets the reliability of monitoring stations that receive the signals and act upon them. UL standards focus on burglary deterrence and detection capabilities. Types of UL burglar alarm certificates are shown in Table 10.5. Customers with systems meeting UL standards often receive a certificate issued by UL at the request of the UL-listed alarm service company that is maintaining the system. This certificate may be required for insurance purposes.

The central monitoring service may perform a number of services, depending upon the agreement with the customer and the capacity of the alarm service. In addition to receiving and verifying alarm conditions, operators at the monitoring service may call and request that police be dispatched; call designated persons and inform them of the alarm condition; send security personnel to the premises; dispatch someone to reset the alarm; call the fire department or an ambulance; direct maintenance staff to check a machine or process stoppage or irregularity; and perform other desired actions.

Because of the perennial concern with false alarms, alarm installation and monitor- ing businesses endeavor to select systems with low likelihood of inaccurate signals. The customer may wish to have someone physically present as an anti-burglary measure at the facility until alarm service is restored. Training users how to avoid false alarms is emphasized. Nonetheless, false alarms remain a problem. Therefore, many systems will verify the alarm before calling police or taking other action. This may be accomplished through a telephone call, real-time CCTV, or other means.

An inherent weakness of most alarm systems is that their signals travel over wires or cables that can be cut, intentionally or accidentally, leaving the alarmed premises with- out services. At the least, the monitoring center should confirm that a connection has been broken and inform customers promptly that service has been interrupted at their facility. The loss of a primary method of communication may be backed up with a radio frequency system that does not depend upon wires or cables.

Robotic Systems

Security officers frequently patrol offices, making observations and checking the safety and security of the premises as they do so. The same activity, theoretically, could be

306 OPERATING PHYSICAL- AND TECHNOLOGY-CENTERED PROGRAMS

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

Selecting Security Countermeasures to Reduce Loss 307

Table 10.5 Types of UL Burglar Alarm Certificates

Type of Alarm Operation Maintenance Standard

Local Mercantile Outside sounding device. If called in the A.M., Local Alarm Units Police Grade based on equipment. same day. UL 609 Connected Sounding device and If called in the P.M.,

remote connection to next working day. police or listed central One annual operational station. inspection.

Central Station Supervision of openings One annual Central Station Burglary and closings and guard operational Alarm Units

investigation of alarms. inspection. UL 1610 Response time and

equipment used is shown on the certificate. One- hour response for trouble at closing.

Limited Mercantile Supervision of opening One-hour response Central Station and closing signals. for trouble at Alarm Units

Sounding device required. closing. UL 1610 Guard response optional; Same as Central

45 minutes if provided. Station. Local Bank Same as Local Mercantile. Service no later than Local Alarm Units Police Station Same as Police Connected. the second day. UL 1610

Bank One annual operational inspection.

Residential BA Sounding device Same as Local Household Alarm required. Mercantile. Systems

No Grade. UL 636 Hold Up Alarms Manual or Service no later than Hold Up Alarm

Semi-Automatic. the second day. Units One annual UL 636

operational inspection.

Central Station Supervision of openings, If called in the A.M., Proprietary Alarm Proprietary closings, and alarms by same day. Units

the subscriber UL 1076. If called in the P.M., UL 1076 next working day.

Defense Industrial Supervision of alarms, Service within Central Station Security openings, closings four hours. Alarm Units Systems (alarms only at police One annual UL 1610

station). operational Proprietary Remote connection to a inspection. Alarm Units

central station; defense UL 1076 contractor monitoring station or police station

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

accomplished by robotics. A robotic device may be fitted with a variety of sensors and alarms. CCTV on the mobile device can observe real-time activities; remote two-way com- munications can inject an immediate connection with the scene from a distant monitoring post. Robots can follow a fixed or random patrol and can climb or descend stairs, avoid unexpected obstacles, and either confront or retreat from a dangerous situation. Robotics have an intriguing potential to enhance the efforts of security personnel. However, the cost versus benefit ratio for using robotics to replace or supplement security officers has not been attractive to date, though costs are dropping. While a robotic system will work 24 hours a day, seven days a week without complaining, frequent and costly service requirements have deterred wide use.21 (In law enforcement, robotics have a secure place in confrontational circumstances such as bomb threat analysis. In some firefighting situations, robotic devices approach hot areas where even uniformed firefighters cannot approach safely.)

Security robotics in Japan are in advanced use to support activities of patrol offi- cers. Robots are flexible in mounting on declining stairs and transmitting information back to a base. People can be detected by body heat, confirmed by a CCTV, queried by two-way communications, and, if necessary, scared by a loud noise or other warning. Robots can be selected for their likely need at the location. For example, a robot can detect bomb materials from sensors that approach a suspicious person or object, thus not placing the welfare of the security officer at risk.

Communications

Effective security operations must allow seamless communication among managers, supervisors, staff personnel, and others. This is a requirement during normal operations. During an emergency, this requirement is even more important. Because a single system might be compromised or incapacitated due to an emergency, security planners think in terms of multiple means by which personnel can stay in touch during such times.

Typically, security planners rely on commercial telephone service as the basis for communications. However, some applications will merit the use of a dedicated system that only serves a single organization or network. Dedicated lines to local law enforcement authorities, fire, or ambulance services are common features at larger central monitoring stations. In the event that land-line communications are down, contact with significant parties by two-way radio or cell phones is important.

Many security managers have different layers of personal communications. They will have available ordinary telephone service and, in high-security applications, a sepa- rate encrypted communications system. They may also carry with them a two-way radio, personal pagers, and cellular telephones. Wi-Fi (Wireless Fidelity) and VoIP (Voice over Internet Protocol) are transforming communications. Wi-Fi is a term promulgated by the Wi-Fi Alliance and refers to networks that are interoperable despite the manufacturer of the component or the specific transmission band used. Wi-Fi enables text, images, and voice to be sent without wires. Wi-Fi adds immeasurably to security control, but protec- tion of such transmissions poses challenges for the administrator.22 Also, such electro- magnetic wave transmissions can be downgraded by solar flares and adverse weather conditions. Wi-Fi is limited by the output power of the transceiver, the distance between the transceiver and the antenna, and the height of the above-ground antenna. VoIP uses the versatility of corporate Wi-Fi local-area networks (WLANs) to transmit information

308 OPERATING PHYSICAL- AND TECHNOLOGY-CENTERED PROGRAMS

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

with high-quality production characteristics. WLAN permits security executives to stay in touch with inputs from the system with flexibility and low cost.23 Wi-Fi and VoIP applications are growing rapidly. With voice, audio, video, and text applications, quality of service may be challenged. The network owner can set priority levels that correspond to different types of traffic. Individual data streams can be prioritized according to the individual requirements considered most significant to the user.

Information Security Systems

Protection of data systems is an important and complex topic. The nature of cyber threats continues to grow as networks play a larger role in everyday operations and as new vul- nerabilities from the Internet and e-commerce emerge. Information security is covered competently in other books;24 for the sake of this discussion, physical security and sys- tems protection will be considered.

Physical Security for Information Systems Data facilities are usually among the most restricted and sensitive areas in an organiza- tion. Unauthorized visitors are not welcome. Extensive measures are taken to protect hardware and software of the central processor, as well as file storage areas, other proces- sors, switchers, and communications lines. Many of the highest applications of access control are applied to the computer environment. In addition to access restriction, atten- tion is given to fire risks within such a facility.

Protection against loss or disturbances in electrical power is generally a protective activity. An uninterruptible power supply (UPS) is one way in which normal operations can be maintained at least temporarily when power fails. UPS systems may be provided with batteries and supplemented with a solid-state rectifier that continually charges a bat- tery bank. Additionally, an emergency alternator, such as a diesel engine or gas turbine, may be available to drive the alternator. Such UPS systems may provide emergency power for a few minutes to a few hours when, hopefully, regular power will be returned.

A more common problem with computer systems relates to power irregularities that cause momentary spikes, surges, and drops in voltage levels. In the event power loss exceeds the capacity of the UPS system, the system should be backed up and, if possible, activities transferred to another facility not likely to be affected by the power failure. Data must be backed up, preferably on a real-time basis, though batch or computer-run backups will be adequate for less-than-critical applications. Backup may be via teleports, physical records archival procedures, and other means.

Systems Security Hardware and software used to protect local-area networks (LANs) and wide-area net- works (WANs) are supplemented by numerous procedural factors to enhance file service security. These measures concentrate on login, password, trustee, directory, and file attribute security. Other factors such as directory and user creation must be safeguarded from being easily compromised by those outside the system. Firewalls, encryption, and traffic management systems also play important roles in reducing the possibilities of suc- cessful attack from those outside the LAN.

A major issue in IP protections has been protection of transmitted or stored data. Most organizations have concluded that encryption of such information is too esoteric to

Selecting Security Countermeasures to Reduce Loss 309

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

bother about or that no convenient way of doing so existed. However, the emergence of Enterprise Digital Rights Management (E-DRM) allows the possessor of data to control how others may access it.25 E-DRM combines encryption with access control application software. Sensitive data can be protected on remote desktops in e-mail or when copied to CDs or USB drives.

Other Considerations Preventing sabotage, vandalism, and theft are high priorities of data security. While a process center may be protected internally by robust physical security, other considera- tions must be included in planning. Printed records, diskettes, printer ribbons, and tapes may be destroyed by a shredder or turned over to a bonded destruction service. Electronic collection of information is also possible. In high-security federal systems, “Tempest” programs prevent electronic emanations from leaving the immediate environment and being collected and analyzed, presumably by an adversarial power. Tempest-enclosed components are much more expensive than devices without such protection and must be certified by the Department of Defense.

Contraband Detection

Any articles or materials that are illegal for the public to possess and carry into one’s protected area might be screened by specialized processes. A physical pat-down may identify the presence of a weapon on an individual trying to board a commercially scheduled airline, for example. However, the pat-down process is slow, uncertain, objec- tionable to many, and costly. By contrast, automated systems that screen for such illegal objects are rapid, more reliable, nonintrusive, and cost-effective when large numbers of persons must be screened. Like other types of preventative technology, contraband detection systems are constantly evolving.

X-ray Packages, garments, and baggage may be inspected by X-ray technology for contraband, including explosives and illegal drugs. Computer-enhanced and -analyzed images increase the accuracy of contraband identification. Agents must monitor the enhanced images to determine whether a physical search is indicated. The principle of X-ray technology is that pulsed energy that penetrates most objects (lead and some alloys are exceptions) is absorbed by a plate, which then intensifies the image of materials programmed to be highlighted by intense, distinctive coloring. The images are projected for analysis on a color monitor.

X-rays have some disadvantages. Some explosives and bomb-making materials may mimic items normally found within packages or luggage. Similarly, some firearms have plastic parts and are not easily identifiable in enhanced X-ray imaging. Much depends on the skills of the agent who interprets the images. Surely, the enhanced use of X-ray tech- nology since 9/11 has reduced the carrying of weapons into scheduled airlines or into other facilities that employ this technology.

Explosive and Drug Detection While X-rays may detect some explosives and illegal drugs, other technology may be specifically devoted to such detection. The physical principle is that explosive compounds

310 OPERATING PHYSICAL- AND TECHNOLOGY-CENTERED PROGRAMS

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

and illegal drugs may be identified either by sniffing for telltale molecules of the contraband materials or by bombarding a container with energy that will “excite” mate- rials such that they can be identified automatically. Walk-through detectors currently are available on a limited basis and are found in preboard screening programs of airlines and other high-risk locations (Figure 10.3). This technology permits screening packages or luggage without opening the contents. The accuracy and utility of such systems vary greatly. A bomb-detection system may be highly reliable, but it could also be stationary, costly to operate, subject to variable service problems, slow to process items, and expen- sive to purchase. Other devices are lighter, portable, and less expensive, but with an equivalent lower detection rate.

A drawback is that some materials may be prepared with such awareness of the detection technology and its limitations so that their contraband contents are undetected.

Selecting Security Countermeasures to Reduce Loss 311

FIGURE 10.3 Walk-through detector may be configured to detect different types of explosives and drugs. Source: GE Security.

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

While thought of not so long ago as a technology with limited application, these detec- tors increasingly appear to have broader applications.

Metal Detectors Most metal detectors operate by transmitting a time-varying magnetic field that is mon- itored by a receiver. When a metallic object is introduced into the electromagnetic field, reception of the signal is disturbed; this is reported by a light, an audio signal, or both. Walk-through metal detectors may also indicate where on the body metal has been iden- tified. A security officer may then use a handheld metal detector to identify precisely where under the clothing the metal is hidden.

A disadvantage of metal detectors is that they can provide false alarms from metal within the body, such as from a prosthetic device or other types of surgical implants. Also, the sensitivity of metal detectors may be changed at the discretion of the operator. For example, sensitivity can be so acute that a single coin or a metal button weighing less than one-half an ounce can be detected. In such cases, however, the throughput is slow. Yet the same instrument can be set less sensitively so that small weapons will escape detection. Walk-through metal detectors can be configured to include explosive and drug detection during the same screening.

Fire Detection and Life Safety

About 525,000 fires occur in the United States each year, producing losses in the range of $11 to $21 billion in property loss over the most recent decade.26 Of these, about 115,000 are nonresidential structural fires. While the trend for such events has been on a decline numerically, the property losses have increased. Improved techniques for con- structing fire-resistive structures and improved fire suppression procedures have pro- duced beneficial results. Tragic multiple-death fires are less likely to occur, particularly in commercial, industrial, or institutional buildings. In the most recent year for which data are available, 3,900 civilian fire deaths occurred. But of these, only 80 took place in non- residential structures. These include store and office buildings, educational, public assem- bly, industry, utility, storage, and special structure properties. Meanwhile, these advances have been offset partially by loss increases from the number and value of such structures.

Smoke and Heat Detectors Two technologically different smoke detectors are widely available. The ionization type uses a small amount of two radioactive materials (usually Americium-241 and Radium-226) to make the air electrically conductive—or to ionize it. Smoke from flaming fires contains carbon particles that are electrically conductive. When they enter the ionization chamber of the smoke detector, an alarm is activated. Hence, flaming fires with darker combus- tion products tend to trigger this type of detector better than other types of fire.27 This type of smoke detector is susceptible to low temperature, high humidity, and dirt or dust, which may interrupt the current and cause a false alarm.

By contrast, photoelectric smoke detectors operate on a light principle. Smoke entering a chamber either obscures the beam’s path to a photocell receptor or reflects light into a photocell, causing an alarm condition. Visible particles common in smoldering fires are apt to cause an alarm with such a detector faster than with an ionization type.

312 OPERATING PHYSICAL- AND TECHNOLOGY-CENTERED PROGRAMS

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

Another type of fire-detection technology measures heat. These detectors have the lowest false alarm record, but are slow to respond to incipient fire conditions. One type of sensor is a fixed-temperature detector, which uses a bimetallic strip thermostat possessing a different coefficient of expansion for two metals. When the detector is heated, the strip bends in one direction in a way that an electrical circuit is completed, causing an alarm.

A rate-of-rise detector goes into an alarm state when the temperature increase exceeds a stated rate, usually 12 to 15 degrees Fahrenheit per minute. These detectors may trigger a false alarm when temperatures increase rapidly but not because of a fire. They also may not respond when a fire propagates slowly with a gradual temperature rise.

Ionization and photoelectric detectors require some maintenance relative to heat detectors, but are more sensitive and provide an earlier warning of fire. Since the type of fire or fuel that may affect an area often is unknown, the best strategy may be to use both types of smoke detectors in the same system. While smoke detectors may be battery oper- ated, those devices are usually found in residences. Industrial and commercial applications require that smoke and heat detection systems be hardwired and monitored by a system.

In industrial applications, still other specialized smoke and heat detectors are avail- able. Security planners often elect to use a combination of detector types to increase the possibility of early detection of fires.

Life safety considerations are embodied in design and construction methods. The National Fire Protection Association promulgates the Life Safety Code (NFPA #101), which is revised every three years. The code contains detailed provisions and require- ments relating to structural occupancy; wall openings and door fire resistance; emergency lighting; smoke and fire detection; and other topics.

One life safety trend has been the increased use of automatic sprinkler systems. A national standard (NFPA #13) relates to the design and installation of such systems, which mandates that only qualified contractors should install these systems. Six main types of sprinkler systems exist, and numerous models of sprinkler heads are available for different applications. Systems currently available break water into a fine mist, thus extinguishing the fire with greater efficiency and causing less property damage than past types, in which large water droplets were discharged from more sprinkler heads than were needed to suppress the fire.

DESIGNING SECURITY SYSTEMS

Security operations managers tend to follow a formal process when a significant new security system is required or when an existing system faces an upgrade. Once manage- ment determines that the capital investment for such a system must be considered, the following steps generally are taken:

1. Preliminary design. The manager and the project team assume various tasks. Necessary physical information is collected, such as existing facility drawings and security documents. Often with the help of an architect, engineer, or consultant, project scheduling and initial cost estimates are produced relative to the design requirements. Special attention is given to ensure that all components are compatible with each other. The system and its components should be scalable. That is,

Designing Security Systems 313

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

expansion or contraction should be possible without affecting per- formance.

2. Design approach. After approval of the initial design requirements, preliminary drawings, including site plans and system block diagrams, are produced. A cost analyzer will review the requirements and pro- duce a cost estimate range. Each component in the system will be specified. Estimators may use worksheets—paper or electronic—to determine project costs, an example of which is shown in Figure 10.4. The cost analyst will identify possible job cost and time-completion uncertainties at this time. The design will consider such issues as crime prevention strategy, human factors including ergonomics, and the rapid change of technology likely to affect the project. Such issues as

314 OPERATING PHYSICAL- AND TECHNOLOGY-CENTERED PROGRAMS

FIGURE 10.4 Security Alarm System Planning Estimate Form.

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

operational factors, communications, lighting, power sources, terrain, emergency possibilities, and year-round weather variability will also be considered. A more detailed cost estimate will be created next, includ- ing design cost, hardware (including some extras), installation, con- struction supervision and testing, security during construction, and other costs such as contractors’ taxes, profit, bonding, and a contin- gency fee to be held pending completion of the project.

3. Bidding or negotiation. The project will be placed up for bid for local and regional contractors. These will be evaluated by management and its consultant prior to awarding the contract. While management seeks to achieve the best price, total overall value is the primary objective, and frequently the lowest bidder is not awarded the contract. Point systems are often used to help select the winning contractor.

4. Construction phase. This is the period and process in which the mate- rials and services are integrated and the work is undertaken to con- struct, assemble, and install the system.

5. Testing and training phase. Integrated security systems are complex. As portions of the system are completed, they need to be tested repeatedly to make sure they perform as intended. Too many false-positive results and awkward system integration need to be minimal. Similarly, opera- tions personnel may be trained by installers and manufacturers on using the new systems. Operating manuals, paper and electronic instructional materials, and possibly graphic user interfaces (GUIs) may be created for use by personnel who will remain to operate the system.

6. Operational phase. The system is fully installed and operational. Unexpected adjustments are made. The final payments to the engineers and contractors are authorized pending approval and acceptance of the work completed.

SUMMARY

In this time of high-tech innovation, security systems constantly draw upon new advances, incorporating them into a cohesive, integrated system. Increasingly, manage- ment seeks technical resources to improve the quality of protection operations while decreasing operational costs. Technology-based programs offer management an extraor- dinary tool for flexibly, reliably, and economically controlling operations from disparate locations and under different circumstances.

DISCUSSION AND REVIEW

1. How does situational crime prevention differ philosophically and prac- tically from the traditional objectives of policing?

2. Why must security planners be involved early in facility design? What is the expected payoff from such involvement?

Discussion and Review 315

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

3. What is the reasoning behind security signage? What are its drawbacks?

4. Explain the limitations of cylinder-type locks. 5. Why have cylinder-type locks been the mainstay for commerce and

industry for almost a century? Why have electronic proximity locks become preferred for some installations?

6. Why is CCTV almost invariably an important part of an integrated security system?

7. Describe capacities and qualities of a central alarm monitoring station.

8. Provide examples of noninvasive technological methods to detect contraband.

9. What critical stages occur before a security contractor is selected to undertake a major new installation or retrofit?

ENDNOTES 1 J. Young (1994). “Incessant Chatter: Recent Paradigms in Criminology.” In M. Maguire, R. Morgan, and R. Reiner (Eds.), The Oxford Handbook of Criminology. Oxford: Clarendon Press, p. 86. 2 O. Newman (1972). Defensible Space: Crime Prevention through Urban Design. New York, NY: Macmillan. 3 P. Mayhew (1979). “Defensible Space: The Current Status of a Crime Prevention Theory.” Howard J. of Penology and Crime Prevention 18:150–59. 4 P.J. Brantingham and P.L. Brantingham (1981). Environmental Criminology. Beverly Hills, CA: Sage Publications; and P.J. Brantingham and P.L. Brantingham (1984). “Surveying Campus Crime: What Can Be Done to Reduce Crime and Fear?” Security J. 5(2):160–71. 5 Examples from the literature include R.V. Clarke (1992). Situational Crime Prevention. Albany, NY: Harrow and Heston; R.V. Clarke (1997). Situational Crime Prevention: Successful Case Studies. Albany, NY: Harrow and Heston; U.S. Department of Housing and Urban Development (1997). Creating Defensible Space. Washington, DC: Criminal Justice Department, Office of Policy and Research. 6 R. Gigliotti and R. Jason (1984). Security Design for Maximum Protection. Boston, MA: Butterworth-Heinemann. 7 An example is the cost-of-risk analysis (CORA) system, which provides estimates of expected loss or annualized loss expectancy at an average rate in dollars per year; avail- able from International Security Technology, New York City. 8 A.A. Hopkins (1928). Lure of the Lock. New York, NY: General Society of Mechanics and Tradesmen, pp. 29–31. 9 J.J. Fay (1987). Butterworth’s Security Dictionary. Boston, MA: Butterworth- Heinemann, p. 142. 10 Castles were designed for security. Defenders operated from parapets atop the walls during an attack. The concept of concentric circles of protection is clear enough in con- struction of some castles, which have two or three walls, a moat, and protected places within the central structure.

316 OPERATING PHYSICAL- AND TECHNOLOGY-CENTERED PROGRAMS

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

11 A. de Sélincourt (Trans.) (1960). Livy: The Early History of Rome. Baltimore, Md: Penguin Books, pp. 376–77. 12 Geese may be more alert than sleeping dogs at detecting nocturnal intruders. 13 R.S. Eden (1993). K9 Officer’s Manual. Calgary, Alberta: Detselig Enterprises. 14 Note that the term “fence” also refers to a receiver of stolen goods. It is also a metal pin that extends from the bolt of a lever lock, preventing retraction of the bolt unless it is aligned with the gates of the lever tumblers. 15 R. Gigliotti and R. Jason (1992). “Physical Barriers.” In L.J. Fennelly (Ed.), Effective Physical Security. Boston, MA: Butterworth-Heinemann, p. 77. 16 Barrier Technology Handbook (1980). Albuquerque, NM: Sandia Laboratories. 17 H. Kruegle (1995). CCTV Surveillance: Video Practices and Technology. Boston, MA: Butterworth-Heinemann. 18 J. Keble (1998). “Crest of a Wave.” Security Surveyor 28:11–13. 19 Radio Frequency Identification Technologies: A Workshop Summary (2004). Washington, DC: National Academies Press. 20 R.D. McCrie (July 1988). “Development of the U.S. Security Industry.” Annals, AAPSS 498:24–25. 21 Robotics for security purposes should not be confused with applications for law enforcement, particularly in high-risk situations to evaluate bombs or contraband and to enter dangerous areas where lives are at risk. Also see J.J. Harrington et al. (1989). “Sandia National Laboratories Proof-of-Concept Robotic Security Vehicle.” Proceedings of the 5th Annual Symposium and Technical Displays on Physical and Electronic Security. Philadelphia, PA: Armed Forces Communications and Electronic Association, pp. B3–16. 22 H.-L. Chan (October 2005). “Overcoming the Challenges of Wireless Transmission.” Security Technology & Design 15(10):46–48; L. Silverman (May 2005). “Wi-Fi Here and Now,” Security Technology Design 15(5):36–41. 23 R. Anderson (January 2005). “IP Access on the Way.” Security Technology & Design 15(1):30–34. 24 For example, see J.M. Carroll (1996). Computer Security, 3rd ed. Boston, MA: Butterworth-Heinemann; C.P. Pfleeger (1997). Security in Computing, 2nd ed. Upper Saddle River, NJ: Prentice Hall PTR; E. Skoudis (2002). Counter Hack. Upper Saddle River, NJ: Prentice Hall; and R. O’Harrow, Jr. (2005). No Place to Hide. New York: Free Press. 25 “Software: To Protect Email & Precious Documents, Just Seal Them.” (April 14, 2006). Security Letter 36(8):3. 26 The I.I.I. Insurance Fact Book 2006 (2006). New York: Insurance Information Institute, pp. 106–07. 27 T.H. Ladwig (1991). Industrial Fire Prevention and Protection. New York, NY: Van Nostrand Reinhold, pp. 148–54.

ADDITIONAL REFERENCES

D.G. Aggleton (March 1991). “Security Up Front.” Security Management 35(3):71. J. Barry and P. Finnegan (1997). “System Integration.” In J. Konicek and K. Little (Eds.),

Security, ID Systems and Locks. Boston, MA: Butterworth-Heinemann. M. Felson (2006). Crime and Nature. Thousand Oaks, CA: Sage Publications.

Additional References 317

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .

R. Homel (Ed.) (1996). The Politics and Practice of Situational Crime Prevention. Monsey, NY: Criminal Justice Press.

R. Lang (February 2005). “The New Functions of RFID Technology.” Security Technology & Design 15(2):28.

D.E. Levine (August 2005). “Wide Open Wi-Fi.” Security Technology & Design 15(8):54.

N.S. Levy (1998). Managing High Technology and Innovation. Upper Saddle River, NJ: Prentice Hall.

S. Lyons (1992). Lighting for Industry and Security. Oxford, UK: Butterworth- Heinemann.

U.S. Department of Housing and Urban Development (April 1997). Creating Defensible Space. Washington, DC: Office of Policy and Research.

318 OPERATING PHYSICAL- AND TECHNOLOGY-CENTERED PROGRAMS

C o p yr

ig h t ©

2 0 0 7 . E

ls e vi

e r

S ci

e n ce

& T

e ch

n o lo

g y.

A ll

ri g h ts

r e

se rv

e d .