THE HIDDEN FORTRESS

Jan 1, 2005 12:00 PM, By Josh “Shuki” Einstein


         Subscribe in NewsGator Online   Subscribe in Bloglines

The protection of critical infrastructure is an important task for both government and private industry, especially since Sept. 11. Given these requirements, the architectural design and construction industry now has a responsibility to help ensure critical infrastructure security in their work, and security must be inherent in their designs.

The construction of new public and private sector buildings, plus the retrofitting of existing ones, now require that design and construction teams have an eye for physical security in the design process. Inadequate security design and construction not only endangers lives, but disrupts workflow and hinders productivity. Too often, vendors' technological solutions are emphasized at the expense of other approaches.

It is not enough to add extra lighting and cameras, a new fence, some portable Jersey barriers and more security personnel. These may have been expeditious solutions in the wake of Sept. 11, but are insufficient for the permanent shift that is under way to secure buildings and facilities throughout their expected lifecycles.

With the new movement toward comprehensive security, both government and private sector interests need to adopt new methodologies to help incorporate best practices in the latest design and construction security solutions.

The hidden fortress approach

Today's challenge for design and construction teams is to incorporate security without compromising design and hindering daily operations. As a result, the best solution for the future of building and facility security is “hidden fortress” approach that is sustainable and involves multi-layered and complementary solutions. The “hidden fortress” approach is a product of an “ergonomic security” model, which looks at how to design building and facility security so as not to interfere with normal day-to-day operations. The solution should be a harmonious combination of the facility's physical security demands with the psychological and ergonomic needs of the end users.

A holistic “ergonomic security” approach integrates all aspects of security. It means examining how to make systems easier for people who need to use them, looking at both cyber and physical access and the materials used in the buildings. It also means incorporating more rigorous human resources policies. Ultimately, the challenge is to create a sensible security program without compromising facility operations, functionality and quality of life.

Developing sensible security solutions

There are many components that comprise a comprehensive security-driven design and construction process for both government and private enterprise. Together, they provide useful benchmarks for building and facility security officers working with decision-makers with a pressing need but little experience in the process. Since there are currently no specific building standards or guidelines to follow, benchmarks provide a rigorous guide for security, design and construction professionals. Here are some critical benchmark considerations.

  • Develop a comprehensive security plan

    Senior management and decision-makers must have a comprehensive security plan in place. A security system is only as strong as its weakest link; therefore, the plan should be exhaustive. It is important to have management understand why temporary or partial fixes are inadequate solutions. It is important to take time to perform due diligence on the inside operations of the enterprise and to identify critical assets and environments that need to be more secure than others. A comprehensive understanding of building and facility operations will only enhance the design and will make security solutions even more effective.

  • Create a facility security mission statement

    This should comply with the strategic objectives of the organization and should have mantra-like recognition among end-user employee staff. It is equally applicable when designing a new building or facility or when retro-fitting and re-building an existing one.

  • Identify the design basis threat

    The design basis threat defines the threat which the building or facility is being protected against and the probability that the threat will be carried out. For example, does the designated building's occupants worry more about disgruntled employees than terrorism? This will have a direct impact on the design and configuration of the building or facility and will ensure that tight funds will be spent in response to the most likely threat scenarios.

  • Involve the end-user in the security vulnerability assessment (SVA) process

    Security is achieved by identifying vulnerabilities and then finding workable solutions by integrating end-users with facility physical hardening and security procedures. It is critical to get advice from trained non-affiliated security, design and construction experts.

  • Realize the importance of assessment tools, prioritization and focus

    Proper risk assessment methodologies should be used to assess building or facility vulnerabilities. Such methodologies provide the tools that ad hoc, off-the-cuff assessments can not. However, systematic methodologies have their flaws and should be balanced with common sense and experience.

  • Respect existing architecture and design

    The intent of ergonomic security solutions is not only to answer genuine security concerns, but to respect the integrity of the design of both existing buildings and new construction. Security without aesthetic design considerations will result in less-than-inviting buildings and facilities. Design and construction should retain the features of an open and free society without conceding to an overt bunker culture.

  • Educate the client on state-of-the-art technologies

    Primary stakeholders must understand the availability and function of the latest technologies to solve their security issues. They must also understand how they are to be smoothly integrated into the overall solution. How new technologies affect manning issues should be underscored — do they require more or less trained personnel to operate?

  • Integrate training and security awareness

    Security awareness is a bottom-up process and begins with each employee in the facility. Security awareness training should be part of the overall security package while the facility is being re-fitted or under construction. This ensures that staff will be fully prepared to implement the new security technologies and procedures when the facility becomes operational. The most efficient and cost-effective security tool is security awareness by the people with a personal connection to the building, facility and the people in them.

  • Establish stringent procedures for confidentiality

    Access to integrated technical security solutions and their operations should be restricted on a need-to-know basis. Design drawings and any other security-related collateral that is developed and used during the design and construction phase should be controlled and protected.

  • Push for visible vs. invisible security

    Depending upon the function of the building or facility, security may be visible or invisible. On the positive side, “visible” security solutions may raise user confidence that they are being protected (i.e., suddenly increasing the number of security guards). On the negative side, “visible” security can raise the user's anxiety level, resulting in a stressful workplace. On the other hand, “invisible” security does not deter, since it cannot be seen or experienced (a critical factor of deterrence).

Make it user-friendly

Since Sept. 11, the incorporation of security solutions in design and construction has a human as well as a technological dimension, which is often overlooked or undervalued. As security solutions move into society's mainstream and become a permanent fixture in our day-to-day lives, comprehensive security solutions, taking into account the more ergonomic or “user friendly” aspects of a “subtle fortress” approach should be widely considered.

The objective is to provide secure environments for government, private industry and society to operate smoothly. Society's “pursuit of happiness”, even in the post-Sept. 11 world, should not be degraded or slowed by poorly thought-out security solutions that both hinder day-to-day operations and worker productivity.

A LOOK INSIDE

The Triadic Design Template

Sensible security solutions in the design and construction of buildings and facilities result from the marriage of what is theoretically possible with what is realistically probable.

Accounting for the critical considerations is an essential part of this marriage. It is useful to go through a triadic design process, first examining the existing design, then taking a “blue sky” look, followed by a final hybrid solution. This triadic design template is a proven approach for consideration by the security, architectural and construction team.

Arriving at a useable design template consists of first examining the existing facility design and its security operations. The level of importance of each object or area within the building or facility is numbered 1-5, with “1” requiring the highest security assurance. Within Figure 1, these are the bulk chemical tanks. Then, a “blue sky” or perfect world template of the building or facility security picture is sketched out. In short, this is the perfect-world template, where neither cost nor operational considerations may matter — a world where security is the sole design driver. The final design template is a realistic schematic, which reaches a compromise between real-world operational requirements and perfect-world security considerations. It integrates all of the critical considerations that are inherent within the security vulnerability assessment, including the many factors that compose a holistic, ergonomic design of the “subtle fortress” approach to building and facility design and construction.

FOR THE RECORD

About the Author

Josh Einstein, AEAI, is an architectural lead in the CH2M HILL Portland office. He formerly served as the architectural discipline coordinator for CH2M HILL Middle East office in Jerusalem.

Want to use this article? Click here for options!
© 2008 Penton Media Inc.

Today's New Product

Product 1 Image

Privaris Biometric Verification Software

In support of the Privaris family of personal identity verification tokens for secure physical and IT access, an updated version of its plusID Manager Version 2.0 software extends the capabilities and convenience to administer and enroll biometric tokens. The software offers multi-client support, import and export functionality, more extensive reporting features and a key server for a more convenient method of securing tokens to the issuing organization.

To read more...


Govt Security

Cover

SUBSCRIBE

This month in Access Control

Latest Jobs

Popular Stories

Resources

Webinar

A Cost-Effective Framework For Total Security Integration

Join AC&SS and MAXxess as they review two different IP-framework applications
Wednesday, July 30, 2008 at 2:00pm ET/11:00am PT

Register Now!

Back to Top