Devising an effective school security plan

Jul 1, 2000 12:00 PM, ACCESS CONTROL & SECURITY SYSTEMS INTEGRATION STAFF

It's happening everywhere: in the midwest, a teenaged girl is suspended for a week because her school's zero-tolerance weapons policy won't ignore the fact that she had a steak knife in her car. She inadvertently left it there after leaving her night job as a waitress. At a high school in Illinois, at a cost of $1 million, 500 video surveillance cameras are installed; but how can that number of cameras be effectively monitored? At another school near the Rocky Mountains, well-meaning administrators install a large number of high-tech security cameras, only a few of which are effectively placed. And behind all of this is a group of politicians, some well-meaning, some not, all hoping that the successes they create in school security can catapult them to greater political achievement.

Given the recent violence in schools, it's easy to understand the drastic steps being taken to ensure personal and facility security. But what is the ultimate cost to school systems' budgets and students' personal freedom? Does the cost outweigh the benefits? And how much of it is a reaction to the outcry generated by political opportunists and the media frenzy that is sure to follow any school tragedy?

The implementation of drastic security policies and throwing money in the direction of the latest high-tech hardware will certainly give the public the perception of new-found security, but how much of it will actually provide the best safety at the lowest cost?

Schools, by their very nature, will never be truly secure unless we turn them into prisons. And without a prison-like environment, anyone bent on recreating Columbine can certainly accomplish what he sets out to do. How many laws were broken by the Columbine gunmen? How do you stop an insider from destroying your school? Case after case of insider "terrorism" proves one thing: you can't stop it. Consider the case of the computer sabotage on Omega Engineering's manufacturing plant in Bridgeport, N.J. in 1996. An insider deleted virtually all of the company's computer files, causing an estimated $12 million in damage and effectively eliminating Omega as a market force. If an insider with hopes of avoiding detection can accomplish this much white collar destruction, how much more dangerous is a suicidal insider with a gun?

With limited budgets and tremendous pressure to "do something now,' administrators are facing a crisis never before seen in our schools. Fortunately, whether it be a multi-campus university with a security budget running into the millions or a small town with a single school to protect, the answer is always the same. Administrators must ask themselves the question: "What can we afford to protect?"

Any suggestion that we're not doing everything we can in the area of students' safety would seem to be a political time-bomb. But in reality, it's the best question that an administrator can ask, because the answer can be found by developing a long-term Security Master Plan (SMP).

The SMP focuses on core security issues and recommends the best, most cost-effective ways to reduce risk. Consisting of up to three distinct phases, the SMP is conducted by a consultant whose responsibility is to provide unbiased, client-specific information and assessment. While the installation of the latest high-tech hardware may give everyone a quick-fix feeling that "somebody is finally doing something," the SMP goes beyond politics, policies and hardware, resulting in a thorough understanding of not only your security needs, but the best way to budget your security solutions.

An SMP is simple in its approach. Here is the plan:

n Find out what you need to protect.

n Figure out the cost of the best options to protect it.

n Work out a multi-year budget for your most viable protection options.

n Execute your plan.

n Re-evaluate annually and update the plan.

Phase I of a typical SMP is a thorough facility systems analysis that defines a school's assets, the possible threats upon the facility, and the areas of vulnerability within the facility. Central to this threat assessment phase are interviews with anyone having familiarity with school operations. All things are considered, from pencils to property to people; from theft to vandalism to violence.

As an example, Lockwood Greene (LG), with its security consulting partner ENSCO, recently conducted a Phase I facilities systems analysis for a major Colorado school system. Students, parents, faculty, administrators and staff were interviewed to gain an insider's perspective on the school's assets and vulnerabilities, and the effectiveness of its policies and procedures. Multiple school facilities were toured to observe the arrangement and functionality of the rooms, connecting hallways, entrances and exits, existing safety and security systems.

Using available information, LG/ENSCO defined all aspects of the school's assets and ranked the assets according to loss impact - either vital, important or secondary.

Next, they considered potential threats to the assets and their probabilities of occurrence. The threats were grouped into four broad categories: criminal, operational, natural and accidental. The criminal threat includes identifiable criminal events such as vandalism of school property, possession and use of dangerous or prohibited items, drug use or sales, theft and criminal trespassing. Operational threats include minor physical assaults, threats of violence and unauthorized access.

Natural threats include hurricanes, tornadoes, earthquakes and other "acts of God." The last category, accidental threats, includes fire, utility explosion, chemical accident and vehicle accident. Each potential threat and its probability of occurrence were then applied to each asset to determine how a security breach could occur.

Phase II is the risk management phase. It considers the possible countermeasures necessary to mitigate the threats and vulnerabilities discovered during Phase I. Infinite numbers of possible combinations of countermeasures are studied, and each is assigned its own set of appropriate costs. Appropriate countermeasures can include everything from revamping school policies and procedures to installing electronic security systems, hiring guards and putting up physical barriers.

Phase II is also the phase that asks the original question, "What can we afford to protect?" It gives administrators the best idea of how to spend the appropriate amount of money on the most effective system for their needs. Because Phases I and II supply detailed, effective information regarding effectiveness of a security plan and its long-term cost-effectiveness, the budgeting efforts necessary to sell the program to the public are made radically easier. It is at the end of Phase II that school administrators begin to gain confidence not only in their ability to protect their assets, but in their ability to convince those who control the purse strings that their security proposal is well-thought-out and worth the investment.

In Phase III, the school system initiates a multi-year planning phase in which budgets are developed to fund the acquisition of the most viable security options. "What can we afford to protect?" actually becomes a plan, and the fund allocation begins. Armed with detailed security and cost analyses, school administrators can go into the budget fight with the tools necessary to win their proposed budgets and begin the arduous task in Phase IV of implementing effective school security.

It should be remembered, however, that neither the SMP nor any other systematic approach to planning is meant to solve all the security concerns faced by public schools. It's only as good as the people who put it together.

Want to use this article? Click here for options!
© 2008 Penton Media Inc.

This month in Access Control

• Targeting The Customer
• Electronic Pedigrees
• One Hero Among Many
• Who? What? When? Where? Why?
• More from September's issue