Dissecting The Layers
Different product offerings meet various security requirements
- By Jeff Brown
- Aug 01, 2012
When people talk about layered physical security, they often
think it involves having more than one security device at a
particular point on their property. A good way to visualize
security layers is to break down what can be considered the
different layers of a building’s perimeter from the outside
in—beginning at the property line, then to the entrance of a building, and ending
at the interior doorway. For each layer, there are different product options as well
as varying requirements that security leaders need to consider to maximize protection
of a facility and its assets.
Layer One—Outer Perimeter
True security begins at a facility’s outermost perimeter. The edge of your property
line is the best place to stop or detect an intruder because the time to respond can
be maximized. A common approach to securing the perimeter involves the four
“Ds”: deter, detect, delay and deny. At the outermost perimeter, security options
are numerous and range from age-old technologies to the latest innovations.
While fences and walls are among the most common structures used for securing
perimeters, tighter security needs driven by regulations such as Chemical Facilities
Anti-Terrorism Standards (CFATS) often require some form of intrusion
detection system. Such systems help provide a higher level of perimeter protection,
whether they are fence-mounted, freestanding or buried.
There are many technologies available in fence-mounted systems alone, such
as taut wire, microphonic and fiber optics. These systems have varying degrees of
success and sophistication and are all designed to detect any intrusive attempt to
cut, climb or lift a secured fence and issue an instant alarm. Cameras can then help
verify that an alarm is in fact a legitimate intrusion—versus a nuisance or false
alarm requiring no action—and guide security staff in taking proper action before
an intruder reaches the buildings or assets inside.
“Detection and assessment are the keys to effective perimeter security,” said
Benjamin Butchko, president of Butchko Security Solutions. “Assessment is important
because when sending responders, you need to know the alarm is legitimate,
what you’re looking for and where the threat is going, because by the time
responders can get to the outer perimeter, the threat has moved on.”
Some facilities occasionally use cameras with video analytics as their sole perimeter
intrusion detection system. This may be an attractive and lower-cost option
when there are already cameras monitoring the property line, but this solution
has known deficiencies.
“For high-security and high-risk environments, video analytics is more of a
complementary than a stand-alone technology,” Butchko said.
Cameras with video analytics are an example of freestanding systems in which
fences may not be required. This category also includes passive and active infrared
systems and microwave and electrostatic sensors. Different devices can detect activity
crossing narrow strips or wide-open areas. They can also complement fence
systems by protecting gates or adding a layer of defense on either side of a secured
fence to supply more detection intelligence.
Buried sensors are also cable-based and include seismic, leaky-coax and magnetic
sensor options. Like cameras, sensors can be used where there is no wall or
other barricade to protect property, and they can be helpful in alerting security
staff if an intruder is approaching or has reached a point inside a secured area.
Most of these outer perimeter security options are visible to intruders and serve
as a deterrent as well as a means to detect. They also can trigger lights and audible
alerts, which add additional deterrence. Other delay tactics usually involve barriers to overcome, such as barbed wire, a second fence or terrain
elements, such as ditches. Distance can also be a
delay tactic, wherein the outer perimeter is pushed farther
away from protected assets, allowing more time for
security forces to respond.
If all you have is a fence as your primary means
for perimeter protection, you may want to consider
your perimeter as an area that needs some attention.
The timing for action and the level of effort and investment
this layer merits for your business depends
on many things, including a candid assessment of the
risk and resources available.
“Organizations usually close the door after the
horse is gone,” said Darin Dillon, business development
manager for Convergint Technologies. “Admittedly,
it is sad that loss is frequently the instigator to
spend on security.”
In some cases, regulatory authorities get involved
to drive action. Sometimes, a large national or local
security-related event will spur others to take preemptive
action. Or, it may just make sound financial
sense, as was the case for Guadalupe Valley Electric
Cooperative (GVEC), an independent electric utility
in South Central Texas.
“Our goal with our new substations was to implement
a multilayered intrusion detection system. Two
of the layers we aimed to improve included perimeter
security and access control from the unmonitored
cameras we had in place at our preexisting substations,”
said Bernie Acre, information systems division
manager for GVEC. “Today, we include a fiber-optic
intrusion detection system on all perimeter substation
fencing, which triggers fixed and PTZ cameras and
alerts at our 24-hour control center. While we are not
mandated at this point, evolving NERC compliance
regulations encouraged us to assess and evolve, rather
than react. From a business perspective, a $50,000 investment
to protect a $5 million asset for the members
of GVEC is warranted.”
Layer Two—Building Entrance
Security
Since an organization’s most valuable assets often are
within a building, having security control who enters
a facility is an important line of defense. Unlike outer
perimeter security efforts, this second layer is more
hardened and can deny access. What someone encounters
at a building’s entrance greatly depends on
the building itself. At a control house of an electric
substation, a simple keyed door may be the only security.
Office buildings lower than Class A rarely have
any security beyond access-controlled outer doors that
lock after business hours. Commercial and industrial
spaces may have either of these or even full-height
turnstiles that span from floor to ceiling and can operate
as an unsupervised entrance control system.
Many large corporate offices, Class A buildings
and government buildings employ security staff to
process visitors and handle other issues. Oftentimes, a
security officer will check for badges or operate scanning
equipment to ensure people entering are authorized
to proceed.
“Having a security officer visually verify that the
ID matches the person is the best thing, but this process
does not provide acceptable throughput, and
having an adequate number of security officers available
to facilitate acceptable throughput would be very
costly,” Dillon said.
An alternative is to create walls with doors instead
of an open lobby. Then, door access control methods
with supervising security staff can work. However,
walls tend to get in the way for building owners or
corporations that desire a large, open and aesthetically
pleasing lobby. For typical open lobbies, advanced
security systems pair optical turnstiles with an access
control system to remove security officers from conducting
routine verification. This not only improves
security and speeds throughput but also lowers operating
costs because security staff is reduced.
“Turnstiles are a good opportunity to reduce
budget, but they are most helpful in being effective
at securing the entrance and getting people through
faster,” said Randy Simpson, senior sales executive for
Metroplex Control Systems.
The most common optical turnstile
configuration used for securing
a building lobby includes a barrier,
typically made of either metal or glass,
that provides deterrence and delays
benefits. For a more hardened lobby,
turnstiles with imposing 6-foot-high
barriers are more difficult to defeat. As
a result of the recession, some Class A
buildings have begun using tall barrier
turnstiles in unguarded lobbies to
save on labor costs. This can be risky
if it hinders response to alarms. Fullheight
turnstiles may feel more secure,
but they are often viewed as eyesores
in this environment.
“In Class A buildings, aesthetics always
win out over security,” Simpson said.
The best optical turnstiles combine
speed and high security with refined style
that is far different than the bulky, masstransit
look of most turnstile brands.
A final consideration for high-rise
buildings is to use elevator destination
dispatch technologies for controlling
access to floors. Such devices require
credentials to call an elevator and restrict
individuals to stay on floors on
which they’re allowed. As a stand-alone
entrance technology, this would not be
sufficient because anyone can enter an
open elevator. But with guard supervision
or optical turnstiles in place, it’s an
excellent complement.
Layer Three—Interior
Door Security
Moving deeper into a building, the
third major layer of security is at a
doorway—nearly the last line of defense.
This innermost layer of security
typically is given the most attention because
it is closest to an organization’s
core assets. Most end users already
have an access control system, locks
and readers in place to create a secure
access point, but for sensitive doors,
more may be needed.
There are many security considerations
for a door beyond controlling the
lock. As a portal into a secure area, the
door itself, as well as the hardware and
door frame, all have to be considered
as possible points of compromise that
would enable unauthorized entry. Once
a door is unlocked, another substantial
security risk is added—the open door.
In order to achieve full door security,
this open portal also must be protected.
Secured doors don’t open without
an authorized person present, so asking
employees to help enforce an organization’s
access restrictions is an option. In most situations, however, this is not a
reliable method. With innocent incursions,
many employees may be fine with
stopping a person. But with aggressive
and skilled intruders, or with collusion,
the open door provides free and
easy access. One option is to station a
security officer nearby to complement
the access control system. Surveillance
cameras are another option, but this is
a passive way to monitor because they
can provide only forensic or investigative
benefits after the damage is done.
The best scalable alternative is to
use an “anti-tailgating” or “anti-piggybacking”
door security solution. Some
devices can be mounted to the sides of
a doorway and project beams across the
opening. Others mount overhead and
use an imaging method to count heads.
All work to accomplish the same result—
force every person who passes through a
secured door to present authorization.
“Certain customers are thinking
more about tailgating these days,”
Simpson said. “Low-profile solutions
are great in applications such as executive
levels of a corporate headquarters
where they want to beef up door security
but still give the soft feeling of being
able to come and go when you want to.”
A high-profile and expensive way
to ensure that only one person passes
through for each authorization is to
install a mantrap, in which a vestibule
space is created between two secure
doors and only one door is allowed
open at a time. This solution requires
architectural modifications in addition
to security equipment and may even use
one of the aforementioned tailgate detection
systems to ensure only one person
is in a vestibule before an interior
door is unlocked. If designed correctly,
a mantrap is difficult to defeat, though
it is not always practical or appropriate
for the risk level. It makes the most
sense in applications where stakes are
high, such as at large data centers, laboratories
or jewelry stores.
The impediment of a closed door is
the only effective way to deny access,
but having the power to know if an intruder
has made it in allows a response
to be enacted to secure assets beyond
the door. As with perimeter security at
the property line, combining surveillance
with detection at the doorway
enables proper assessment of the force
needed to stop an intrusion.
IP and Layered Security
One development underway that will
help manage all three perimeter layers
is the continued transition from analog
to IP-based security solutions.
In lobby security, optical turnstiles
have recently begun moving online. At
the fence line, however, aside from IP
cameras, there currently is no visible
move toward IP for intrusion detection
solutions. Time should change this as
the benefits of security systems on the
IT network in other parts of an organization
start to gain more attention. This
likely will lead to growing demand for
IP-enabled solutions to
address security needs
across all layers of the
perimeter.
This article originally appeared in the August 2012 issue of Security Today.