Adding ‘Fire and Fury’ to Perimeter Security, by Doug Haines

It is essential that we consider what happens if the “bad guy” breaches our “secure” perimeter at any level – then what?
It is essential that we consider what happens if the “bad guy” breaches our “secure” perimeter at any level – then what?

By Doug Haines, Owner and CEO of Haines Security Solutions

With all the hype on electronic security technologies; i.e., biometrics, intelligent video analytics and the like we’ve become dependent on technology to fill the gaps in our security approach.

Now don’t get me wrong, electronic technologies have come a long way in solving some of the inherent pitfalls – complacency, boredom and failure to follow the rules.

I applaud my friends in the electronic security business in overcoming these obstacles.

But the reality is for a security system, whether electronic or otherwise, it must be comprehensive or holistic and include common characteristics in mitigation strategies.

Just putting a badge reader with CCTV at an access point is not enough. 

In other words, distinguish good behaviors from bad.

With that in mind, we need to admit that there are really four perimeters in physical security.

We sometimes refer to them as layers or defense-in-depth.

Defense-in-depth assumes that each layer provides an opportunity to deter, delay, and detect an aggressor and to respond and defend against attack or before a crime can be committed.

In order to be truly effective each “perimeter” must be used, when and where available to assist in the four D’s.

4 D's of Physical SecurityDeterrence comes in the form of warning signs, random patrols either by human guard forces or robotics, visual display of surveillance and dedicated lighting.

Delay mechanisms include such things as, physical barriers (fences, planters, way-signs, trash containers, hard and soft landscaping, doors, windows, etc.) that restrict movement and slow approaches of pedestrians and vehicles.

Note: The longer it takes to transverse a space the higher the likelihood of detection. 

Detection capabilities that also include assessment components, such as, electronic security systems that have a “real time” monitoring element are essential [1] [2].

Planters and benches used as a hardscaping barrier system. Image provided courtesy of Marshals Landscaping Products

Without an adequate response to “unwanted behaviors” by either members of the organization or the guard force then engagement will be lacking and the perpetrator will succeed; thereby, putting people at risk.

Layer 1 – Property Boundary/Line

If you ask one hundred people, approximately 95 percent will say that perimeter security is a fence at a property boundary.  Well, they’re partially correct.

The most commonly referred to “perimeter” is the property boundary or the edge of the space that we can control.

The perimeter is actually a line of demarcation, sometimes identified by a fence or sign or something, that basically says, “If you’re over there I don’t care what you do, but if you come over here, I want to know who you are”.

And then we direct them down to an access control point to get checked.

Most security officers focus on bolstering this first layer where the controlled space comes into contact with the public and consequently put most of their resources there.

The idea being the harder it is to get in the less likely the “bad guy” will. 

Unfortunately, this is simply false.

A dedicated threat will “get in”, just ask Jason Bourne or Jack Reacher.

It is essential that we consider what happens if the “bad guy” breaches our “secure” perimeter at any level – then what?

For this reason each pillar of physical security (detection, assessment, command and control, response and engagement) ought to be considered and present in some form at every layer.

Layer 2 – Externally Controlled Perimeter/Enclave

Some assets that have special functions, like data centers or communication infrastructure will have an external perimeter dedicated to the asset.

It usually is in the form of a fence with an automated access control systems and some lighting.  This is usually enough.

Layer 3 – Asset Façade or Shell

All assets have a layer 3.  For building assets it’s the façade or elevation.

For above ground water-tanks it’s actually the structure itself – the skin, if you will.

Layer 4 – Internally Controlled Spaces

Image courtesy of bloggingora.com

Some assets have internal spaces that not everyone in the building is allowed to access.

A great example is a bank vault or the pharmacy in a hospital.  Only certain folks are allowed entry.

A building asset in New York City for example, has both layers 1 and 3 combined.

The building itself becomes the property boundary because that is the point at which access can be controlled.

Unless, it affects the occupants of the building nobody really cares about the crazy guy on the sidewalk.

There probably would be some controlled spaces within the building where some folks are allowed access and others aren’t, so it would have a layer 4.

There probably wouldn’t be a layer 2, but for a communication facility on a military installation there would be.

Adding the “Fire and Fury”

Too often when considering security solutions for perimeters we tend to hone in on electronic-technologies for the property line that will work without too much human interaction, because let’s face it most of the time nothing happens.

Well, having great intelligent analytics or predictive analytics is not in and of itself sufficient.

Non-electronic technologies should also be used.

Non-electronic technologies take the form of plans and policies, which identify what constitutes good and bad behaviors, how to respond to them by both the employees, key staff and security forces and how to engage the perpetrator so that the potential for violence is reduce.

An array of applications for ballistic resistant materials used to protect occupants against the active shooter threat. Courtesy of Amulet ® Ballistics Technologies
An array of applications for ballistic resistant materials used to protect occupants against the active shooter threat. Courtesy of Amulet® Ballistics Technologies

Non-electronic technology can also be something as simple as ballistically-hardened furniture or conference rooms that offer a place to seek cover.

Configuring spaces that isolate bad behaviors can also help.

Many communities impose requirements for Crime Prevention through Environmental Design (CPTED) principles on the exterior portions of buildings, usually from the property line to the asset (building) itself.

While helpful, we cannot forget about the other layers.

Every layer provides an opportunity to distinguish good from bad behavior.

Crime Prevention through Environmental Design (CPTED)
Natural Surveillance Create as many opportunities as possible to get “eyes on”.  Use balconies, open stairways, bay windows, etc.  Design space so that it is multi-functional; kids in the morning, teens in the afternoon, adults in the evenings and millennials later. Limit the use of trees and shrubs.
Natural Access Control Limit access points or entrances.  Design them so that they are obvious entry points to first time users.
Territorial Reinforcement Let people know that the space is “claimed”. Use different construction materials, colors, lighting, fencing, landscaping, etc.
Maintenance Keep spaces well maintained. Trim trees no lower than 7-8 feet and shrubs no higher than 3-4 feet. Maintain sidewalks. Ensure lighting is functional.

 

CPTED principles have been around since the 90’s and are another very effective non-electronic strategy.

A combination of intersecting electronic and non-electronic technologies for detection, assessment, command and control (policy and procedure), response and engagement is a precondition for the perimeter system at every level to function at full capacity and in a robust manner.

(Learn More, courtesy of Greg Perkins and YouTube)

The overarching philosophy of any physical security perimeter plan must include all three of these elements.

First, recognize that each asset requiring protection has several layers or perimeters and each offers an opportunity to deter, delay, detect and defend.

Each MUST be used wherever and whenever they are present.

Second, the plan must be comprehensive and holistic and include all five physical security pillars – detection, assessment, command and control, response and engagement.

Ultimately, the goal is to reward wanted behavior and deny and isolate unwanted behavior.

And third, there must be a combination of overlapping and seamless electronic and non-electronic technologies in order to have a fully effective perimeter system. 

About the Author:

Doug Haines is the owner and CEO of Haines Security Solutions (HSS), in Ventura, California. He’s widely respected and sought after for his subject matter expertise in developing building design strategies.

Doug Haines, Owner of Haines Security Solutions
Doug Haines, Owner & CEO of Haines Security Solutions

Whether lecturing in academia or at a security industry forum, he’s an impassioned speaker and likes sharing.  He routinely contributes to security publications world-wide.

He was selected as the Security Industry Associations’ Sandra Jones Volunteer of the Year 2016 for helping shape the Associates of Applied Science Degree Program in Security Systems Technology at Mercer County Community College.

His company’s Risk Analysis methodology was cited as the Platinum GOVIES 2017 Award winner by Security Today. 

His company’s Physical Security Engineering Training and Certification Program is competing for an ASTOR Award in the Best Homeland Security Education Program Category 2017 by American Security Today.

(Learn More about Haines Security Physical Security Engineering Training and Certification Program (PSET&C), courtesy of Haines Security and YouTube)

Haines Security Solutions in 2017 ‘ASTORS’ Homeland Security Awards Program

2017 ‘ASTORS’ Awards Luncheon

The 2017 ‘ASTORS’ Homeland Security Awards Program, organized to recognize the most distinguished vendors of Physical, IT, Port Security, Law Enforcement, First Responders, (Fire, EMT, Military, Support Services Vets, SBA, Medical Tech) as well as the Federal, State, County and Municipal Government Agencies – to acknowledge their outstanding efforts to ‘Keep our Nation Secure, One City at a Time.’

As an ‘ASTORS’ competitor, the Haines Security Solutions will be competing against the industries leading providers of Homeland Security Education Programs.

American Security Today will be holding the 2017 ‘ASTORS’ Awards Presentation Luncheon at 12:00 p.m. to 2:00 p.m, Wednesday, November 15th at ISC East, the Northeast’s largest security industry event, in the Jacob Javits Exhibition Center in New York City.

At ISC East you will have the chance to meet with technical reps from over 225 leading brands in the security industry, allowing you to find out about new products and stay ahead of the competition.

Encompassing everything from Video Surveillance and Access Control to Smart Home Technologies and Unmanned Security, you’re sure to find products and services that will benefit your company and clients.

ASTORS HSA 2017Good luck to Haines Security on becoming a Winner of the 2017 American Security Today’s Homeland Security Awards Program!

For more information, contact Doug Haines, or visit the company website at Haines Security Solutions.