Fluent Essays

Effective Physical Security FIFTH EDITION Lawrence J. Fennelly 2 Table of Contents Cover image Title page Copyright Dedication Foreword Preface Chapter 1. Encompassing Effective CPTED Solutions in 2017 and Beyond: Concepts and Strategies Introduction Environment Space Target Hardening CPTED Assessments Questions to be Answered During an Assessment CPTED Survey for Colleges and Universities: 30 Vulnerabilities Based on CPTED Assessments CPTED Recommendations Psychological Properties of Colors CPTED Landscape Security Recommendation Conclusion Chapter 2. Introduction to Vulnerability Assessment Risk Management and Vulnerability Assessment Risk Assessment and the Vulnerability Assessment Process Statistics and Quantitative Analysis Vulnerability Assessment Process Overview Planning the Vulnerability Assessment Protection Objectives Data Collection—Detection Data Collection—Delay Data Collection—Response Analysis 3 kindle:embed:0006?mime=image/jpg Reporting and Using the Vulnerability Assessment Systems Engineering and Vulnerability Assessment System Requirements System Design and Analysis System Installation and Test System Replacement Summary Chapter 3. Influence of Physical Design Introduction Defensible Space Crime Prevention Through Environmental Design Conclusion Chapter 4. Approaches to Physical Security Levels of Physical Security The Value of Planning Physical Barriers Security Surveillance System (CCTV) The Security or Master Plan and Countermeasures Convincing Oneself That a Proposal Is Justified Designing Security and Layout of Site Summary Chapter 5. Security Lighting Introduction Illumination Types of Lamps Twenty-Five Things You Need to Know About Lighting Energy Management Lighting Checklist Lighting Definitions Chapter 6. Electronics Elements: A Detailed Discussion Introduction Alarm/Access Control Systems Server (and Business Continuity Server) Workstations Advanced Elements CCTV and Digital Video Systems How Digital Video Differs From Analog Wireless Digital Video 4 Satellite Wireless Architectures Video Analytics Lenses and Lighting Security Communications Analog Versus Digital Command/Control and Communication Consoles Workstation and Console Specifics Guard Console Functions Communication Systems Summary Questions and Answers Chapter 7. Use of Locks in Physical Crime Prevention Lock Terminology and Components Key-Operated Mechanisms Combination Locks Lock Bodies Door Lock Types Strikes Attacks and Countermeasures Locks and the Systems Approach to Security Appendix 7A: Key Control New Standard Set for Exit Devices, Locks, and Alarms Electrified Panic Hardware Appendix 7B: Key Control and Lock Security Checklist Chapter 8. Internal Threats and Countermeasures Introduction Internal Theft Management Countermeasures Physical Security Countermeasures Security Officers Chapter 9. External Threats and Countermeasures Introduction Methods of Unauthorized Entry Countermeasures Chapter 10. Biometrics in the Criminal Justice System and Society Today Introduction History of Biometrics and Fingerprinting in the United States 5 Biometrics Usage Today The Federal Bureau of Investigation’s Biometric Center of Excellence Biometric Modalities and Technology International Biometrics: India’s Private Usage of Biometrics on Society Future Advancements of Biometrics Chapter 11. Access Control Systems and Identification Badges Access Control Systems and Protocols Identification Badging System Chapter 12. Chain-Link Fence Standards Recommendations Security Planning Material Specifications Design Features and Considerations Typical Design Example Chapter 13. Doors, Door Frames, and Signage Introduction Residential Buildings Exterior Number Sizing The Function of a Door Terminology Standards for Doors Chapter 14. Glass and Windows Introduction Types of Glass Glass and Security Window Film Chapter 15. The Legalization of Marijuana and the Security Industry Marijuana—the Pros and Cons Should Marijuana be Legal for Medicinal and/or Recreational Purposes? The Short-Term Effects of Marijuana The Long-Term Effects of Marijuana Is Marijuana Addictive? Security for Marijuana Farms and Dispensaries Chapter 16. Designing Security and Working With Architects Leadership in Energy and Environmental Design Crime Prevention Through Environmental Design Planning and Design Review 6 Physical Security Systems Chapter 17. Standards, Regulations, and Guidelines Compliance and Your Security Program, Including Global Resources Introduction Standards Regulations Guidelines Managing Compliance Resources Chapter 18. Information Technology Systems Infrastructure Introduction Basics of Transport Control Protocol/Internet Protocol and Signal Communications Transport Control Protocol/User Datagram Protocol/Real-Time Protocol User Datagram Protocol Networking Devices Network Infrastructure Devices Servers Network Architecture Network Configurations Creating Network Efficiencies Digital Video Digital Resolution Frame Rates Display Issues Managing Data Systems Throughput System Architecture Interfacing to Other Enterprise Information Technology Systems Summary Chapter 19. Security Officers and Equipment Monitoring Introduction Command Center Best Locations for Closed-Caption Television Introduction to Access Control and Biometrics Designated Restricted Areas Summary Chapter 20. Video Technology Overview Overview Video System 7 Camera Function Scene Illumination Scene Characteristics Lenses Cameras Transmission Switchers Quads and Multiplexers Monitors Recorders Hard-Copy Video Printers Ancillary Equipment Summary Glossary for CCTV Chapter 21. Understanding Layers of Protection Analysis Introduction Conclusion Chapter 22. Fire Development and Behavior Introduction Stages of Fire How Fire Spreads Four Ways to Put Out a Fire Classifying Fire UL Standard 217, 268 and NFPA 72 Water Supply for Sprinklers and Tanks Appendix: A Fire Safety Inspection Administrative and Planning Phase General Physical Inspection Phase Extinguisher Inspection Phase Stand Pipe, Fire Hose, and Control Valve Inspection Phase Sprinkler System Inspection Phase Hazardous Materials Inspection Phase Alarm System Inspection Phase Chapter 23. Alarms Intrusion Detection Systems Introduction False Alarms Components of Alarm Systems Application Alarm Equipment Overhaul 8 Additional Resources Conclusion Appendix 23A: Smoke Detectors Appendix 23B: Alarm Certificate Services Glossary of Terms Certificate Types Standards Appendix 23C: Fire Classifications Use of Fire Extinguishers Appendix 1. Glossary of Terms Index 9 Copyright Butterworth-Heinemann is an imprint of Elsevier The Boulevard, Langford Lane, Kidlington, Oxford OX5 1GB, United Kingdom 50 Hampshire Street, 5th Floor, Cambridge, MA 02139, United States Copyright © 2017 Elsevier Inc. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher’s permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions. This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein). Notices Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods, professional practices, or medical treatment may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information, methods, compounds, or experiments described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility. To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein. Library of Congress Cataloging-in-Publication Data A catalog record for this book is available from the Library of Congress British Library Cataloguing-in-Publication Data A catalogue record for this book is available from the British Library ISBN: 978-0-12-804462-9 For information on all Butterworth-Heinemann publications visit our website at https://www.elsevier.com/ 10 http://www.elsevier.com/permissions https://www.elsevier.com/ Publisher: Todd Green Acquisition Editor: Steve Merken Editorial Project Manager: Nate McFadden Production Project Manager: Stalin Viswanathan Designer: Matthew Limbert Typeset by TNQ Books and Journals 11 Dedication It is with great happiness that we dedicate this book to our two very special daughters- in-law, Annmarie Carr Fennelly and Janet Mansfield Fennelly. Both of these strong women are working mothers, have three beautiful children each, and are wonderful Mothers, Wives, and our Daughters. Larry and Annmarie Fennelly 12 Foreword A manager designs and develops security, physical security, safety and investigative programs. Louis A. Tyska, CPP This book is your road map to decoding and developing an effective security strategy beginning with the design build phase and addressing everything in between including life safety issues. Larry Fennelly and Marianna Perry have the knowledge and experience to see these complicated and ever-changing security challenges from a unique and multifaceted viewpoint. They both share their insight with the reader and that is why every security practitioner needs to read this book. Most security books focus on one topic, i.e., Risk Analysis or Security Surveillance Systems (CCTV) and access control and biometrics. I love this text because it has so much material in it that we need to address our everyday problems. The baby boomers are retiring and the millennium generation is taking over. The face of security is also changing. Research is being done to advance the security profession to provide the highest level of protection while at the same time, increasing the bottom-line profitability of the organization. College courses are changing. Going forward, the combination of business as a major field of study and security or information technology as a minor is becoming the new norm. This change is being implemented to prepare security professionals to properly protect corporate assets. The new “buzz words” from 2015 to 2020 will be the following: 1. What kind of “skill set” does the candidate/officer have? 2. What “certifications and specializations” does the candidate/officer have? 3. Both “physical security and informational security” will be merging with the move toward certifications. 4. “Career pathways” will be used by way of “internships.” 5. Your “certifications” will be the bar for testing qualifications. 6. Education for a career in security is being “redesigned.” Are you ready? 7. The holistic approach is preferred over independent components or “silos” as a logical approach to security systems. 8. 5.0 Megapixel cameras on phones and monitors with full (or true) HDTV—1080 are standard. Do not be left behind! Plan for the future now! The top crime threat problems according to recent reports are (1) cyber/communications security, (2) workplace violence, (3) business continuity, (4) insider threat, and (5) property crime. We mention this because if you are going to be addressing crime problems you first need to know what they are. To make recommendations and solve problems, you first have to make sure that you have correctly identified the issue. If a security assessment is not completed to determine the root causes of a security issue or vulnerability, the security practitioner may simply keep putting policies or procedures in place that address the symptoms and countermeasures of a problem and not the actual problem itself. This will be a frustrating (and sometimes costly) situation that can be avoided if, before any action is taken, an assessment is completed by a knowledgeable security professional to accurately identify security vulnerabilities. This will ensure that the true issues and concerns are being addressed, not just the symptoms. The most demanding problem for managers and supervisors within a protection department is the physical security devices under his/her control. The supervisor’s role should be to assist in enabling the manager to provide a level of support within the organization. Supervisors must take responsibility for corporate regulations, moral and ethical tone as well as providing the required level of security and customer service required. 13 Managers work with budgets and other resources (equipment, uniforms, technology, software, etc.) to ensure that the protective mission is achieved. Managers oversee processes (procedures) that accomplish organizational goals and objectives. Staff functions without a supervisory span of control over line employees may be performed by managers. Training, technical support, auditing, etc., are staff functions. A manager coordinates activities rather than supervises them. Turnover and job rotation can create overall improvement and a challenge. Staying current on industry trends and events by reviewing news sources, trade publications, and webinars and sources such as ASIS International and others. Active shooter/active assailant’s incidents, stabbings, and random unthinkable acts of violence are happening in our workplaces and on our televisions everyday. We cannot escape these mindless crimes and thefts that impact every segment of the security management operation. “Security Matters” now more than ever! Trying to decide which security concepts are right for your organization is a daunting full-time task. However, I suggest that you start off with a professional security assessment, so you can identify your security needs. This book is your road map to decoding and developing an effective security strategy beginning with the design build phase and addressing everything in between including life safety issues. The authors have the knowledge and experience to see these complicated and ever-changing security challenges from a unique and multifaceted viewpoint. They both share their insight with the reader and that is why every security practitioner needs to read this book. Most security books focus on one topic, i.e., Risk Analysis or Security Surveillance Systems (CCTV) and access control. I love this text because it has so much material in it that we need to address our everyday problems. Today’s security books are more and more complicated and technical. We, as practitioners must stay ahead of the curve, to keep up. Books like this, and those of Thomas Norman, CPP, David Paterson, CPP, Sandi Davis (Women in Security), James F. Broder, CPP, Michael Fagel PhD, and Dr Jennifer Hestermann are security professionals and future educators along with Larry Fennelly and Marianna Perry. Writing a book listing 150 things…etc., is not an easy task. I commend these authors and those that I mentioned, for their vision and dedication that will keep us ahead of the curve. Linda Watson, MA, CPP, CSC, CHS-V, Whirlaway Group LLC 14 Preface We completed this book in about 6 months. Normally, this undertaking would take 18 months. We know that it is hard to believe, but it is true. We both know that the faster we could complete this book, get it published and into the hands of those who are responsible for those practitioners in security, then possibly the information will get out there and be of further help to our profession. This is basically a very hard book to finish. The first 35 are easy the next 35 are ok, then it gets harder and harder. We went through two drafts and then after having a strong handle on it, we keep adding and adding to the various pieces. A perfect example is the section on body cameras, I saw a report that was negative, then I found another report that was positive, so we add a piece I felt this was the best part of the book, because it was getting better and better. Physical security is a big topic, cybercrimes and cyberterrorism, workplace violence, emergency management, and IT security issues will continue to be the top issues going forward. Regulations and Compliances and security standards for your corporation will continue to be developed and aid in the improvement of your security assessment. Follow CPTED principles and security best practices and master plan development. After you have done so, call your local media to promote your accomplishments. Let the bad guys know that you take crime prevention and effective security at your school serious! Times have changed and you must change as well, I was reading a deposition recently and the security manager said quote “We have been doing it this way for 30 years.” Of course, you have that is why a man died and your being sued. Social media need to monitored and included in your assessment process. We are concerned because we know that many of you do not have good security and do not have adequate security in place to protect your assets. We are not advocating that you make your corporate or place of work a fortress into a cold, uninviting fortress. Instead, we want you to have not only a safe environment but also has effective security in place to address vulnerabilities and have continuous assessments to improve the process. Enterprise risk management (ERM): (1) It looks at a holistic approach to ERM, which breaks down silos between physical and technological security and provides comprehensives risk management solutions. Eugene Ferraro recently said, (2) “We owe it not only to this country, but also to the free world, to think further ahead about future threats and what the solutions look like. And if we can reach consensus around these solutions, we will be in a better position to build them.” We wish to sincerely thank all of our contributors who made this book possible. We truly believe that compiling the knowledge of many security professionals is a more comprehensive approach to addressing the issue of physical security. We thank you for your professionalism as well as your contributions to our profession. Lawrence J. Fennelly Marianna A. Perry, CPP 1Enterprise Security Risks and Workplace Competencies, ASIS, University of Phoenix & Apollo Education Group, 2016. 2Ibid. 15 16 C H A P T E R 1 17 Encompassing Effective CPTED Solutions in 2017 and Beyond Concepts and Strategies Lawrence J. Fennelly, CPOI, CSSI, CHS-III, CSSP-1, and Marianna A. Perry, MS, CPP, CSSP-1 18 Abstract We are delighted to be a part of the series of white papers for School Dangers.Org. It is appropriate to say a few words about Tim Crowe and Crime Prevention through Environmental Design (CPTED), before you read our paper. Tim Crowe wrote Crime Prevention Through Environmental Design (1991) based on a security assessment that he conducted for a school district in Florida. Tims book (which was updated and modernized by Lawrence Fennelly in 2013) was and is still considered a primary resource for crime prevention practitioners in the security industry to help them better understand the relationship between design and human behavior. CPTED is a proactive approach to manipulate the physical environment and bring about the desired behavior of reduced criminal activity as well as reduced fear of crime. Tim Crowe and Larry Fennelly lectured for Rick Draper in Australia on the concepts of CPTED. Keywords CPTED color; Design; Design concept; Deterrences; Environment; Fear of crime; Hot spots; Landscape security; LED; Maintenance; Measuring and evaluation; Methods; Police procedures; Programs Tim Crowe; QR code; Rick Draper; Strategies; Target hardening; Three-D concept Deterrence’s, CPTED Design, Policies and Procedures, Training Programs and Security Awareness Programs. Thomas L Norman, CPP, PSP, CSC 2016. 19 Introduction We are delighted to be a part of the series of white papers for School Dangers.Org. It is appropriate to say a few words about Tim Crowe and Crime Prevention through Environmental Design (CPTED), before you read our paper. Tim Crowe wrote Crime Prevention Through Environmental Design (1991) based on a security assessment that he conducted for a school district in Florida. Tim’s book (which was updated and modernized by Lawrence Fennelly in 2013) was and is still considered a primary resource for crime prevention practitioners in the security industry to help them better understand the relationship between design and human behavior. CPTED is a proactive approach to manipulate the physical environment and bring about the desired behavior of reduced criminal activity as well as reduced fear of crime. Tim Crowe and Larry Fennelly lectured for Rick Draper in Australia on the concepts of CPTED. Tim Crowe’s comprehensive set of guidelines were developed with one goal in mind—to reduce opportunities for crime in the built environment. His work is the “gold standard” for security practitioners and others who implement CPTED concepts as a crime prevention tool. Crowe’s work is frequently used as a training tool for law enforcement, town planners, and architects. These guidelines have been used in hundreds of training sessions and cited in numerous publications. Tim Crowe was a professor at the National Crime Prevention Institute (NCPI) at the University of Louisville in Louisville, Kentucky. Marianna Perry is the former Director of NCPI and together both she and Tim have presented training sessions on CPTED. We included this information because we want you to understand the origination of Tim Crowe’s work on CPTED. 20 Environment The conceptual thrust of a CPTED program is that the physical environment can be manipulated to produce behavioral effects that will reduce the incidence and fear of crime, thereby improving the quality of life. These behavioral effects can be accomplished by reducing the propensity of the physical environment to support criminal behavior. Environmental design, as used in a CPTED program, is rooted in the design of the human–environment relationship. It embodies several concepts. The term environment includes the people and their physical and social surroundings. However, as a matter of practical necessity, the environment defined for demonstration purposes is that which has recognizable territorial and system limits. The term design includes physical, social, management, and law enforcement directives that seek to affect positively human behavior as people interact with their environment. Thus, the CPTED program seeks to prevent certain specified crimes (and the fear attendant on them) within a specifically defined environment by manipulating variables that are closely related to the environment itself. The program does not purport to develop crime prevention solutions in a broad universe of human behavior but rather solutions limited to variables that can be manipulated and evaluated in the specified human/environment relationship. CPTED involves design of physical space in the context of the needs of legitimate users of the space (physical, social, and psychological needs), the normal and expected (or intended) use of the space (the activity or absence of activity planned for the space), and the predictable behavior of both legitimate users and offenders. Therefore, in the CPTED approach, a design is proper if it recognizes the designated use of the space, defines the crime problem incidental to and the solution compatible with the designated use, and incorporates the crime prevention strategies that enhance (or at least do not impair) the effective use of the space. CPTED draws not only on physical and urban design but also on contemporary thinking in behavioral and social science, law enforcement, and community organization. 21 Space The continuum of space within a residential complex (that is, a property consisting of one or more buildings containing dwelling units and associated grounds or, more broadly, a neighborhood consisting primarily of residential uses) may be divided into four categories: • Public. Space that, whatever its legal status, is perceived by all members of a residential area or neighborhood as belonging to the public as a whole, which a stranger has as much perceived right to use as a resident. • Semipublic. Space accessible to all members of the public without passing through a locked or guarded barrier. There is thought to be an implied license for use by the public, and strangers will rarely be challenged. This is generally associated with multifamily housing. • Semiprivate. Space restricted for use by residents, guests, and service people on legitimate assignments. In multifamily housing, this is usually secured by protection officers (or doormen), locks, or other forms of physical barriers. Strangers can be expected to be challenged as potential trespassers. • Private. Space restricted for use by residents of a single dwelling unit, their invited guests, and service people, with access generally controlled by locks and other physical barriers. Unauthorized use is always challenged when the opportunity for challenge presents itself. 22 Target Hardening The emphasis on design and use deviates from the traditional target-hardening approach to crime prevention. Traditional target hardening focuses predominantly on denying access to a crime target through physical or artificial barrier techniques (such as locks, alarms, fences, and gates). Target hardening often leads to constraints on use, access, and enjoyment of the hardened environment. Moreover, the traditional approach tends to overlook opportunities for natural access control and surveillance. The term natural refers to deriving access control and surveillance results as a by- product of the normal and routine use of the environment. It is possible to adapt normal and natural uses of the environment to accomplish the effects of artificial or mechanical hardening and surveillance. Nevertheless, CPTED employs pure target-hardening strategies either to test their effectiveness as compared with natural strategies or when they appear to be justified as not unduly impairing the effective use of the environment. As an example, a design strategy of improved street lighting must be planned, efficient, and evaluated in terms of the behavior it promotes or deters and the use impact of the lighted (and related) areas in terms of all users of the area (offenders, victims, other permanent, or casual users). Any strategies related to the lighting strategy (e.g., block-watch or neighborhood watch, 911 emergency service, police patrol) must be evaluated in the same regard. This reflects the comprehensiveness of the CPTED design approach in focusing on both the proper design and effective use of the physical environment. Additionally, the concept of proper design and effective use emphasizes the designed relationship among strategies to ensure that the desired results are achieved. It has been observed that improved street lighting alone (a design strategy) is ineffective against crime without the conscious and active support of citizens (in reporting what they see) and of police (in responding and conducting surveillance). CPTED involves the effort to integrate design, citizen and community action, and law enforcement strategies to accomplish surveillance consistent with the design and use of the environment. CPTED Strategies There are three overlapping strategies in CPTED (as shown in Fig. 1.1): 1. Natural access control 2. Natural surveillance 3. Territorial reinforcement Access control and surveillance have been the primary design concepts of physical design programs. At the outset of the CPTED program, access control and surveillance systems— preexisting as conspicuous concepts in the field of CPTED—received major attention. Access control and surveillance are not mutually exclusive classifications since certain strategies achieve both, and strategies in one classification typically are mutually supportive of the other. However, the operational thrust of each is distinctly different, and the differences must be recognized in performing analysis, research, design, implementation, and evaluation. 23 FIGURE 1.1 Overlapping strategies in CPTED. Access control is a design concept directed primarily at decreasing crime opportunity. Access control strategies are typically classified as organized (e.g., security officers), mechanical (e.g., locks, lighting, and alarms), and natural (e.g., spatial definition). The primary thrust of an access control strategy is to deny access to a crime target and to create a perception of risk in offenders. Surveillance is a design concept directed primarily at keeping intruders under observation. Therefore, the …