Principles of a Security Survey
If security is an unfair contest, you may well ask if there is any point in putting it into practice. To go into the pros and cons of whether security is worthwhile is not the purpose of this document. A person whose role it is to security survey is, in general terms, expected to assess risk from a security aspect, report the facts, and if necessary, make recommendations for risk improvement.
What are the attributes, attitudes and levels of expertise required? Probably the most crucial factor is the attitude of a surveyor to the work, and to the clients. A security surveyor is not involved in crime prevention even though this is an identified benefit of the work. The primary task is loss prevention, or reduction, by creating a situation where crime, if not prevented, may well be deterred and moved to another location. To survey is to ensure that the security involved will avert a significant loss.
A security surveyor must have a reasonable working knowledge of locks, bolts, bars, alarms, sensors, safes, CCTV etc.
How does a surveyor decide as to what degree and methods of security are best suited to the situation and circumstances? Researching a significant amount of facts and figures is necessary. An inspection in detail as well as an enquiring mind, not afraid to ask any questions is needed. If a comprehensive research, enquiry, and reconnaissance have been conducted, a good impression of the risk will be acquired, and the conclusions will point to the solutions.
Every risk is unique. So merely following prescribed standards of security will miss some risks, unless one day there evolves a standard set of risks.
In surveying, a site consideration should include the age of the building, consequent probability of development, lack of prosperity with a likelihood of inoccupancy, and the type of occupancies in the area.
Once local considerations have been thoroughly covered, it is essential to concentrate on external factors that are closer to the actual risk itself. Try to look at the risk from the outside looking inwards, see how much is visible from other premises, whatever can be seen can also be seen by criminals; such as blocked up doors and windows which may not be apparent from the inside due to decoration and furniture. Even external fire escapes, trapdoors, balconies, or basement skylight windows.
Evaluate the risk from a physical aspect. But also consider some issues of the client and their organisation. Test to see if it is possible to talk yourself into the risk without seeing somebody in authority, or without having to prove identity, and without an appointment.
Throughout this process of observation, it is important to use some imagination. Discos, pubs, clubs and other audience/participant locations may not be open at the time of a survey. Seek them out.
When surveying a building, all aspects of access must be considered, such as:
- DOORS – Their type, the material used, the frame.
- DOOR FITTINGS – Hinges and hinges type, hinge bolts and door bolts, doorway protection, and securing devices (not locks)
- LOCKS – Do not consider anything a lock unless a key has been used. Locks vary such as mortise, rim, cylinder rim latch, mortise rack and bolts, padlocks, locking bars and brackets, and crossbars to name but a few.
- LOCK MECHANISMS – Probably the most important aspect is key security, despite having the best possible lock, a lack of key control will render door security useless.
- PHYSICAL PROTECTION – for example, metal linings, timber linings, metal mesh lining, metal grills, and metal bars. Ideally, all should be fitted internally as they are liable to attack if external.
- WINDOWS – Regardless of the type and construction of a window, an equally important aspect is its location. Two identical windows in two different places on a building can present two different sets of problems. The type of glass is important if for no other reason than the more substantial types of glass are less suitable for windows that open. There are various window types, such as Fixed, Sash, Casement, Fanlights and Sliding. The vital point for securing devices is the ease with which it can be operated from outside. Securing devices and locks cannot prevent illegal entry, at best they secure the window frame and do nothing for the glass.
- ALARMS ON DOORS AND WINDOWS – Remember that alarms are not designed to stop a person from making an entry, they are intended to indicate that it has happened, and an appropriate action is then required to an alarm condition. There are various types such as Make / Break Switches, Fine Alarm Wiring, Tube and Wiring, Knock-Out Rods, Metal Foil Tape, Vibration detectors, and Break Glass detectors. Many are low cost and easily installed. In all cases it is vital to consider the security of the bearer system for these alarms if that can be attacked and disabled, then all alarms and CCTV become useless.
- OTHER BUILDING OPENINGS – Not just standard doors and windows should be considered, but also such egresses as Trap Doors, Hoist Doors, Lift Doors, Pavement lights, Pavement bars, transoms soffits and fascia of commercial premises, showcases, and Rooflights. All of these present opportunity for unauthorised access. Physical protection can be more effective than alarms.
- WALLS AND ROOFS – Brute force can be used to breach walls and roofs. Modern wall construction may provide perimeter, and cover from view, but not necessarily protection. Internal walls of multi-tenure buildings may even be more superficial. Roofs should also be considered from the viewpoint of maintenance, fragility, and fixing. Some roofs are less vulnerable because of height and sloping nature. However, many criminals have sufficient courage to overcome these “hazards”.
- INTERNAL ALARM DETECTION – There is an extensive range of alarms on the market, such as Wiring the wall (which is expensive but worthwhile if the area is small and contents of a very high value), Vibration Sensors, Pressure Mats, Infrared Detectors, Microwave Sensors and Ultrasonic Units. There are significant points to be considered that relate to these sensor systems such as their stated range and area of coverage under ideal conditions. Remember that perfect conditions very rarely exist outside of exhibitions, showrooms, laboratories and other specially controlled environments. Many are provided with the ability to manually adjust their sensitivity, in therein lies another vulnerability to be considered…
- ALARM CONTROLS AND SIGNALLING – Monitoring and control of alarms should be from a secure manned position, either remotely but with an ability to deploy an appropriate reaction, or on-site with the same capability. Systems vary considerably from those that provide an audible alarm, through to emergency services autodiallers. False alarms cause apathy and scepticism from those services expected to react.
- CCTV AND GUARDS – CCTV surveying is a detailed and technical activity and an entire subject in itself. To a certain extent CCTV and manned guarding do the same thing, although while manned protection does not prevent a security breach, it does reduce them considerably through its deterrent effect. Remember that many will not be deterred by a guard presence and will use violence to achieve their aims. It is best to seek independent specialist advice in a case where either CCTV or manned guarding, or a combination of both is a solution.
- SAFES – It should be assumed that a safe is a secure metal box for keeping valuables secure. Many types exist such as Free Standing Safes, Under Floor Safes, and Wall Safes. The majority of safes use either a key lock, combination lock, or both. Where a key is used, remember that key security is equally important (as mentioned earlier). The most suitable type of safe for any particular risk is dependent on the value of the property at risk. Irrespective of the safe type, its location is an important consideration. Its location and type being such that creates a considerable delay to a safecracker will be a strong deterrence. It is not advisable to locate a safe near a perimeter wall where it can be attacked through the wall. Additional protection can be provided to safes by the installation of an alarm dedicated to the safe.
- MONEY RISK – Be careful of statements such as “we don’t carry much cash” or “we have very little cash on the premises”. It is all relative, the comments are designed to make one think in terms of £/€/$10’s, but the actual amounts could vary to hundreds or even thousands depending on the wealth, and lifestyle, of the business or individual. To someone, that can create a tempting target. When performing a survey, there is no option but to ask direct questions about cash, quantities, how it’s handled, who by, where it’s stored, who accounts for it, and how and when it is transported? This includes foreign currency.
- PRIVATE HOUSE SURVEYS – These are not exempt a security survey. In today’s connected world, many people work from home, and security considerations are the same. Probably the most significant threat is from burglars. Unless the burglar has prior information on the target, attention will be given to the locality of the risk. A burglar will be seeking a potential reward for the sale of the stolen goods gauged from the general affluence of the area. Other considerations by a burglar will be the layout of houses, overlooked, isolated, secluded points of access trees, walls, and detached garages. The burglar’s biggest concern will be the ease of getaway, major roads, cul de sacs, footpaths , and also general activity or lack of it. If a burglar decides that the target “looks right” what is likely to influence the thief in choosing one house over another?
Factors are multiple and include can include apparent security, over a disregard for security such as open windows and garage doors, signs of affluence such as expensive cars in the driveway, swimming pool, a car going out and returning at school times, and other indications of routine. Also the tell-tale signs of the owners being away from homes such as a full mailbox, full milk bottles, or abnormally long grass. None mean that a burglar will immediately “have a go”, although some might. Others will note and revisit to observe any changes in the property. Having summed up the situation, they will “choose the right moment” to attack the property. To summarise, the burglar will be looking for a location which indicates adequate “haul”, suitable premises within that location, an indication of a degree of security or lack of, the opportunity of means of access, the degree of total activity and policing, regularity of occupancy, old and possibly timid inhabitants.
A security survey is a complete examination of the property, premises, facility, office; its occupants, workers, and even visitors, its operations and routine concerning personnel and company assets.
In the process of the security survey, the following tasks should be completed:
- Review applicable standards, regulations, and laws;
- Review the current security arrangements;
- Research previous reports, and any security-related incidents that have occurred over the past three years.
- Collect and fully understand crime statistics for the neighbourhood.
- Visit and revisit the locations at various times of the day, and night, in and out of working hours.
Security requirements are continually evolving, the threat landscape and colossal technology leap have been created by the internet of things (IoT). IP-enabled security has many advantages, transforming security systems into a more integral operational role rather than just a security tool, at the same time raising expectations for greater protection and creating an IT/Security hybrid of requirements and capabilities as the needs of IT and Security blur into each other.
Understanding security and risk and the role of electronic security measures remain the same: the protection of assets. The defining of appropriate security measures and their suitability and fitness for purpose for an office or residence have changed little, requiring the undertaking of a risk analysis and security survey.
Risk analysis identifies targets, people, property, information, and the probability and impact of a security breach or attack, while the security survey ensures that all pertinent information to design and implement commensurate security systems procedures and measures is obtained. A Security Survey can be considered in the following phases:
- Intelligence Gathering;
- Details of the Facility, Office, Premises, or Residence;
- The walkthrough, or the Survey.
View everything from outside looking in to ascertain any weak points, and then the inside aspects, including personnel, routine, operations, and habits.
Careful assessment of the type of security devices required and their deployment is a must, taking into account all influencing factors that could compromise security, even specifying the wrong sensor or alarm system.
The conclusion of the security survey should lead to the system design and implementation; do not forget the likely need to update procedures, the retraining of personnel involved, and even possibly reorganisation of the team responsible for security.
Barry ET Harris MBE is a consultant for Proelium Law LLP, he is a British Army veteran, he combines operational experience with extensive commercial consulting, executive, and management expertise gained in complex environments and high-risk jurisdictions worldwide.
If you’d like further information, or to discuss working with us, you can get in touch via our Contact Us page
Anti Money Laundering and Counter Terrorist Financing are two subjects often linked but misunderstood.
Some quick distinctions to understand - the activity of money laundering is where cash raised from criminal activities is made to look legitimate and re-used in the financial system.
The activity of terrorist financing is less focused on the source of the funds, but interested in what those funds are used for.
The Anti-Money Laundering (AML) and Counter Terrorist Financing (CTF) legislation is important to your business, particularly if your business is engaged in legitimate activities in overseas or high risk jurisdictions. In the UK for instance you need to establish if Money Laundering Regulations apply to your business or not. See here for guidance.
Importantly, on 10th January 2020, new legislation was enacted in UK in the form of the 5th EU AML Directive. Amongst other areas, brings cyptocurrency into the purview of legislation and places obligations on business owners to make checks in respect of identifying beneficial owners and when enhanced due diligence is required. For the legislation click here. For a easier to understand guide click here.
What do I need to do ?
Making sure you know the source of any funds and where any funds you are giving out are going, is very important. Ensure you have a due diligence process in place if you are engaging with local suppliers and check the backgrounds of locally employed staff. You can only do so much to ensure you don't fall foul of the legislation but remember - the UK legislation has extra territorial reach, which means as a UK firm operating in a foreign country, you could still be prosecuted for offences under the legislation in UK. See here for guidance
The issues raised here may seem somewhat off putting for you to even engage in business. Ensuring you comply with the requirements (or at least establishing whether you need to) and then implementing systems to do so, will be a huge boost to your company management systems.