Building in Security from the Start

BUILDINGS - Smarter Facilities Management


Building in Security from the Start

Just as the nature and source of threats are ever-changing, buildings professionals must also adapt to provide the best defense for their facilities


Up-Front Planning is Critical
During pre-design, a company must first determine the level of security features and considerations to be included in its facility - information that can also serve as a baseline programming-requirements document and facilitate preliminary project design.

One of the first action items in security design is to identify any potential threats. Threats can be external (a group or individual that is opposed to a method of operation, a product being produced, or an affiliated/parent company); internal (disgruntled or recently dismissed employees); or natural (tornadoes, floods, earthquakes, fires, etc.). Keep in mind, however, that an internal intruder will typically know which procedures are followed and how to bypass many security controls that would otherwise detect or delay an intruder from the outside.

Once potential threats are determined, the company then needs to decide how and what it is willing to do to prevent and/or respond to an event. These measures may be beyond any measures that may already be in place either as a result of a past security event or from prudent planning. The company must also determine if any measures selected will be implemented for that particular facility only, or if they will be implemented in other locations as well.

During the pre-design process, facility managers and design professionals will cover a number of access points surrounding security. Examples of points to be covered include:

  • Site access. Site access looks at how people approach the facility. This portion of the review determines whether the site requires a security fence around the perimeter, a guardhouse, or a secured gate entry with voice communication and/or closed-circuit television (CCTV) at parking areas, docks, building entries, the site perimeter, and other areas.
  • Building/lobby access. Once people enter the site, building/lobby-access security becomes important. This part of the review covers how the building is accessed both from outside and within, and determines whether measures such as secured entry (requiring an electronic magnetic card or proximity reader), an attended reception desk, CCTV in the lobby, secured doors from the lobby to the remainder of the building, a walk-through metal detector, biohazard protection, exterior-door access throughout the facility, or building-hardening features are required.
  • Sensitive-area access. Because of the often-critical nature of the information being stored and/or processed, certain areas within a facility (such as a data center, laboratory, senior-executive area, process/work area, and human-resources area) must typically contain a higher level of security. This section of the review will determine whether secured entry (requiring electronic magnetic card or proximity reader), entry restricted to specific employees, motion-detection devices within a room, lockable files, secured access from the parking lot, or other measures may be required. In addition, internal areas (such as chemical storage rooms, electrical rooms, ammonia refrigeration rooms, boiler rooms and mail rooms) and external areas (such as roof-access stairs and exterior ammonia tanks) may also have special security needs that will need to be addressed.

Finally, if a contingency plan does not already exist, consider creating one. Should a business interruption occur that takes the facility off-line, this plan can help mitigate the effects of the interruption and allow other facilities to continue operation.

What is Stand-Off Distance?
The concept of stand-off is to allow as much room between a vehicle and a building as possible. Bomb weights must be assumed (varies between cars and trucks) and are calculated in weight of explosives, no matter what material is assumed to be used for the bomb.

Clearly, protecting your facility and those working within it can be beneficial to your organization beyond simply preventing injuries and deaths. It can also reduce the exposure to negligence lawsuits and negative public perception following an attack. At the same time, it’s not practical (in most cases) that very low damage (or no damage) can be achieved. Therefore, consideration should be given to the level of protection that will be afforded to the facility and its assets based on the possibility of an attack on the business (i.e. how much damage is acceptable for the facility to sustain):

  • Low. The facility or the protected space will sustain a high degree of damage, but will not collapse. It may be economically repairable. Although collapse is prevented, injuries may occur and assets may be damaged.
  • Medium. The facility or the protected space will sustain a significant degree of damage, but the structure will be reusable. Occupants and other assets may sustain minor injuries or damage.
  • High. The facility or the protected space will sustain only superficial damage. Occupants and other assets will also incur only superficial injury or damage.

To secure the perimeter at the stand-off distance, several types of vehicle barriers can be used. These barriers can be both passive and active.

Passive barriers (concrete planters, high curbs, berms, fences, and trees) are used to protect against stationary bombs. These obstacles help deflect the blast shockwave away from the building.

The active barrier is designed to stop a moving vehicle, such as those used in a suicide attempt. These barrier types include cable-beam barriers, retractable bollards, and drum-type and sliding-gate barriers. When used correctly, active barriers can present formidable challenges to cars and trucks, but it is prudent to slow a moving vehicle down before it even gets to the barrier. This can be done by placing obstacles in the path (on alternate sides of the driving lane) and causing the vehicle to reduce speed when going around these obstacles. Similarly, the road can be constructed in a serpentine fashion or by adding sharp turns, which will not allow the vehicle to attain a great speed.

By Steve R. Knipper

At one time, facility security was little more than a passing thought, considered only after the facility had been constructed and was in normal operation, and only, perhaps, if some incident occurred that impacted the facility. As a facility owner, you could get by with simply placing locks on doors.

Today, however, security has exploded into a high-tech, 24/7/365 necessity. Threats to your organization's personnel or products can come from exterior sources or from inside your operation. The products that you produce or information that you possess may attract criminal or terrorist attention.

In fact, many companies now closely watch and make specific security procedure shifts as changes are made to Homeland Security's color-coded threat-level advisory system. For example, if the threat level rises from yellow ("elevated") to orange ("high"), only people with card access are admitted through the front door. Other visitors are checked and cleared for entrance outside the lobby. Additionally, some companies with multiple entrances will close down all but one entrance when the threat level is increased.

Some facilities have incorporated single-entry/exit locations, using turnstiles to control traffic flow and monitoring the flow from behind bullet-proof glass. Simple counters in lobbies are now reinforced or made bullet-proof to prevent violators from "shooting their way" into the facility.

Because of its increased importance, security must be built in from the beginning of construction to be flexible and responsive to new threats as quickly as they develop - it's much more cost-effective to bring security in from the beginning than to retrofit after the fact. At the project outset, security planning during site selection and facility placement processes for a greenfield construction should be conducted. During the project, a security program should be developed and implemented, forming a specific basis for the site, facility, and operations layout. This program enables architects and engineers to design proper accommodations for current security measures, as well as provide practical alternatives if security needs change.

Assessing the Risk
Designing facility security begins with the development of a security assessment. This assessment addresses multiple issues through the use of informational analyses.

Asset analysis identifies and prioritizes the assets to be protected, including people, operations, information, trade secrets, and property. This analysis should prioritize the assets in order of importance by organizational survival should an asset be destroyed or stolen.

Threat analysis assesses the types of threats that can occur against the organization. These threats can cause harm or death to employees, destruction to property, disclosure of sensitive material, interruption of operations, or denial of services. Types of threats can include forced entry, bomb, or ballistic (gun/rifle, mortar, vehicular, or flying craft). This analysis also identifies the potential individuals or groups who represent a threat and the level of motivation they might have, as well as factors such as:

  • Have past threats or actions been carried out against the organization?
  • What types of political events may bring on new threats?
  • Does the location of the facility increase the level of threat by exposure?
  • Does the facility or organization have symbolic value?

Vulnerability analysis identifies weaknesses that can be exploited or taken advantage of to carry out a threat. This analysis - which includes site topography and facility location on-site, as well as facility security operations and facility hardening - is conducted on either existing-site/-facility conditions or proposed projects in development.

Risk analysis examines the security measures that will be taken against identified threats, along with the extent of costs of each measure (monetary and operational). Ultimately, a plan is developed that identifies which level of security will be provided against each threat.

Because of its nature, the development of a security assessment frequently involves the use of specialty consultants to assist in the analyses by offering special, detail-oriented, current knowledge of security tactics. The outcome of the security assessment is the development of functional criteria outlining security requirements and strategies. This criterion provides the project team with the data needed to develop programmatic security requirements.

From Theory to Application
Once functional criteria have been identified, design concepts can be applied. Security is based on several premises: detection, deterrence, and response. Using these premises, several design concepts have been developed.

Crime Prevention Through Environmental Design (CPTED) reduces stranger-to-stranger crime through proper facility and site. To create a safer built environment, this theory uses both behavioral psychology and facility design strategies such as:

  • Natural strategies. These incorporate natural conditions of the site along with facility placement and design to provide visual surveillance and territorial reinforcement of ownership. Natural strategies use the principles of line-of-sight visual control for facility occupants and security personnel while incorporating features such as shrubs, gates, and fences to instill a feeling of ownership, sending the message that trespassers will be identified.

  • Mechanical strategies. There are a multitude of electronic technologies that can provide facility security. Video cameras, closed-circuit television, electronic locks using key-card or proximity devices, scanning devices, and interior and exterior sensor devices are just a few of the items from which to choose. However, these methods are not as secure as they may seem and are recommended for use in conjunction with other strategies.

  • Organizational strategies. These strategies rely on the occupants of the facility to provide surveillance and access control. For these to be effective, occupants need to understand the overall security concept, including what is expected from them if an event occurs.

Layering (or defense-in-depth) creates various layers of security, also known as zones. Zones begin at the perimeter of the site, where methods to control pedestrian and vehicular traffic form the initial defense. Providing facility-hardening techniques at the perimeter forms the next defense. Layering then continues from the facility envelope to the interior areas. Once inside, the facility's interior walls can create zones of protection throughout until reaching the highest secured area within the center of the facility.

3-D reduces the fortress-like look often associated with highly secure facilities, using a site's natural security defenses to provide some (or all) of the facility-hardening design criteria. This approach considers three aspects of space to gather functional security-design information.

  1. Designation: Questioning the proposed use(s) of the facility. For example, who will use it and when will it be used?

  2. Definition: Questioning how the space is to be defined. For example, is the space being used for social or cultural uses?

  3. Design: Questioning whether the design supports concerns that were raised in the areas of "designation" and "definition."

Facility hardening is the process of designing facilities to withstand ballistic, forced-entry, and blast attacks. Starting with site design, facilities can be positioned to reduce the impact of an attack. Setting the facility back from the street or angling the facility can reduce blast impact. If the facility must be at the face of a street, using laminated glazing will reduce the fragmentation from glass. Facility façades can be strengthened using additional reinforcement or steel members. These methods are employed in multi-story facilities to prevent progressive collapse. Perimeter protection using operable vehicular bollards, fixed bollards, fences, and concrete planters can also be used. Structures must be designed to resist the overturning possibility from a shockwave or object.

The Next Wave of Security
In today's world, the threat of chemical, biological, and radiological (CBR) terrorism is becoming more and more real. CBR threats pose higher levels of concern when designing facility-protection systems. Chemical agents include both chemical warfare agents (sarin, mustard gas, VX, and phosgene) and toxic industrial chemicals (ammonia, chlorine, and ethylene oxide). Biological agents include bacteria (anthrax and plague), viruses (smallpox and Marburg), and toxins (racin and saxitoxin). Radiological agents are categorized by the type of energy emitted (alpha, beta, and gamma radiation and neutrons).

Designing for CBR protection involves both facility-design features and occupant-procedural training. Facility design involves keeping contaminants from entering the facility through mechanical systems. Intake air-duct placements must be considered so that contaminants cannot be deposited into the ducts or so that lighter-than-air contaminant delivery could be used. Package-delivery contamination must be considered as well. If contamination occurs in a facility, then containment to a particular area (or removal to minimize the spread of the contamination) should be considered. Ultimately, removal of building occupants may be needed for improved CBR protection.

Adapting for a Secure Future
It would be unwise to think that terrorism, organized crime, or individual criminal behavior will decline in the near future. In fact, these organizations and individuals are keeping pace, adapting, and learning, forcing continual advancements in facility-security methods. Repeatedly, history shows that when protection is increased or improved, new ways will be found - often rather quickly - to breech the best and newest defenses. It is the job of architectural/engineering and buildings professionals to produce facilities that meet users' needs, as well as to work with other professionals in fields related to security to adjust and learn new methods that provide the best defense against harm.

Steve R. Knipper is senior project architect at Cincinnati-based architecture, engineering, and interiors firm Hixson (www.hixson-


Visit our website today to learn about the design flexibility of a Morton building and the endless possibilities of partnering with our designBUILD team.

Wood construction is both cost and energy efficient. Check out Morton Buildings and our designBUILD team online today to discover all the benefits of post-frame construction.

When choosing a metal-clad building for your next construction project, consider Morton Buildings, Inc., and their designBUILD team, we’ll make your dream a reality. 

Search our Trade Pro Directory to find professionals that can help identify energy-efficient natural gas options that save energy and qualify for rebates to save you money.

Visit our website today to learn about the design flexibility of a Morton building and the endless possibilities of partnering with our designBUILD team.

Wood construction is both cost and energy efficient. Check out Morton Buildings and our designBUILD team online today to discover all the benefits of post-frame construction.

When choosing a metal-clad building for your next construction project, consider Morton Buildings, Inc., and their designBUILD team, we’ll make your dream a reality. 

Search our Trade Pro Directory to find professionals that can help identify energy-efficient natural gas options that save energy and qualify for rebates to save you money.

comments powered by Disqus
comments powered by Disqus