Archive for CPTED

The Importance of Security Consultants in Designing Effective Security Systems

In an ever-evolving world with increasing security concerns, it has become imperative for businesses and organizations to prioritize the implementation of robust security systems. However, choosing the right approach and ensuring an effective security setup is not always straightforward.  A renewed trend that was prevalent a couple of decades ago was for integrators to offer “consulting and design services’.   Often, businesses rely on security integrators to design and install their security systems, and for certain size projects that makes sense.  Why hire an outside consultant to design a small retrofit project?    While security integrators play a crucial role, there are significant benefits to involving a security consultant in the design process. In this article, we will explore the virtues of using a security consultant and highlight examples of where security installers have fallen short or encountered conflicts of interest.

  1. Unbiased Expertise: A security consultant brings a unique perspective and unbiased expertise to the table. Unlike security integrators who are often affiliated with specific brands or manufacturers, security consultants have a broader understanding of the security landscape and can offer impartial advice. Their experience in assessing risks and designing comprehensive security strategies ensures that the resulting system is tailored to the specific needs of the organization.   We don’t sell or install anything, and thus have no particular preference for what products the client may choose to consider for their project.  That doesn’t mean we won’t make recommendations about their requested choices (see our past articles about our strong feelings on putting corporate security data in the cloud or using NDAA banned products).  The short version:  if your consultant receives remuneration from a manufacturer or vendor for the products they specify, find another consultant.
  2. Conflict of Interest: One of the key concerns when relying solely on security integrators is the potential for conflicts of interest.  Integrators may be motivated to prioritize their own profit margins or partner relationships over the best interests of the client. This can lead to compromised system designs, subpar equipment selection, or inadequate coverage.   You may be sold a particular brand or product line because there is a sales goal incentive being pushed by management or the manufacturer.   Worse, it is not uncommon for integrators to unload poor selling product or superseded parts in order to clean up their inventory.   This is fine if the client is aware and accepts the product (presumably for a discount), but sometimes it is done without their knowledge.  By involving a security consultant, businesses can mitigate these conflicts and ensure that their security system is designed with their unique requirements in mind.
  3. Prevent Poor Project Management:  Integrators will often bake in “project management” and “system check out” line item fees in their proposals, claiming to offer project management and punch list services for their own installation phase.   This is very much like having the fox watch the hen-house.  In one recent case, we saw a project where a vendor substituted the installed camera
    Poor project management and no punch list results in poor installations.

    Poor project management and no punch list results in poor installations.

    models with inferior (cheaper) models AFTER they received the bid award and purchase order.   The client didn’t catch it, but we did during project field inspections.   Never let the integrator perform their own punch list and acceptance testing.

  4. Post Installation Documentation:   Trying to get as-built documentation is often another problem.   While almost nobody likes doing as-built drawings, their value should never be underestimated.  Ask anyone who has done a retrofit project without them.  If the client does not hold back a percentage of payment until all punch list items are complete and all as-built documentation is submitted, then the likelihood of that work ever being done without further consideration can be very low.  Too, often the integrator will simply take the original design drawings and update them slightly (or not at all) and turn them in as the as-built documentation.  That is insufficient.  Good as-built documents include the original equipment list (mfr/model, qty, serial #s, IP addresses, power, etc) and locations, riser diagrams, installation details, as well as the point-to-point wiring and configuration details for every piece of installed equipment.   If the vendor uses a tool like System Surveyor or Fieldwire, ask for the full report to be printed to PDF and included in the as-built documentation.  (You may also want to request they delete the data being stored on the cloud if your organization has data retention policies that concern this situation).
  5. Comprehensive Risk Assessment: Security consultants conduct thorough risk assessments to identify potential vulnerabilities and areas of concern. This includes evaluating physical vulnerabilities, assessing technological risks, and analyzing procedural weaknesses. By considering these factors during the design phase, consultants can develop an integrated security system that addresses identified risks, ultimately providing greater protection against potential threats.  This may include out-of-scope items that may not be viable under the current project funding, but can be provided to the client so the cost can be projected under future budgets or other projects which can resolve the issue.
  6. Future-Proofing: Security systems should be adaptable and scalable to meet evolving security requirements. Integrators might focus solely on immediate needs, potentially overlooking future expansion or technological advancements that may be outside the scope of their work or capabilities.  Security consultants, however, take a holistic approach by considering the long-term goals and growth plans of the organization. This ensures that the security system is flexible and can accommodate future upgrades or changes without significant disruptions or additional costs.

While security definitely integrators play a critical role in the installation of security systems, involving a security consultant during the design and project management phases offers numerous advantages. Their unbiased expertise, ability to identify vulnerabilities, and focus on long-term planning can significantly enhance the effectiveness of a security system. By avoiding conflicts of interest and addressing potential pitfalls, businesses can ensure a comprehensive and robust security solution tailored to their specific needs.

Remember, investing in the services of a security consultant is an investment in the long-term safety and security of your organization. Don’t leave the design of your security system to chance—seek the guidance of an expert to achieve the peace of mind you deserve.

Posted in: Access Control, CPTED, Premises Liability, Security Consulting, Security Technology, Vulnerability Analysis

Leave a Comment (0) →

Vatican’s Security Dilemma: Dahua Cameras and the Potential Risks

The Vatican City, the spiritual and administrative headquarters of the Roman Catholic Church, is an iconic destination visited by millions of tourists and worshipers each year. With its priceless artworks, historic buildings, and religious significance, protecting the Vatican’s security is of paramount importance. During a recent tour, we noted that the Vatican has implemented a security system featuring Dahua cameras, a leading Chinese manufacturer, for their VMS platform. However, the adoption of Dahua cameras has raised concerns regarding potential security risks. In this article, we explore the utilization of Dahua cameras in the Vatican and the associated challenges.

A Dahua PTZ camera installed on the exterior wall of the Vatican City.

A Dahua PTZ camera installed on the exterior wall of the Vatican City.

Dahua Cameras: Advanced Surveillance Technology

Dahua Technology is a well-known Chinese company specializing in the production of surveillance equipment, including security cameras, recorders, and software. Their products are widely used around the world, known for their affordability. Dahua cameras incorporate cutting-edge technologies like facial recognition, high-resolution imaging, and intelligent analytics, enabling comprehensive monitoring and analysis of security footage.

The Vatican’s Decision to Deploy Dahua Cameras

Given the Vatican’s stature as a symbolic and historical landmark, ensuring security is a complex undertaking. In an effort to enhance their surveillance capabilities, the Vatican opted to implement Dahua cameras in various locations, including public areas, museums, and the St. Peter’s Square. The decision to deploy Dahua cameras was likely driven by their advanced features, wide product range, and competitive pricing (The only other dominant international CCTV brand evident around Rome was Avigilon).

Security Risks Associated with Dahua Cameras

The following are at least some of the obvious identified risks associated with the Vatican’s choice to deploy Dahua hardware:

  1. Data Security Concerns: One of the major concerns with the use of Dahua cameras is the potential for data breaches and unauthorized access. There have been reports suggesting that Dahua cameras may have security vulnerabilities (perhaps government sponsored or otherwise) that could be exploited by malicious actors.  Any vulnerabilities in the software or firmware of the camera system could potentially expose sensitive footage and compromise the safety of the Vatican and its visitors.  There are many examples of previous breaches easily found on the internet to demonstrate the potential damage for this kind of exposure.
  2. Surveillance Backdoors: There have been allegations that certain Chinese-made surveillance equipment, including Dahua cameras, may have built-in “backdoors.” These backdoors could potentially allow unauthorized access or remote control of the cameras, leading to a breach of privacy and security. Although Dahua has addressed some of these concerns by releasing firmware updates, the risk remains a significant consideration and there is some uncertainty in the industry if ALL of the backdoors have actually been removed.
  3. Geopolitical Implications: The utilization of Chinese-made surveillance technology raises geopolitical concerns. The Vatican’s decision to rely on Dahua cameras might inadvertently involve the Vatican in geopolitical controversies, considering the Chinese government’s influence over its technology companies. This situation could have diplomatic implications and potentially impact the Vatican’s relationship with other countries.  While the Vatican is a sovereign country and is not subject to the US NDAA as some  entities may be in this country, there well may be implications and consequences in foreign relations with NATO or EU countries that do have these types of protective legislative measures in place.
  4. Installation methods:  During our tour of the Vatican interior we noted that the cameras were installed using surface mount brackets and then plugged into a CAT5 jack located near the
    Interior Dahua camera plugged into data jack noted during tour of Vatican

    Interior Dahua camera plugged into data jack noted during tour of Vatican

    camera location.  In at least two cases, it would have been trivial for a (tall) person to simply unplug the camera from the jack or even cut the category cable to disable the camera.

Mitigating the Risks

So what should the Vatican do, if anything, to mitigate the risks of having Chinese government backed security equipment with history of known flaws in the firmware and architecture?  Given the resources available to the Vatican, our recommendation would be to hire a professional consulting firm to do a risk assessment on the installed VMS platform and recommend a replacement with a brand manufactured by a reputable company with a good performance record and advanced features needed by a prestigious venue such as the Vatican.   Short of that, other additional measures that should be considered are as follows:

  1. Rigorous Cybersecurity Measures: The Vatican should implement robust cybersecurity protocols, including regular firmware updates, network segregation, and encryption. Conducting regular security audits and penetration testing can help identify and address vulnerabilities promptly.  All security cameras should be on a separate physical network or VLAN that is not routable to the internet, with network intrusion detection systems IDS features implemented on the network switches and routers.
  2. Diversification of Suppliers: The Vatican could explore diversifying its camera suppliers to reduce the risks associated with dependence on a single manufacturer. Adopting a multi-vendor approach would provide more options and potentially enhance security by selecting cameras from different sources.  This can have implications itself in terms of spare parts inventory, and camera configuration and firmware management headaches by having multiple vendors with multiple models.  Using a major brand manufacturer such as Axis, Hanwha, Avigilon, or Bosch would ensure there are enterprise class tools available to manage these aspects.
  3. Enhanced Collaboration: Collaborating with cybersecurity experts, both internally and externally, would help the Vatican stay informed about potential threats and implement appropriate countermeasures. Engaging with experts in the field can ensure the continuous monitoring and evaluation of the security system.
  4. Installation Standards:  The Vatican should develop and apply security equipment and installation standards that should be implemented for all existing and new security devices.  All devices should be vandal resistant where possible, and all cabling should be protected in conduit or other protected raceway to prevent vandalism or sabotage.  Camera devices should have a minimum mounting height and standard for field of view and focal length based upon the objective and purpose.   Advanced analytic methods should be implemented for object detection and classification, facial recognition, license plate recognition, and other intelligent video analytic technologies such as people counting, loitering, object removal, object identification, line crossing, etc.

Conclusion

The Vatican’s decision to adopt Dahua cameras reflects its commitment to improving security and safeguarding its treasures. However, it is important to acknowledge the potential security risks associated with using this technology. The Vatican should diligently address these risks by implementing robust cybersecurity measures, considering alternative suppliers, and maintaining an ongoing dialogue with cybersecurity experts. By doing so, the Vatican can strive to strike a balance between utilizing advanced surveillance technology and mitigating potential security vulnerabilities, ensuring the protection of its spiritual and historical significance for generations to come.

Posted in: CPTED, IP Video, New Equipment and Gadgets, Premises Liability, Security Technology, Vulnerability Analysis

Leave a Comment (0) →

UPDATED – WRAL and Other News Agencies Effectively Building a “How To” List for Utility Terrorism

It’s not news that two Duke Energy power substations were attacked in Moore county last week.  There is a ton of speculation about why the attacks were carried out and by whom, but the thing we aren’t short of information about is what they did and what law enforcement is doing about it.Photo Credit to News9, Oklahoma City, OK.

Various articles over the last week have been published by local news stations and other news media regarding the attacks, pointing out exactly HOW the attacks were performed, what damage was caused, and the impact upon the power grid by doing so.  All of this information is published under the First Amendment, presumably for the public good.   We think it’s more likely for clicks and advertising viewership, but mmmkay.   One thing is for certain, copy cats and wannabe terrorists are absolutely paying attention, and the media is essentially building for them a “how to” list for carrying out attacks on utility substations and the power grid.   We predict there will be more of this type of activity, with few options for the utilities to actually mitigate this without significant capital expenditures.

The latest “how to” entry is that the FBI is using cell phone data to try to correlate cell phone account holders in the vicinity prior to and during the time of the attacks (we know exactly WHEN the attacks happened because the power went out).  The reality is that there are probably more than a few people that are going to be on that last and will be interviewed by law enforcement about their whereabouts and activities.  Maybe the culprits forgot to turn their phones off or leave them at home will be interviewed and caught.  But rest assured about one thing, the NEXT attack done won’t have anybody carrying an active cell phone…

(Note, we don’t represent Duke Energy in this matter and are not involved in this event in a consulting or investigative capacity) 

We wrote a letter to WRAL requesting the redact portions of their news report (https://www.wral.com/gunfire-caused-damage-that-led-to-moore-county-blackout-schools-closed-monday/20612201/) which provides detailed information about the attack and even quotes former FERC head John Wellinghoff on the effective damage that was caused:

The former head of the Federal Energy Regulatory Commission Jon Wellinghoff explained the severity of the damage to WRAL News.

“Somebody with a high-powered rifle puts a bullet through the case of a transformer and once it goes into the case of the transformer it hits the coils of the transformer, shorts it out, and it’s gone; That that device is no longer operable,” said Wellinghoff. “It can’t be fixed, it needs to be replaced. It cannot be repaired.”

Wellinghoff also shared insight into the repair process.

“A lot of these transformers also are sort of one-offs. It’s not like you can cookie-cutter replace them with another one from some other utility in the next county or the next state,” said Wellinghoff. “They have to be made sort of custom for the particular substation that they’re in. So if they don’t have spares for that particular substation, it could take a considerable amount of time.”

In effect, reading the totality of information presented by WRAL alone helps copy cat criminals build a “how to” list for carrying out similar types of attacks with little risk of getting caught.  This is irresponsible journalism, and they should know better.  For that matter, Wellinghoff should ABSOLUTELY know better.  It’s unfortunately not just WRAL acting alone, but apparently standard journalist practices today to divulge information that could lead to a rash of domestic terrorism that could impact significant portions of the country, and have long lasting effects.

We support and recognize the need for the First Amendment, it’s a critical component that makes America the best country in the world to live and thrive in.  However, the press should honor and respect the need for operational security and the risk for “copy cat” crimes, or even escalation of crimes by their irresponsible reporting.  We’ve seen this effect in school shootings, serial killings, etc, where individuals see news reports and articles and are incepted and maybe even encouraged to perform similar crimes under the guise that such crime will bring them notoriety and fame (or at least infamy).     Yet the media is never held responsible; maybe they should be.   This is the reason you no longer see nude runners streaking on the field during NFL game broadcasts, the cameras are told not to video the streakers so they won’t get their “15 minutes of fame”, just jail time.   That’s called being responsible for what you broadcast.

As a security professional, if you see articles or news broadcasts that represent a danger to society, call or write to that news agency and give them your feedback about irresponsible journalism.  We don’t want censorship, we just want responsible reporting.

UPDATE 12/27/22 – Almost like clockwork, the prediction has come true, with several new attacks on substations in Tacoma, WA.  https://www.nytimes.com/2022/12/27/us/power-substation-attack-washington-state.html

 

Posted in: CPTED, Security Consulting

Leave a Comment (0) →

Playing Around with the PinPoint Survey Application using Amazon Data

We put together a quick demo of the PinPoint Survey Application using some public data scraped from the web for all the US Amazon sites.  The equipment names and photos are all generated, so don’t get too excited about thinking there are real Amazon security equipment details being posted on the web.

Some of the reporting features are turned off, but the overall objective was to show off the speed and utility of the site data and geospatial mapping capabilities for relating sites and equipment within those sites.

Using the application from a tablet, you can use the built-in GPS to map the device lat/lon data to the database, along with any photos, notes, and punch list information that might be relevant.  This is particularly useful for large external sites like ports, refineries, mines/quarries, or power generation/transmission facilities.

GIF Movie of PinPoint Survey Application using demonstration data for Amazon sites

PinPoint Survey Application Short Demo

Posted in: Access Control, Application Development, CPTED, Premises Liability, PSIM, Security Consulting, Security Technology, Vulnerability Analysis

Leave a Comment (0) →

Simple Home Security Tips

For the most part and except for the rare high net worth executive or celebrity, our firm does not actively engage in home security consulting for residential properties.   We typically just aren’t cost effective, and there are plenty of other very good sources of information out there that can provide good service for your needs.   Still, I find that I get asked this advice from time to time, and even though we don’t typically provide this service, here are some ideas that can be helpful in protecting your loved ones and your home:

  • Have a Security Mindset.   A simple rule I learned from my father as a kid, “Leave your place the way you want to find it when you return”.   This applies to home security very easily.
  • Use Lighting. Leave the lights on if you’re coming home after dark (or have automatic lights that turn on a schedule or at dusk). 
  • Smart Lights. For techies, get light switches or sockets that can be controlled by Google Home or Amazon Alexa. Then set schedules or use voice commands to turn lights on/off. This helps make the home appear to be occupied.
  • Outdoor Lights.   Keep a light on the porch or in the yard.  Lights are a great deterrent for criminal behavior. Motion detection lights are useful too, although they tend to false quite a bit and may come on more than necessary.
  • Be Neat. Leave the house neat and orderly (it’s hard to tell if someone has ransacked your house if it’s already a mess…). There’s also a little bit of the “broken window mindset” here, that people won’t respect your home as a sovereign domain if it’s unkempt and in disrepair. Plus, don’t leave items in your yard that may help burglars or vandals break into or damage your home (ladders, tools, bricks/lumber, gas cans, etc).
  • Lock Doors.  Lock the doors before you leave.  If keys are a hassle, install a PIN pad for your deadbolt on your main or side entrance door.  They are easily installed and inexpensive.  Oh, and make sure you have a deadbolt lock on all doors.  Install one if not.
  • Use door barricades if needed. Metal exterior doors are best. For use when you are at home, using simple devices that function as a night latch are very helpful in supplementing deadbolts (you did get a deadbolt, right?). Be sure to install the night latch at least one foot higher or lower than the deadbolt, to add more strength and resist kick ins. By the way, forget the chains and use at least 3″ screws to fasten to the door frame and studs behind. Here’s a suggestion https://www.amazon.com/dp/B00D2K367Y/
  • Use Your Alarm.  Arm the alarm system if you have one.  Many people have alarm systems, but never actually use them.  Use it!  (A great feature I’ve added to my house is a “go away light”, that is a little red light that turns on if the alarm has been tripped and can be seen as I’m driving up to the house.  If it’s on, nobody goes inside, we call the police.)
  • Get an Alarm.  If you don’t have an alarm system, get one.  Most any commercially available alarm system is sufficient for home use.  Large companies like ADT and CPI market themselves as inexpensive, but tend to have high monitoring fees.  Otherwise they’re all about the same.   PRO TIP:  If you get an alarm system, get smoke detectors connected to it and pay for the monitoring fee.   The fire department will automatically be called whether you’re home or away.
  • Get a dog.   This age old burglar deterrent really does work pretty well.  And no, it doesn’t really matter what kind of dog, although a Chihuahua might not be the most intimidating.
  • Lock Windows.  Use your window locks, even on the second floor (criminals have ladders too).  If your windows are the older double-hung wooden type, an easy trick to secure them is to drill a ¼” hole in the far left or right side side of both sashes, and then insert a 10 gauge nail through both sashes.  Even if they managed to unlock from the outside, the window can’t be raised or lowered.
  • Cut Back Shrubs.  Keep shrubs cut back and trees limbed up so you can see your house windows and doors from the street.  Shrubs near the house should be trimmed neatly and cut back.   Hedges should be trimmed so they don’t offer an advantage to a stalker or potential burglar.
  • Fences.  If your property would benefit from the use of a fence, they provide a natural barrier and boundary to your property.  Most houses don’t have them, but for some homes they might be a good fit.
  • Cell Charger by Your Bed.  Most people don’t have a home telephone anymore, so make sure to have your cell phone charger at your bed at night.  If you need the phone in a hurry because of a break in, you don’t want it in another room.
  • Night Lights.  Most grown adults don’t want or need night lights, but they are very helpful for night time navigation in events where you’ll likely have the advantage of night vision and know the layout of your home.
  • Flashlight.  Having an alternate source of light is critical in emergency situations.  There should be one flashlight per person in the household.  The nightstand is an obvious place to keep it.
  • Have a plan.   Have a plan what to do in case of an emergency, a fire, or home invasion.  If you have children, discuss the plan with them too.  Keep it simple so everyone will remember it.
  • Owning a Gun.  Owning a weapon like a gun is a personal choice, and for some may not be right, or even legal.  If you do have a lethal weapon, make sure it is stored and locked up securely, and that you can get to it quickly and safely if needed.  Otherwise, you’re better off not having it or not using it in the case of a home invasion (you don’t want it used against you or your family).  Training and regular practice with the weapon is also strongly recommended.
  • Non-Lethal Weapons.  If a firearm is not for you, other non-lethal options such as Pepper Spray, Blunt Weapons, or Tasers may be used in the case of home invasion, but still also carry the responsibility of choosing to use them appropriately and have proper training.  Don’t use pellet guns, air-soft guns, or the like as a means of self-defense. In the event the intruder also has a gun, he’s more likely to use it if he believes you also have a gun.
  • Handcuffs.  A final consideration is what you’re going to do with the intruder if you’ve managed to stop them.  How will you hold them for police?  Having a set or two of handcuffs in a drawer is a safer and easier alternative to tying them or trying to lock them in a room.

These are but a few ideas for home safety and security that can be easily adopted by most people.  If you need more detailed information or want a thorough security plan developed, contact a professional security consultant to help you determine your needs and the best plan to make sure you are prepared and protected.

Posted in: CPTED, Fire and Life Safety, Security Technology

Leave a Comment (0) →

The Impact of Closed Circuit Television

Almost 30 years ago when I was first entering the security industry, closed circuit television (CCTV) cameras weren’t terribly different from the cameras that were being used to for movie and television production.  They were smaller, typically had less resolution and no audio, but the basic principles were the same.   Charged Coupled Device (CCD) cameras were fairly new, and if you wanted low light performance, you were resigned to use tube cameras.  Yes, tubes.  As in vacuum tubes.  Tube cameras actually used a vacuum tube for the imager, and the tradeoff for low light sensitivity was a shorter life span, higher power requirements, and reduced reliability.   Later, Complementary metal–oxide–semiconductor (CMOS) cameras came into play and helped overcome some of the limitations of both tube and CCD technologies.

Vidicon Imaging Tube for Old Style CCTV Camera

Since then, digital Internet Protocol (IP) cameras have come into play.    These newer cameras offer increased light sensitivity, much higher resolution, and new enhancements like video analytics and flexible communications options.

While all of these advancements make for better security, the most important enhancements are the video analytics and IP communications.   These two technology advances increase the likelihood of detecting activity and being able to monitor and record that activity from almost any location.

For most small and medium sized businesses or municipalities, the thought of a comprehensive video management system seems not only unnecessary, but impractical from a monitoring and timely intervention standpoint.  “Video cameras don’t stop crimes, all they do is record it”, we often hear.  This is not necessarily true.  CCTV video serves three important roles in security:

  1. Deterrence – Sometimes just the sight of a video camera will deter criminal activity from ever happening in the first place. Because being watched means being held accountable, this is a strong enticement for on premises security cameras.  No, this doesn’t mean adding “dummy cameras” is a good idea.  In fact, installing dummy cameras can make matters worse in premises liability cases for incidents occurring on your property.
  1. Detection – Having all of the campus CCTV cameras monitored in a single location allows for an operator to spot potential negative events during or even prior to them actually happening. IP enabled cameras offer increased detection capability in two ways; first they allow for cameras to be placed anywhere within the corporate network infrastructure (or even further away via hybrid cabling or wireless networking), and second they permit remote monitoring from anywhere there is network or internet access, including smart phones and tablets.  This allows for remote monitoring and recording at an off-site or contract monitoring facility, and also allows the ability to feed recorded or live events to first responders almost in real-time.    It also means that cameras can be located just about anywhere in your corporate footprint, including on-board vehicles.
  1. Assessment – Being able to discern what, where, and when something is happening on camera is critical to determining how to respond to a particular event, and also aids in evidentiary requirements for later prosecution. With the advent of video analytics, that can now be taken a step further with things like video motion detection, face detection, traffic movement, object removal, and facial recognition.   These tools increase the reliability of the observer (or recording device) to actually capture useful video information for use in timely intervention or for evidence in prosecution.   For example, with the right software, imagine a disgruntled employee situation where the former employee’s photo is setup to trigger an alert if the video system “recognizes” his face when he tried to re-enter the campus.  The authorities can be notified and other emergency precautions can be taken much sooner than previously possible.

Each one of these roles is an important piece to the overall security strategy for a business or government entity, and when used with common sense security practices like Crime Prevention through Environmental Design (CPTED) and other industry best practices, CCTV video becomes a powerful tool to both deter, detect, and defend both persons and property in a timely and effective manner.

 

Posted in: CPTED, Premises Liability, Security Consulting, Security Technology

Leave a Comment (0) →

LED Street Lighting for Security Purposes

Drive down any US city street these days, and the led-lightsold, yellow street lights now shine bright white and bright with the latest in modern street lights, LEDs.  LED lights are popular because of their tremendous energy savings, about 80-90% energy efficiency, when compared to a traditional incandescent light bulb. This means the LED lamp has about 80% of the energy used to illuminate actually goes into making the light, with the remaining 20% given off as thermal energy.   Compared with the highly inefficient incandescent bulb, which is about 25% converted to light, and 75% given off as heat.   So for any business, residence, or municipality, a huge savings in operating costs can be found by switching to LED lighting, and with federal subsidies for energy savings, the capital costs are partially offset as well.

But a small wrinkle has developed as the American Medical Association (AMA) has adopted guidance for communities on selecting among LED lighting options to minimize potential harmful human and environmental effects.   People are complaining about driving under the blue-white lights, or trying to sleep with one newly installed on the street outside their bedroom window.  According to the AMA:  “High-intensity LED lighting designs emit a large amount of blue light that appears white to the naked eye and create worse nighttime glare than conventional lighting. Discomfort and disability from intense, blue-rich LED lighting can decrease visual acuity and safety, resulting in concerns and creating a road hazard.  In addition to its impact on drivers, blue-rich LED streetlights operate at a wavelength that most adversely suppresses melatonin during night. It is estimated that white LED lamps have five times greater impact on circadian sleep rhythms than conventional street lamps. Recent large surveys found that brighter residential nighttime lighting is associated with reduced sleep times, dissatisfaction with sleep quality, excessive sleepiness, impaired daytime functioning and obesity.”   So the AMA is recommending that LED street lamps that are installed turn the color temperature down from 5000K or 4000K to at least 3000K, or a “warm-white” color that more mimics natural sunlight.

For the last 30 or 40 years, most street lamps have been high pressure sodium or mercury vapor lamps.  These are high intensity gas discharge (HID) lamps that operate by forcing an electric arc through vaporized mercury or sodium to produce light. The arc discharge is generally confined to a small fused quartz arc tube mounted within a larger borosilicate glass bulb.   The color is the big difference:  mercury vapor lamps usually produce a bluish/purple color when operating, and sodium lamps produce a yellowish/brown color.   Sodium is the most common type lamp until just recently because it was more efficient than mercury.

So what difference does this make from a security standpoint?  The color mostly…  Oddly from a security standpoint the color can make a difference from a psychological and electronic security perspective.   In the past we have generally recommended Metal Halide HID lamps instead of mercury or sodium, even though they operate similarly, because the color is a much more true white and allows for proper color identification in low light situations.  Mercury and Sodium lamps can make greens and reds look like different colors, and navy and black almost impossible to differentiate.  Enter LED lamps.  They look very similar to metal halide from a color perspective, and allow better color rendition for both human eyes and electronic eyes such as video surveillance cameras, most of which see in color these days even at night (if the lighting is good enough).  Below you can see the major difference between an older style sodium vapor lamp and a newer LED.

Old and New

Both lamps give off ample light, but there is an obvious color difference.  And while it’s not terribly easy to see from this photo, true accurate color renderings are harder with the yellow sodium lamps.   The LED lamp here is a hotter color temperature, around 4000K and has that bluish tint that is being complained about.   Lowering the temperature to 3000K would make it slightly more amber, but not anywhere near the color of the sodium lamp.

So if your business, facility, or municipality has LED lamps being planned, it may be prudent to push for a 3000K color temperature not only for security camera color rendering accuracy, but also from a psychological and health perspective, and you have the AMA helping make your case for you.

 

 

Posted in: Company News, CPTED

Leave a Comment (0) →

Layers – Not just for Onions and Ogres

Security has been thought of and taught to others as a “layered approach” for centuries, and as such is not a new concept.   The Romans used layered concepts in their infantry tactics as well as their defensive fortifications.   With all due respect to “Shrek“, security is like an onion, and is a complex layer of countermeasures that make up a suite of hurdles that, presumably, are so confounding or problematic that the opponent gives up, gets caught, or never attempts anything in the first place.

The layers of security

Layers of security are a simple concept, but the concept is often overused by security professionals in discussion and even trivialized as not very important.  As Americans, we tend to rely very heavily on technology.  We understand technology, and we’re pretty good at it.   But while having thermal night vision cameras, fiber optic sensing cables, and CCTV drones flying over your campus are an impressive security posture, sometimes just a plain old chain link fence or dense thornbush hedge are enough to deter the would be criminal.  The most effective barrier I ever saw was a dense hedge of thorns called a  “living wall”.   It was 6 feet tall (and still growing), and you couldn’t climb it, cut it, or burn through it.

We once worked with a client that had installed a $4500.00 bullet proof door with a card access proximity reader installed behind Lexan (to protect it too) on the wall.  It we very impressive, until we learned that the wall it was installed  in was only sheetrock and metal studs, and you could kick through it and completely bypass the door.

Security layers mean from the outside in, with each layer adding to the increased security profile.   But security profiles are different for different companies, buildings, or campuses.  It depends upon the corporate philosophy, culture, and threat profile.  What may be reasonable for a chemical company manufacturing DOD explosives may not be suitable for a quarry.

Start with the outside, what are the threats from the street, the site perimeter, or even from the air?  Then work to the building perimeter, where are points of entry, access control weaknesses, or blind spots?  Internally you should look at the lobbies, common areas, break rooms, stairwells, and vestibules.  Then finally to policies and procedures relating to security, safety, and employee awareness.  Each of these areas will generate questions, to which you should generate answers in the forms of layers of security to add to your security profile.

Posted in: CPTED, Security Consulting

Leave a Comment (0) →