Silva Consultant's Blog

Three Dirty Little Secrets about Video Surveillance Systems

Jun 7

Posted by Michael A. Silva in Video Cameras | No Comments

 

Dirty Little Secret #1 – Security Cameras Rarely Serve as a Deterrent to Crime

Despite an almost universal belief otherwise, there is no conclusive evidence that video surveillance systems serve as a deterrent to crime. While a few studies have shown that there may be a decrease in crime when cameras are installed in certain settings, such as publically-operated parking garages, there are many more studies that have shown that the installation of security cameras has no effect whatsoever on crime rates.

While more independent  studies are needed, the evidence at this point suggests that security cameras rarely prevent crimes from occurring, and almost certainly don’t deter crime to the degree that is implied by many sellers and installers of video surveillance equipment.

The following should be considered when contemplating the deterrent effect of video surveillance cameras:

  • Most people who engage in criminal behavior don’t have the same thought processes that honest people do and don’t consider the long-term consequences of their actions.
  • Many people who commit crimes aren’t thinking rationally at the time they commit them. They may be drunk, high on drugs, or suffering from some form of mental illness.
  • Smart criminals are well-aware of the limitations of video surveillance systems and may plan their crimes around them. They may commit crimes just outside of the range of cameras, or wear simple disguises to conceal their identity.
  • People become desensitized to the presence of video cameras after a short time. While there may be an awareness of cameras when they are first installed, they soon become part of the environment, making regular occupants of the area almost oblivious to their presence.

Dirty Little Secret #2 – Most Recorded Video is Useless as Evidence

The goal of most video surveillance systems is to provide recorded evidence when a crime has been committed, allowing the criminal suspect to be quickly identified, captured, and prosecuted. Ideally, the recorded video would show the criminal in the act: stealing the computer, vandalizing the car, or assaulting the victim. Images on the recorded video would provide a good picture of the suspect, allowing his facial features, clothing, and any distinguishing marks to be clearly recognized. When the suspect is captured and brought to trial, the video evidence would be compelling enough that a jury would be convinced of the suspect’s guilt “beyond a reasonable doubt”.

While this type of scenario is often played out on television shows and in movies, it rarely occurs in the real world. Most users of commercial video surveillance systems are deeply disappointed when they discover that the system that they have purchased can’t provide recorded video that is useful as evidence. This dissatisfaction usually comes to light when the user reviews recorded images in an attempt to investigate a crime after the fact. Complaints frequently heard are: “I can see the person, but can’t identify who it is”; “I can see the person, but I can’t see what they are carrying”; “I can see a car, but can’t tell the make or model or read the license plate”; “when I enlarge the picture, it is nothing but a blur!” ; “the view of the camera is blocked in exactly the area that I want to see”.

Most problems related to the quality of recorded images can be attributed to the following:

  • Too few cameras with too wide a field-of-view: Cameras can view a wide area, or provide a high-level of detail, but not both. Many cameras are set to view an excessively large area, which makes it impossible to positively identify people at most points within the scene.  A study by the FBI suggested that, in order for a person’s face to be positively identified, the person must equal approximately 120% of the vertical height of the video image. To get this type of image requires an extremely narrow field of view, allowing each camera to cover only a very small area. While not everyone agrees with this study, almost everyone admits that most cameras installed today have fields of view that are set too wide to allow facial recognition throughout most of their coverage area.
  • Improper viewing angle: To best identify a person, a camera needs to have a relatively straight-on shot of the person’s face. Many cameras are installed too high, at the wrong angle, or pointed so that they only see the side of the face or the back of the head. For example, at building entrances, it is common to only have a camera inside pointing out towards the door. While this camera can provide a good view of someone entering the building, it can only see the back side of a person exiting.
  • Blind spots in coverage area: There are lots of obstructions in settings such as parking garages or warehouses. Cameras can’t see through structural columns, parked trucks or stacks of pallets, often creating conditions where large portions of the facility cannot be seen by a camera.
  • Improper lighting conditions: Cameras need to have an adequate amount of light in order to see. More importantly, the lighting needs to be uniform throughout the viewing area. Too little light or the combination of bright areas and dark areas within the viewing area will usually produce a poor quality image.
  • Improper recording resolution setting: There is a tradeoff between the video resolution used for recording and the amount of time that images can be stored on the recording device. The higher the resolution, the less recording time. In many cases, the resolution setting has been set to an unacceptably low rate in an attempt to maximize recording time.

While all of the problems identified above are solvable, the cost of doing so can be prohibitive in many applications.

Although it is relatively easy and cost effective to get good quality recorded video in small, confined areas such as at building entrances or at teller’s windows, it can be much more challenging and expensive to cover large open areas such as parking garages and warehouses. Most property owners don’t want to spend the money that it takes to properly provide evidentiary quality video coverage throughout their facilities, as this can require many more cameras and much more recording equipment than they originally planned on installing. Instead, they choose to install far fewer cameras than are actually needed and hope for the best. They are often aided and abetted in this effort by security integrators, who would rather sell just a few cameras than none at all. The net result: a video surveillance system that fails to meet the owner’s needs and is incapable of providing recorded video that is useful as evidence.

Dirty Little Secret #3 – “Megapixel” Security Cameras Won’t Cure All Video Surveillance Problems

New high-resolution video cameras have been introduced in recent years and these cameras are now becoming popular in the video surveillance industry. Offering resolutions of up to 16 megapixels (MP) and higher, these cameras promise to provide a quality of video that is substantially better than that provided by traditional standard definition (SD) cameras.

Many manufacturers  and security integrators have been quick to tout the benefits of these cameras, claiming that they are the cure to all of the weaknesses of traditional video surveillance systems. Some of the claims that we have heard by manufacturers include: “one megapixel camera can replace up to ten of your standard fixed-position cameras”; “there is no longer any need for pan-tilt-zoom cameras – our 360 degree megapixel camera can view and record all areas all the time”; and “our megapixel cameras will finally allow you to positively identify faces and read license plates throughout your parking lots”…, etc.

Our actual experiences in seeing megapixel cameras in use at some of our clients facilities paints a somewhat less flattering picture. While megapixel cameras can be beneficial in many applications, it is our opinion that the capabilities of megapixel camera have been greatly oversold by many manufacturers.

Some of our findings include:

  • Megapixel cameras work best in indoor applications where lighting is adequate and doesn’t vary significantly throughout the day. In these conditions, megapixel cameras are capable of providing a significantly better quality image than that provided by a standard definition camera.
  • Using megapixel cameras in outdoor applications can be a real challenge. While the image quality provided during the day can be great, the image quality at night can be the same or even worse than that provided by a standard definition video camera. Users who install megapixel cameras outdoors for improved nighttime picture quality are likely to be disappointed.
  • The increased resolution provided by megapixel cameras can provide an improved ability to make out facial details and license plates when the camera’s field of view is properly focused on the area of interest and lighting conditions are correct. In some cases, this may allow the use of fewer cameras to cover the same scene, however it is still unrealistic to expect a single megapixel camera to cover a large area. Thinking that you can install just a handful of megapixel cameras to get evidentiary quality video coverage throughout your entire parking garage is unrealistic.
  • The installation of megapixel cameras can’t solve problems such as blockage of view, improper viewing angle, and poor lighting conditions.
  • The quality of images produced by megapixel  cameras can vary greatly by manufacturer, particularly in real-world surveillance applications. Cameras with a higher megapixel rating don’t necessarily produce better quality images than cameras with a lower megapixel rating.

Our conclusions: megapixel cameras can provide improved performance in some applications, but they are not a “magic bullet” that will automatically solve all of your video surveillance problems.

Summary

Video surveillance systems can be a useful tool when designed and installed correctly, and when the user has realistic expectations about what they can and cannot accomplish. In many cases, users will install video surveillance cameras as a “quick fix” when they are having a security problem, without considering that cameras may not be the correct solution. Cameras installed under these circumstances are almost always a waste of money.

We recommend that clients develop a comprehensive security plan for their facility before making the decision to install security cameras. This plan should be based on a security risk assessment and address all aspects of security including security policies and procedures, employee training, architectural security, and electronic security systems.

While video cameras can be part of your overall security plan, they are rarely a security solution in themselves.

Security of Warehouses and Distribution Centers

May 25

Posted by Michael A. Silva in Physical Security | No Comments

Warehouses and distribution centers are frequent targets of burglary, theft and pilferage. These facilities contain lots of new merchandise in its original packaging, something that is highly-desirable to both professional and amateur thieves.

The large quantity of merchandise in most warehouses also brings out an emotional feeling within many people that suggests: “Wow, there are so many of these items, they won’t miss just one…”. This feeling can sometimes tempt people who otherwise wouldn’t think of themselves as criminals.

Warehouses are subject to both internal and external theft. Internal thefts are committed by company employees, contractors, and other “insiders” who have a legitimate reason to be in the warehouse at certain times. External thefts are committed by “outsiders”- people outside of the company who have no legitimate need to be in the warehouse and are coming to the facility specifically to steal.

Truck drivers and other types of delivery service drivers can pose a specific security risk. Some drivers have gotten into the habit of stealing from their customers when making a pick-up or delivery, and consider this to be a justifiable “fringe benefit” given the inadequate wages that they feel they are making. Drivers are often allowed to wander freely while their trailer is being loaded or unloaded and can use this opportunity to gather up items that they wish to steal. It is often easy to place additional items into the trailer after it has been loaded, or to place stolen items into the cab of the truck unnoticed.

Along the same lines, many warehouse employees feel that they are underpaid and underappreciated, and look at stealing from the warehouse as a way to supplement their income and to get back at their employer at the same time. There are variety of ways in which warehouse employees can steal: some simply load merchandise into their car during the day; others place merchandise in trash bins and come back later to retrieve it; and still others may pack merchandise into a box and ship it to themselves using a bogus address that they have established just for this purpose.

Sometimes, dishonest warehouse employees work in conjunction with dishonest truck drivers to steal from the company. This can be a particularly dangerous combination: the warehouse employee has knowledge of what’s coming and going, can plant stolen merchandise in outgoing shipments, and can modify paperwork to cover his tracks – while the truck driver has the means to remove the merchandise from the warehouse. Collusion between warehouse employees and truck drivers is a big problem in some industries and is responsible for multiple millions of dollars of losses each year.

Here are a few suggestions for providing good security at warehouses and distribution centers:

  • Try to separate areas used for Shipping away from areas used for Receiving. When possible, provide physical barriers between these two areas.
  • Where possible, provide a separately fenced yard area that encloses the warehouse shipping and receiving doors. Establish a policy that prohibits personal vehicles from being driven into the shipping and receiving yard area. Keep the gate to the exterior yard area locked at times when the warehouse is closed.
  • Do not allow employee or visitor parking near warehouse shipping and receiving doors.
  • Do not allow truck drivers to wander through your warehouse. If possible, provide dedicated “driver lounge” for use by drivers. Driver lounge should contain restrooms and other amenities that can be used by drivers while they are waiting for their trailers to be loaded or unloaded. Access to driver lounge should not require travel through interior warehouse areas.
  • Exterior trash and recycle containers should not be directly accessible from the inside of the warehouse. If possible, locate exterior trash and recycle containers away from building. Keep trash and recycle containers locked. Establish procedures for trash removal that requires at least two employees to be present when trash is being removed from the building.
  • When possible, the warehouse manager’s office should be located so that direct visual observation of the shipping and receiving bay doors from the office is possible.
  • Avoid stacking merchandise directly in front of shipping and receiving doors – try to maintain a “clear-zone of at least ten feet.
  • Don’t leave valuables sitting unattended on exterior loading docks or platforms.
  • Provide separate areas for the storage of valuable or highly desirable items, such as computer and electronic equipment, cigarettes, liquor, baby formula, expensive clothing, etc. If possible. create separately lockable “high-value” cages or rooms for the storage of these items.
  • Use an electronic access control system to control access into high-value rooms or cages. Access control system should be capable of providing audit trail of who entered and when.
  • Provide video surveillance system to record activity in high value cages and rooms. Cameras should be placed to view entrance points as well as interior areas.
  • Consider instituting policy where at least two employees must be present in order to enter a high-value cage or room (“two-man rule”).
  • In locations where overhead doors must be left open for ventilation purposes, provide folding metal security gates to protect the door opening when the door is left open. Consider the use of an electronic door monitoring system that sounds an alert when both the overhead door and the folding gate have been left open for longer than a specified time period.
  • Strictly limit the number of exterior doors that can be used for employee entrance and exit. Avoid having entrance doors where they cannot be observed by staff. Provide audible exit alarms on all doors designated as emergency exit only doors. Consider the use of delayed-egress devices on emergency exit doors that are being frequently misused.
  • Establish procedures to control outgoing shipments to prevent employees from making unauthorized shipments to themselves.
  • Avoid situations where trailers filled with merchandise are stored in your warehouse yard at times when the warehouse is closed. If trailers containing merchandise must be stored outside, consider installing an intrusion alarm system to protect the exterior yard area and/or the trailers themselves.
  • Large warehouses and distribution centers should have manned security checkpoints at the entrances to the site. All outbound trucks should be required to stop at the checkpoint for inspection prior to leaving the site. At smaller warehouses where a manned checkpoint cannot be justified, consider having a supervisor or security officer make unannounced checks of outbound vehicles on a random basis.

Good Housekeeping can Improve Security

May 12

Posted by Michael A. Silva in Security Management | No Comments

When we conduct a security assessment for a client, we frequently see a direct correlation between how well a facility is maintained and how well the security program at this facility works. When we see dirty floors, lots of clutter, or burned-out lights, we often find that security at that facility is also very poor. Conversely, when we see a well-maintained facility, we usually find that the security program at that facility is also very effective.

Good site maintenance is an important part of your facility’s overall security program. A poorly maintained site can actually encourage acts of vandalism, graffiti, and other crime. The following site maintenance tips are suggested:

  • Keep the site clean and free of debris.
  • Avoid storing equipment or materials outdoors except in enclosed yard areas. If materials or equipment must be stored in an open area, it should be neatly stacked in an organized manner.
  • Don’t let your exterior areas become “bone yards” for unused furnishings or equipment – promptly dispose of unneeded items.
  • Do not store pallets or other items next to fences. Try to maintain at least a five-foot “clear zone” on both sides of the fence.
  • Promptly repair cracked or broken windows.
  • Clean interior and exterior light fixtures regularly.
  • Trim trees and other landscaping so that clear sight lines are maintained and so that light fixtures and security cameras are not blocked.
  • Keep walls, ceilings and floors clean. Paint walls and ceilings a light, reflective color to increase the effectiveness of lighting and improve visibility.
  • Graffiti should be removed or painted over as soon as possible after it is discovered. Prior to removing graffiti, take several photos of it. (Local law enforcement officials often request photos of graffiti so that they can identify the “tags” of specific gangs or graffiti vandals.)

Don’t Say “No” – Say “How”

May 3

Posted by Michael A. Silva in Security Management | No Comments

Security procedures are often seen as things that getting in the way of doing business. Whether it is a locked door, or a rule that prevents an employee from installing a new software application on his desktop computer, many people see security procedures as things that slow them down and prevent them from getting things done.

When you are the security director for your business, or a manager of a department that has security as one of its many responsibilities, you are often in the position of having to say “NO” to employee requests. When you see things that you think have potential to cause harm to the organization and the people that you are charged to protect, your first reaction is to prohibit these things. While this response is natural, it is typical of the “old school” way of thinking in the security profession, where the need to provide good security takes priority over all else.

While this way of thinking was prevalent in the 20th Century, it has given people who manage security the image of being the “company cop” – stogy, unbending, and an obstacle to productivity. Consequently, these people are never really seen as a part of the management team, and are rarely invited to strategy planning sessions and are often the last ones to learn about new developments in the company.

The 20th Century security manager is going the way of the dinosaur. To survive in the 21st Century business environment, security professionals must be “business enablers” that help the business move forward and contribute value to the bottom line. Managers responsible for security need to think more like business people and less like cops. As a part of this shift in thinking, managers need to find ways to stop automatically saying “NO” when other business units suggest doing things that may conflict with standard security practices

While there are some things that are and must remain absolute “NOs”, there are many requests that can be safely accommodated without jeopardizing security if they are approached in a positive and creative way. Instead of saying “NO”, try to find a way to say “HOW”. In other words, instead of telling someone that they can’t do what they want to do, tell them how they can do what they want to do while at the same time minimizing security risks.

For people who have been in the security business a long time, this shift in thinking can be a real struggle. You must set aside your normal prejudices and start thinking outside of the box. Here are a few things that you should consider when making the transition to the Don’t Say “No” – Say “How” way of thinking:

  • Try to really understand the mission of your organization and what it’s trying to accomplish. Do everything in your power to support and not interfere with this mission.
  • Consider the time it takes for your employees to comply with each security system or procedure, and consider the indirect costs of this lost productivity. For example, if a security procedure delays each employee by five minutes each day, and you have 200 employees who are paid an average of $30 per hour, this procedure is costing your company $500 per day, or around $123,000 per year.
  • Consider how employee morale will be impacted by each security procedure. People who feel that they are not believed or trusted by the company have a hard time making a positive contribution to the company’s goals.
  • Consider the image that your security procedures convey to your customers, visitors, and the general public.
  • Don’t inconvenience everyone to prevent improper behavior by a small minority of employees.
  • Don’t put big procedures or systems in place to solve small problems.
  • Don’t put permanent procedures or systems in place to solve short-term problems.
  • Don’t react to each new theft or security violation by creating a new security procedure. Consider the big picture and only institute new systems or procedures when absolutely necessary. When in doubt, error on the side of not instituting a new procedure.
  • Consider accepting certain losses if the security procedures necessary to stop these losses cost more than cost of the losses themselves. Be sure to factor in the cost of employee inconvenience when making this analysis.  

 (I first heard the phrase Don’t Say “No” – Say “How“ at a presentation made at the ASG Security Summit by Bret Arsenault, CISO at Microsoft, on March 8, 2011. Listening to Bret’s’ presentation inspired me to write this Security Tip).

How Security Integrators Can Succeed Working With Consultants

May 3

Posted by Michael A. Silva in Buying Security | No Comments

Many security systems integrators are baffled when it comes to working with an independent security consultant. Many integrators feel that a security consultant gets in the way of their relationship with the customer, and that the sole purpose of the consultant seems to be to make their life more difficult.

Security consultants are a fact of life on most large projects, and security integrators who wish to pursue the larger projects must eventually work with a consultant, whether they like it or not. Smart integrators learn to work with security consultants, not against them.

Here are a few tips that security systems integrators should consider when working with independent security consulting and design firms:

Reach Out to Consultants in Advance

Often, the first time that a security consultant hears from a security integrator is when a specification that the consultant has written goes out for bid. Smart integrators reach out to the consultants in their area in advance, letting them know what types of projects they do, what product lines that they carry, and what types of special services that they may offer. After making the initial contact, check in with the consultant periodically to let him know what projects you are working on, what new product lines you have taken on, etc.

Don’t Bid on Projects That You are Not Qualified For

Consultants prefer to work with security integrators who are well-qualified and who have previous experience with projects of a similar size and type. It is highly unlikely that a security consultant will give you your “first big break”.

If the largest project you have completed to date is $35,000, don’t expect the consultant to recommend you for a $3,000,000 job. If the consultant has specified that the integrator be an authorized dealer for specific products, don’t expect for this requirement to be waived just so you can bid on the project.

Understand the Consultant’s Need to Keep Secrets

Security consultants are often brought in at the earliest stages of a project and are often privy to much information that they can not reveal to the integrator. Regardless of how close you are to a consultant, don’t expect him to tell you about projects in advance, tell you about the practices of your competitors, furnish you with early bid results, or give you information beyond what is publically available to other bidders. You wouldn’t want the consultant revealing secrets about your company – don’t expect him to tell you what he knows about your competitors.

Read and Follow the Consultant’s Bid Documents

The bid documents prepared by the consultant may represent hundreds or even thousands of hours of design and planning work. Yet, many security integrators just skim over the documents, say that the design is flawed, and begin to prepare their bid based on what they think is best. This mindset can cost the integrator the job if his proposal is rejected for being noncompliant. Worse yet, the integrator’s bid may be accepted, but disputes may arise during the construction phase when the owner finds out that what the integrator is installing doesn’t comply with the consultant’s bid documents.

Smart security systems integrators will:

  • Thoroughly read and study the bid documents, including all drawings and specifications.
  • Understand that your role is to execute the consultant’s design, not redesign the entire project based on your own ideas. This can be a tough role to adjust to, particularly if you are used to doing your own design work and have strong opinions about technical matters. If you are not able to make this adjustment, stay away from consultant designed projects.
  • Assume that there is a good reason behind everything shown in the bid documents. Raise questions during the bid phase when you see something that looks like an error, but don’t challenge things that will work but are different than the way that you would normally do them.
  • Assume that you will be required to comply with every part of the bid documents and price your bid accordingly. Don’t assume you will be able to omit items or make changes later unless you have received a written addendum approving these changes prior to bid date.
  • If you have a better, cheaper, or more creative way of doing things, ask if you can submit two bids: one that is fully compliant with the consultant’s bid documents, and another based on your own ideas. But, in order for this strategy to succeed, your alternative proposal must offer significant cost and other advantages to the owner, not just accommodate you.

Start Projects Out on the Right Foot

Most bid documents prepared by consultants require that product information data and shop drawings be submitted for approval prior to the start of the project. The bid documents usually have specific requirements for how these submittals should be prepared. Smart security integrators follow these requirements to the letter, demonstrating to the consultant that they take the bid documents seriously. This is a great way to start the project off on the right foot.

Make Sure that Everyone on Your Team Knows the Rules

In many cases, a salesperson or estimator at the systems integration company will use the consultant’s bid documents to prepare the bid, but once the project starts, these documents are put on the shelf, and never make it to the job site. Often, the project manager and field technicians are not even aware that this is a consultant designed project and have never even seen the original bid documents.

Smart security integrators let everyone on their team know that this is a consultant designed project, and that there are specific contract requirements that must be complied with. This may mean that technicians will have to do things differently on this project, but things work better when everyone knows the rules in advance.

Communicate Often and Document Everything

Smart systems integrators communicate with the security consultant regularly, not just when there are problems or questions. A quick call or email giving the consultant an update on project status is greatly appreciated and should be done on at least a weekly basis throughout the project.

Any questions involving clarifications or changes to the bid documents should be submitted to the consultant in writing. Don’t wait until the last minute to submit a question; allow ample time for the consultant to review the situation and prepare a response.

Keep Your Commitments

Prepare a detailed project schedule in advance, and follow this schedule to the letter. If there is a major problem, or you expect to miss a scheduled completion date, let the consultant know well in advance. Show up on time for meetings and return calls and emails from the consultant promptly.

Prepare for the Final Acceptance Test

The end of the project is often the most stressful time for the security integrator. This is when the consultant will examine the project to make sure that all requirements of the bid documents have been met. Normally, an “acceptance test” will be conducted by the integrator and witnessed by the consultant. During this process, the consultant will identify any deficiencies and prepare a written punch-list of items that the integrator must correct prior to acceptance of the project.

Here are some things that the integrator can do to assure that the acceptance testing process goes smoothly:

  • Prior to scheduling the test, have someone from your firm (preferably someone who was not actively involved in the project) thoroughly read the consultant’s bid documents again and then inspect the project to see that all requirements have been met.
  • Prior to scheduling the test, thoroughly test all security systems to assure that they are complete and working properly. Problems with the security systems should be identified and corrected by your technicians in advance, not discovered for the first time during the acceptance test.
  • Prior to scheduling the acceptance test, take one final walk-through of the project and visually inspect everything. Pay attention to details: missing screws, devices loose or wall or not level, cable not properly tied-down or not labeled, missing knockouts in electrical boxes, etc. Finding and fixing these items in advance keeps them off of the punch-list and saves everyone time. 
  • During the acceptance test, provide an adequate number of technicians and all  tools necessary to conduct the test. Expect for the consultant to ask you to remove equipment covers and disconnect and reconnect wiring connections in order to test tamper switches and wiring supervision features.
  • During the acceptance test, have the right people on hand so that all of the consultant’s questions can be answered. For example, if the consultant asks “How did you install the cabling to this camera?”, someone should be present who can answer this question. Saying “I dunno, the guy who ran the cabling ain’t here today…” isn’t an acceptable answer.
  • During the acceptance test, don’t stop to fix problems encountered along the way. Once a problem has been identified, it should be put on the punch-list, and everyone should move on to test the next item. Don’t expect the consultant to stand around while you try to solve problems or finish uncompleted work. 
  • During the acceptance test, don’t allow your technicians to get defensive about problems identified by the consultant. Often, a technician will question the necessity of doing something that was required by the specifications, but not needed in the opinion of the technician. This is not the time for a technical debate – if it’s in the specs, it needs to be done in order to satisfy the requirements of the contract. Have your techs do it regardless of their personal opinion about whether it is necessary.

End Projects on the Right Foot

Bid documents prepared by consultants typically require end-user training, and close-out documentation such as shop drawings. The bid documents usually have specific requirements for how these items should be handled, and again, the smart integrator takes these requirements seriously and fully complies. Close-out documentation should be submitted promptly at the end of the project. Don’t blemish an otherwise perfect project by failing to perform close-out tasks in a timely manner.

Meet with the Consultant After The Project is Complete

After the project has been completed and the dust has settled, arrange a meeting with the consultant to discuss how the project went. Ask the consultant to honestly tell you how your company performed, and to tell you ways in which your project execution skills could be improved. In turn, tell the consultant how you think he performed, and offer suggestions for ways in which the consultant could improve his bid documents or construction administration processes.

Security Vulnerabilities Created by Fire Department Key Boxes

May 3

Posted by Michael A. Silva in Physical Security | No Comments

Many governmental agencies require that commercial businesses install key boxes on the exterior of their buildings to allow fire department access. These boxes are typically installed at primary building entrances and contain things such as master keys, access cards, and building floor plans. One major manufacturer of fire department key boxes is the Knox Company, so these key boxes are often called “Knox Boxes”, even though several other manufacturers produce similar types of products.

Fire department key boxes are usually purchased and installed by the building owner, but come without the exterior lock. After the box has been installed, the owner arranges an appointment with the fire department, who comes out to the site and installs the exterior lock. At this time, the owner places building master keys, access cards, and floor plans into the box. Once the box has been locked by the fire department, the owner no longer has access, and it can only be accessed by the fire department.

All key boxes in a particular fire district zone are keyed alike. All fire department vehicles who respond to this zone carry a key that unlocks all of the key boxes in their zone. In a smaller city or town, there may be only one zone, so one key can unlock everything; in larger cities, there may be many different zones and many different keys.

The fire department key box is typically used when the building is closed and no one is around to let the fire department into the premises. The first responding emergency vehicle uses the fire department key to unlock the key box, and then removes the master keys and access cards from inside the box. These keys and cards are used by fire department personnel to gain entry to the premises, and to get inside of any locked rooms on the inside of the building.

Fire department key boxes are a weak spot in the building’s overall security program because anyone who has access to the key box has access to every area of the building. An intruder who compromises the key box literally has the “keys to the castle” and can go almost anywhere that he wants.

There are two primary ways in which the fire department key box can be compromised. The first way is for the fire department’s key to fall into the wrong hands. This could occur if the fire department key was lost or stolen from a fire department vehicle. This would give the person who took the key access to all buildings within the local fire zone (possibly hundreds of different businesses). Preventing this type of event from occurring is completely outside of the control of the property owner. One would hope that the fire department takes adequate precautions to keep fire department keys safe, and would quickly rekey the key box locks throughout the fire zone if a key to this zone was lost or stolen.

The second way for the fire department key box to be compromised is for it to be physically attacked. Most key boxes are well-constructed and designed to resist attack, but are not impenetrable. An intruder who has the proper tools and ample time can eventually compromise the key box. Some intruders actually remove the key box from the wall, and then take it to another location where they have more time to break-in to the box without being seen. They then return to the building to burglarize it once they have the master keys that were in the key box.

The most dangerous type of situation is where the intruder breaks-in to the key box surreptitiously without leaving any physical signs that the box has been tampered with. This can allow the intruder to steal keys and access cards and use them to make repeated entries into the premises over an extended period of time without being noticed. A creative intruder could even steal the original key box and replace it with a substitute key box to avoid the theft being noticed.

Here are some tips for providing improved security of your fire department key box:

  • When possible, arrange to have the fire department key box installed in a well-lit location that is visible from the street. Avoid having the fire department key box installed in hidden or out-of-the way places.
  • Recess-mounted key boxes are considerably more attack-resistant than surface mounted key boxes and should be used whenever possible. If you don’t currently have a good place to install a recess-mounted box, consider constructing a concrete or masonry pillar next to the entrance just to hold the key box. An existing wall can also be faced with masonry veneer to provide a place where a recess-mounted box can be installed.
  • If the key box must be surface mounted, make sure that it is rigidly attached to a structural support member and not fastened to just the wallboard or siding.
  • Provide an alarm tamper switch within the fire department key box. Connect this switch to your intrusion alarm system or security management system. This system should be programmed to notify an off-site alarm monitoring station or on-site security officers anytime that the box has been opened.
  • If your facility has a video surveillance system, provide a camera that views the area where the fire department key box is located.
  • If you use a security guard or patrol service, have the security officer regularly check the fire department key box as a part of his nightly rounds.

Introduction to Electronic Visitor Management Systems

May 3

Posted by Michael A. Silva in Visitor Control | No Comments

Purpose

Electronic visitor management systems are used to sign-in and track visitors who come to visit your facility. Electronic visitor management systems are an electronic version of the visitor sign-in sheet or visitor log book that is commonly used at many facilities. Electronic visitor management systems make the visitor sign-in process more efficient and provide an improved ability to track visitors.

How Electronic Visitor Management Systems Work

When using an electronic visitor management system, visitors are signed-in using a computer rather than on a paper sign-in sheet. Upon arrival, the visitor provides his or her name to the receptionist. The receptionist then enters the visitor’s name into the computer, and prints a temporary visitor badge which is then given to the visitor. When the visitor leaves, he or she returns the visitor badge to the receptionist, who then signs the visitor out on the computer.

Basic Components of an Electronic Visitor Management System

An electronic visitor management system consists of the following basic components:

  1. Visitor management system software: This software is what runs the electronic visitor management system. At most facilities, this software would be installed on an existing personal computer that is already located at the receptionist’s desk.
  2. Visitor badge printer: This is a small printer that is used to print the visitor badge and is directly attached to the computer that is running the visitor management system software.
  3. Card scanner (optional): This device allows the visitor’s business card or driver’s license to be scanned directly into the visitor management system software. This speeds up the visitor registration process and increases the accuracy of the information entered. When scanning a driver’s license, the system may also capture the picture shown on the license. If desired, this picture can be printed on the visitor badge.
  4. Camera (optional): A camera can be attached to the computer which allows the visitor’s picture to be captured by the visitor management system software. If desired, this picture can be printed on the visitor badge.
  5. Signature pad (optional): An electronic signature pad can be connected to the computer, allowing the visitor’s signature to be captured. This is often useful when a visitor is required to sign a non-disclosure agreement or to acknowledge a safety policy prior to being allowed entry to the facility. If desired, the visitor’s signature can be printed on the visitor badge.
  6. Barcode scanner (optional): A barcode scanner can be connected to the computer, allowing barcodes to be entered into the visitor management system. By scanning a printed barcode on the visitor badge, visitors can be quickly signed out when they leave the facility. This scanner can also be used to sign-in visitors who have been pre-registered and who have received a printed visitor confirmation email that contains a barcode.  

Benefits of an Electronic Visitor Management System

An electronic visitor management system offers the following benefits over the traditional manual visitor sign-in process:

  • Visitor information can be recorded more accurately and more consistently.
  • A personalized visitor badge can be quickly printed that contains the visitor’s photo.
  • Visitor information is stored in a computer database, allowing reports of visitor activity to be quickly created. These reports can be used to tell how many times each visitor has signed-in and signed-out and when, and tell which visitors were in the facility during any given time period. This information can be useful when investigating security or safety incidents, and for auditing billings by vendors or contractors.
  • Reports can be created that show all visitors who are presently in the facility. This can be useful during emergencies and evacuations.
  • Visitor information can be retained in the system, allowing returning visitors to be quickly signed-in in the future.
  • Visitors can be pre-registered in the system, speeding up the sign-in process when the visitor arrives.
  • If visitor photos are captured, photos can be useful in investigating security incidents that may have occurred when a visitor was on the premises.

Electronic Visitor Management System Enhancements

In addition to the basic capabilities described above, many electronic visitor management systems offer the following optional system enhancements:

  • Employee visitor pre-registration: This feature allows employees to pre-register their own visitors using a computer-based form. This is typically done over the company intranet, and allows employees to enter visitor name and expected date and time of arrival in the visitor management system. This allows receptionist to know that the visitor is expected and speeds up the sign-in process when the visitor arrives.
  • Batch visitor registration: This feature allows large groups of visitors to be pre-registered into the system. This feature is useful when a large meeting or conference is being hosted at the facility.
  • E-mail integration: This feature can be used to notify employees via email when a visitor has arrived, and to send confirmation notices to visitors who have been pre-registered. These confirmation notices typically contain a barcode which can be brought to the facility and scanned upon the visitor’s arrival.
  • Outlook calendar integration: This feature automatically places an appointment on an employee’s Outlook calendar when a visitor has been pre-registered to meet with them.
  • Watch list integration: This feature allows visitor names to be automatically checked against a pre-programmed “watch list” before the visitor is allowed entry to the premises. The watch list can contain the names of known terrorists, persons banned from the premises (such as previously terminated employees), and persons who are subject to a restraining order that prevents them from contacting a company employee.
  • Background check feature: This feature automatically submits the visitor’s name to a background check agency which performs a real-time security background check on the visitor. This feature provides an alert when a person who is a known felon or sexual predator attempts to sign-in as a visitor.
  • Self-service kiosk: This feature allows visitors to register themselves when they arrive at the facility. Typically, the visitor would enter all basic information into the kiosk themselves, and then simply need to be verified by the receptionist or security officer before being allowed entry to the facility.
  • Access control system integration: This feature allows access cards to be automatically programmed for visitors. This feature is used when visitors need to be given access cards to allows them to go through card reader controlled doors at the facility. 
  • Mobile visitor registration: this feature allows visitors to be registered using a portable hand-carried device and badge printer. This feature is typically used for registering visitors at construction sites, loading docks, and at other places where the use of a normal visitor registration system would be impractical.

Introduction to Security Window Film

May 3

Posted by Michael A. Silva in Physical Security | No Comments

Purpose

Security window film is used to enhance the security of regular window glass. When properly applied, security window can provide the following benefits:

  • Security window film can increase the strength of the window, which can delay or prevent entry by a burglar.
  • Security window film can reduce injuries caused by flying glass when the window is shattered. This could occur because of an accident, an act of vandalism, a bomb blast, or a natural disaster.
  • Certain types of security window film can provide benefits not directly related to security. These can include tinting of the window, reduction of the heat passing through the glass, and the reduction of damages caused by the sun’s ultraviolet rays.

Types of Security Window Film

Security window film consists of one or more layers of polyester film, laminated together with special adhesives. Security window film typically ranges in thickness from 4 mils (100 micron) to 14 mils (350 micron) or more. Thicker films are usually constructed by laminating multiple layers of thinner film together. Different types of films and adhesives are used depending on the characteristics desired in the finished product. Security window film is packaged in rolls of varying widths, the most common being 36″, 48″, 60″, and 72″. The length of film on a roll usually varies between 50 and 100 feet. 

In general, the thicker the film is, the stronger it is. As the thickness of the film increases, the degree of break strength, tear strength, and puncture strength also increases. Thicker film usually costs more due to the greater amount of materials needed and the additional manufacturing time required.

For most security applications, 8 mil to 14 mil thickness film is commonly used. Thinner films are often used in lower threat environments or when the primary reason for installing the film is for tinting or solar protection. Thicker films are often used in higher threat environments where additional security protection is needed.  

Installation of Security Window Film

Security window film is most commonly installed on a retrofit basis on the inside of existing windows. The installation is done at the job site, and involves the cutting and applying of the film to the surface of the glass of each window. The film is attached using a special adhesive and must be carefully installed to eliminate creases and air bubbles. Correctly installing security window film requires a high degree of skill and is generally done by professional installers.

The most widely used method of installing window film on existing windows is known as the “daylight” method, where the film is applied leaving a slight gap between the edge of the film and the edge of the window frame. The daylight installation method provides a reasonable degree of protection against forced entry and flying glass and is considered adequate for most facilities. However, many security experts feel that the daylight method does not provide an adequate amount of protection against the forces generated by a bomb blast or an attack by a particularly aggressive intruder. 

When an increased degree of protection is required, a different type of installation method, known as the “anchored” method, should be used instead of the daylight method. There are two types of anchored installation methods, the “mechanical” method, and the “wet” method.

The mechanical method involves the physical attachment of the window film to the window frame. Using this method, the window film is applied to the glass, but instead of being cut near the edge of the glass, it is overlapped over the window frame, and mechanically attached to the frame itself. The film can be attached to the frame using metal batten strips, or by using one of several devices designed specifically for the purpose. Depending on the degree of strength desired, the film can be attached on one, two, or all four sides of the window pane.

The wet method involves the attachment of the window film to the window frame with an adhesive sealant. Using this method, the window film is applied to the glass using the daylight method, but a little less gap is left between the film and the edge of the frame. A bead of special adhesive sealant is then applied around all four edges of the film, creating a tight bond between the film and the window frame. The use of adhesive sealant can have a negative impact on the appearance of the window, particularly if poorly installed. To solve this problem, there are products manufactured that can be installed along the edge of the glass to conceal the sealant and create a finished appearance.

Tempered glass windows shatter into tiny cubes when broken, making the use of the daylight installation method ineffective on these windows. Either a mechanical or wet anchored installation method should be used on tempered glass windows.

 Anti-Graffiti Window Film

There is a special type of window film designed specifically to prevent damage caused by graffiti. This film is installed on the exterior of the glass (unlike security film, which is installed on the inside) and is designed to absorb damage caused by painting, etching, and other types of “tagging”. This film is sometimes called “sacrificial film”, because it is intended to be removed and replaced after a tagging attack. The cost of replacing film is much less than the cost of replacing the glass, making it economical for use in locations where graffiti on windows is an ongoing problem. 

It is important to note that anti-graffiti film does not provide any significant protection against intrusion or bomb blast, so there may be cases where both types of film may be needed on the same window (anti-graffiti film on the outside, security film on the inside.)

Suggestions for Using Security Window Film

  1. The decision to use or not use security window film should only be made after a comprehensive security assessment has been conducted. The security assessment should provide guidance as to where security window film should be used, and establish the type of security film and attachment methods to be used based upon the level of risk at the specific facility.
  2. The use of security window film to mitigate the effects of bomb blast is a complicated matter. If your primary reason for installing window film is to reduce injuries caused by bomb blast, a detailed blast analysis should first be conducted by a qualified bomb blast consultant. This consultant can help to specify the type of window film that should be used and the recommended attachment method. This consultant may also specify supplementary “catchment” systems that catch the glass when it is blown out of the frame, greatly increasing the degree of blast protection.
  3. Choose a reputable local installation contractor to install your security window film. Obtain and check references, and ask to visit other facilities in the local area where the same type of product as you are considering has already been installed. If possible, visit installations that are at least several years old so you can see how the film looks after it has aged.
  4. Any type of anchored security window film installation is only as strong as the window frame itself. In some cases, reinforcement or replacement of the window frames may be required in order to provide the desired level of protection.
  5. In some cases, windows may already have tinted or solar window films installed upon them. These films typically do not provide any significant protection against intrusion or bomb blast and may need to be removed from the windows prior to the installation of security window film.
  6. Security window film is not bullet-resistant. If your facility requires protection against bullets, consider the use of bullet-resistant glass and other materials. (See Security Tip #3-10: Introduction to Bullet-Resistant Materials)
  7. Many intrusion alarm (burglar alarm) systems make use of glass breakage sensors to detect when a window has been broken. These can include sensors that mount on the glass itself, as well as acoustical sensors that are mounted to the walls or ceilings and listen for the sounds of breaking glass. The use of security window film may reduce the effectiveness of these sensors – be sure to notify your alarm company prior to installing window film and test all sensors for proper operation after the film has been installed.

Ten Dumb Things That Architects Do

May 3

Posted by Michael A. Silva in Security Design | No Comments

We have been working with architects for over 25 years and love them. Most architects are creative, hardworking professionals that have the best interests of their clients at heart. But unfortunately, most architects have received little or no training on security, and often don’t give proper consideration to security issues when designing a new building. Sometimes, what is necessary for good security is in conflict with the artistic vision that the architect has for the building, and he or she chooses to ignore security considerations unless otherwise prodded by the building owner.

Here are ten dumb things (from a security perspective) that architects do: 

#1 – Architect Doesn’t Consider the “Big Picture” When Designing Security for the Building

When many architects think of security, they think of electronic security systems, such as access control or closed-circuit television systems, and often don’t consider the broader implications that the design and layout of the building can have on security.

Security is much more than just electronic security systems. Almost every aspect of the building design can have an impact on physical security. Site layout; the locations of entrances, stairways, and elevators; the design of the lobby; and the physical separation of functions within a building all have a direct and lasting effect on how well a building can be secured. Many elements of building construction, including doors, windows, lock hardware, landscaping, and lighting can either make security better or make security worse depending on how they are designed. 

Mistakes made during the design process are often difficult or impossible to correct once the building is constructed. Poorly designed buildings increase security risks, and can make operating the security program on an ongoing basis much more expensive than necessary.

  #2 – Architect Doesn’t Consider Security Early Enough in the Design Process

Often, the first time that the subject of security comes up is late in the design process, when the architect starts asking the owner, “OK, where do we put the cameras and card readers?” (related to #1 above).

Sometimes, a security consultant is brought in once the owner starts finally thinking about how the building will be operated, but this is often at the stage when construction documents are just being finalized. At this point, there is a strong reluctance to alter the design in any significant way, and it may be costly to make the changes necessary to provide good security.

#3 – Architect Relies on Electrical Engineer or Security Systems Vendor for Security Design Expertise

Because many architects think security is electronic security systems (related to #1 above), they often rely on security system vendors or the project electrical engineer for security design advice. While these individuals can do a good job of designing the security systems once the owner’s requirements are known, they generally lack the expertise necessary to conduct a risk assessment and develop a comprehensive security program for the facility, of which electronic security systems are only a small part.

#4 – Architect Relies Exclusively on Owner for Guidance

Many architects look to the owner to tell them exactly how the building should be designed from a security standpoint and what types of security systems should be used.

It is rare that an owner actually has the level of security expertise necessary to do this. Being a user of security systems doesn’t make someone qualified to design the physical security of a new building. Often, the owner will simply tell the architect to “do what we are doing at our present building”, regardless of whether or not this makes sense for the new building.

It is interesting that an architect wouldn’t dream of designing the structural, mechanical, or electrical systems in the building based solely on input from the owner, yet frequently designs the physical security of the building doing only what the owner has told him to do.

#5 – Architect Provides Inadequate Physical Separation Between Public and Non-Public Facilities

Private office buildings often contain facilities within them that are intended for use by the general public. This can include restaurants, public parking garages, observation decks, and meeting rooms made available for use by outside parties.

The separation of public and non-public areas is essential in providing good security, yet many architects fail to fully consider this during the design of the building. Common mistakes include:

  • Placing public facilities well within the secured building area, requiring that public users pass through secure areas in order to reach their destination. An example would be a public meeting room that was located within the Finance Department on an upper floor. This would require that public users pass through the Finance Department on their way to the meeting room.
  • Designs that require that public users have access to elevators or stairways that also provide access to non-public areas.
  • Placing amenities such as restrooms within secured areas and allowing public users to have access to these facilities.
  • Having parking garages where there is no physical separation between public parking areas and employee parking areas.
  • Having common shipping and receiving or trash disposal facilities that give non-employees access to critical areas. An example would be a trash compactor located within a shipping/receiving area that needed to be used by caterers providing food for an after-hours event in a public meeting room.
  • Failing to consider the different operating hours of public facilities. For example, a restaurant may open earlier or close later than the main building. This can cause complications when using shared lobbies, elevators, or parking garages. 

#6 – Architect Provides Inadequate Physical Separation Between Floors or Departments

Many buildings are designed using an “open-office” concept, where the floors are largely open, and there are few if any walls that subdivide the floors. In multi-story buildings, the architectural design often calls for open staircases that provide free access between some or all of the floors.

While there are many benefits to an “open” architectural design, it greatly complicates security. An intruder who gains access to one area has complete access to all areas. It is difficult or impossible to do a “lock-down” of the facility in order to minimize damage that can be caused by an armed or violent intruder. A dishonest employee who decides to steal property or information from the company now has access to not only the department in which he works, but to the entire company.

#7 – Architect Fails to Consider Conflicts Between Egress Requirements and Security Requirements

Building and life safety codes require a means of emergency egress out of every area of the building. Often, at least two points of emergency egress are required out of any given area. This can create conflicts when the path of egress requires passage through a secured area.

For example, a public meeting room may be located directly adjacent to the Information Technology (IT) Department. The emergency exit stair for the floor is located within the IT Department, requiring that public users pass through a door between the meeting room and the IT Department in order to gain access to the stair. This prevents the door from being locked, and requires the use of a “work-around” such as an exit alarm or delayed-egress device.

#8 – Architect Provides Too Many Building Entrance Points

Buildings are often designed with way too many points of entrance. Sometimes this is done for perceived employee convenience, or because a door is required for emergency exit and the architect decides to make this door a point of entrance as well. Sometimes, additional points of entrance are provided in an attempt to resolve a poorly designed internal circulation system.

Having too many entrance points increase security risks and makes it difficult to properly control access in and out of the building. Having out-of-the-way employee entrances can cause an increased number of security violations (tailgating, door propped open, etc.) and place employees at risk. Having unnecessary entrance points increases initial security system costs as well as the costs for ongoing maintenance. Each unneeded entrance door is an additional point of potential failure in the building’s security system

#9 – Architect Relies Exclusively on Elevators to Provide Security

Multi-story buildings are sometimes designed where the elevators provide direct access to an open floor area. Often, the point on the floor where the elevator lands is unattended, allowing anyone who steps off of the elevator to have free access to the entire floor.

To provide “security” for the floor, the architect specifies card readers for the elevator, requiring that employees use their access card in order to get to the floor. This arrangement fails to consider the ease in which an intruder can gain access by following an employee on or off the elevator; or by simply walking into the elevator and riding it until it reaches the desired floor.  

#10 – Architect Specifies Doors or Locks that Look Good But Work Poorly

Architects often want to give a distinctive look to their buildings and often choose to use specialized or customized doors and/or lock hardware to achieve this goal. Unfortunately, most doors and hardware that fall into this category provide poor security and cause long-term maintenance headaches for the owner.

Examples of problematic types of doors and hardware include:

  • “All-glass” doors.
  • Doors over eight-feet tall.
  • Automatic sliding doors (unless specifically designed for security use).
  • Accordion doors (such as used for fire separation or as movable partitions).
  • Pocket doors.
  • Doors or lock hardware that are custom-made for a specific project, or are principally used in a foreign country.
  • Electric bolts and electromagnetic shear locks.
  • Any type of floor-mounted electric locking device.

 

A good security consultant can keep architects from unintentionally doing things that compromise security. Smart architects include a security consultant on their design team, and smart owners insist that they do so.

Security of Desks and File Cabinets

May 3

Posted by Michael A. Silva in Physical Security | No Comments

Confidential information is often stored in desks or file cabinets. This confidential information can include personnel records, marketing plans, research and development plans, secret formulas and other types of sensitive information. In some cases, people also store cash, negotiable securities and other high value assets in desks or file cabinets.

Many people think that their assets are safe if they are stored in a locking desk drawer or locking cabinet. This is far from the truth.

Most of the locks typically used on desks and file cabinets are simple locks that can be compromised in a number of ways.

First, most locks used on desks and file cabinets use a standard “factory” lock provided by the furniture manufacturer. In many cases, the manufacturer provides only a small number of different key combinations. Some manufacturers provide as few as twenty different keys. This means that it is highly probable that the key to your desk also fits hundreds of other desks produced by the same manufacturer. This also means that it is highly probable that hundreds of other people have a key that fits your desk!

This can be a particular problem in large companies that have standardized on a particular brand of furniture. In these companies, it is very likely that many desks and file cabinets will be keyed alike. This usually means that one employee’s desk key will probably work on dozens of other desks and file cabinets throughout the organization.

The second weakness of standard factory locks on desks and file cabinets is that they usually have a key number printed on them. This is usually a three or four digit code that is stamped on the face of the lock. This number tells which key fits the lock, and allows a duplicate key to be ordered from the furniture manufacturer or from any locksmith.

A person who wanted to gain access to your desk or file cabinet could simply look at your lock and get the key number. He could then look around the company to see if he could find a key with a matching number. If unsuccessful, he could simply go to the corner locksmith and order a key. This person would now have access to your desk or file cabinet anytime he wanted, and you would be none the wiser.

Finally, most standard factory locks used on desks and file cabinets are easily “picked” open. Anyone with a set of lock picks or even a paperclip can usually open these locks in very little time. Unlike door locks, which usually require some level of skill to “pick”, desk and file cabinet locks can usually be opened by almost anyone.

The conclusion: standard desk and file cabinet locks provide almost no security. They should not be used to store high value assets or confidential information.

Suggestions

  • File cabinets that are used to store low-to-medium value assets should be equipped with locking “slidebars”. These slidebars mount on the exterior of the file cabinet and are locked using a padlock. When locked, the slidebars prevent the file drawers from being opened. High-security padlocks (such as the Medeco) should be used with the slidebars instead of regular padlocks. Slidebars and high-security padlocks are available from most of the larger locksmithing companies.
  • High value assets should be stored in a burglary-rated file cabinet or burglary-rated safe. “Burglary-rated” means that the file cabinet or safe has been designed to resist break-ins and has been tested by an independent testing laboratory (most often UL). Burglary-rated file cabinets and safes should be purchased from a reputable safe and vault company.
  • Fire-rated file cabinets and safes are designed to resist fire, not to resist break-in! Many fire-rated file cabinets and safes use the same type of “factory lock” described above and provide very little security. Look at the UL label on your file cabinet or safe to determine how it is rated. If unsure, consult a safe and vault specialist.
  • Remove the key number from your desk and file cabinet locks. This number can usually be removed easily using sandpaper or a small metal file. (Be sure to write down the number on the inside of the drawer for future reference.)