Ten Common Security Design Mistakes Made by Architects
Like this article?
Visit our Security Tips page for more than 75 additional articles on a variety of topics related to physical security
Follow us on Twitter to be notified when new Security Tips are published
We have been working with architects for over 35 years and love them.
Most architects are creative, hardworking professionals that have the best interests of their clients at heart. But unfortunately, most architects have received little or no training on security, and often don't give proper consideration to security issues when designing a new building.
Sometimes, what is necessary for good security is in conflict with the artistic vision that the architect has for the building, and he or she chooses to ignore security considerations unless otherwise prodded by the building owner.
Here are common security design mistakes made by architects:
#1 - Architect Doesn't Consider the "Big Picture" When Designing Security for the Building
When many architects think of security, they think of electronic security systems, such as access control or closed-circuit television systems, and often don't consider the broader implications that the design and layout of the building can have on security.
Security is much more than just electronic security systems. Almost every aspect of the building design can have an impact on physical security. Site layout; the locations of entrances, stairways, and elevators; the design of the lobby; and the physical separation of functions within a building all have a direct and lasting effect on how well a building can be secured. Many elements of building construction, including doors, windows, lock hardware, landscaping, and lighting can either make security better or make security worse depending on how they are designed.
Mistakes made during the design process are often difficult or impossible to correct once the building is constructed. Poorly designed buildings increase security risks, and can make operating the security program on an ongoing basis much more expensive than necessary.
#2 - Architect Doesn't Consider Security Early Enough in the Design Process
Often, the first time that the subject of security comes up is late in the design process, when the architect starts asking the owner, "OK, where do we put the cameras and card readers?" (related to #1 above).
Sometimes, a security consultant is brought in once the owner starts finally thinking about how the building will be operated, but this is often at the stage when construction documents are just being finalized. At this point, there is a strong reluctance to alter the design in any significant way, and it may be costly to make the changes necessary to provide good security.
#3 - Architect Relies on Electrical Engineer or Security Systems Vendor for Security Design Expertise
Because many architects think security is electronic security systems (related to #1 above), they often rely on security system vendors or the project electrical engineer for security design advice. While these individuals can do a good job of designing the security systems once the owner's requirements are known, they generally lack the expertise necessary to conduct a risk assessment and develop a comprehensive security program for the facility, of which electronic security systems are only a small part.
#4 - Architect Relies Exclusively on Owner for Guidance
Many architects look exclusively to the owner to tell them exactly how the building should be designed from a security standpoint and what types of security systems should be used.
It is rare that an owner actually has the level of security expertise necessary to do this. Being a user of security systems doesn't make someone qualified to design the physical security of a new building.
Often, the owner will simply tell the architect to "do what we are doing at our present building", regardless of whether or not this makes sense for the new building.
It is interesting that an architect wouldn't dream of designing the structural, mechanical, or electrical systems in the building based solely on input from the owner -- qualified engineers in each of these disciplines would be brought in to provide their expertise. Yet frequently the architect relies exclusively on the owner to provide the security design of the building.
#5 - Architect Provides Inadequate Physical Separation Between Public and Non-Public Facilities
Private office buildings often contain facilities within them that are intended for use by the general public. This can include restaurants, public parking garages, observation decks, and meeting rooms made available for use by outside parties.
The separation of public and non-public areas is essential in providing good security, yet many architects fail to fully consider this during the design of the building. Common mistakes include:
Placing public facilities well within the secured building area, requiring that public users pass through secure areas in order to reach their destination. An example would be a public meeting room that was located within the Finance Department on an upper floor. This would require that public users pass through the Finance Department on their way to the meeting room.
Designs that require that public users have access to elevators or stairways that also provide access to non-public areas.
Placing amenities such as restrooms within secured areas and allowing public users to have access to these facilities.
Having parking garages where there is no physical separation between public parking areas and employee parking areas.
Having common shipping and receiving or trash disposal facilities that give non-employees access to critical areas. An example would be a trash compactor located within a shipping/receiving area that needed to be used by caterers providing food for an after-hours event in a public meeting room.
Failing to consider the different operating hours of public facilities. For example, a restaurant may open earlier or close later than the main building. This can cause complications when using shared lobbies, elevators, or parking garages.
#6 - Architect Provides Inadequate Physical Separation Between Floors or Departments
Many buildings are designed using an "open-office" concept, where the floors are largely open, and there are few if any walls that subdivide the floors. In multi-story buildings, the architectural design often calls for open staircases that provide free access between some or all of the floors.
While there are many benefits to an "open" architectural design, it greatly complicates security. An intruder who gains access to one area has complete access to all areas. It is difficult or impossible to do a "lock-down" of the facility in order to minimize damage that can be caused by an armed or violent intruder. A dishonest employee who decides to steal property or information from the company now has access to not only the department in which he works, but to the entire company.
#7 - Architect Fails to Consider Conflicts Between Egress Requirements and Security Requirements
Building and life safety codes require a means of emergency egress out of every area of the building. Often, at least two points of emergency egress are required out of any given area. This can create conflicts when the path of egress requires passage through a secured area.
For example, a public meeting room may be located directly adjacent to the Information Technology (IT) Department. The emergency exit stair for the floor is located within the IT Department, requiring that public users pass through a door between the meeting room and the IT Department in order to gain access to the stair. This prevents the door from being locked, and requires the use of a "work-around" such as an exit alarm or delayed-egress device.
#8 - Architect Provides Too Many Building Entrance Points
Buildings are often designed with way too many points of entrance. Sometimes this is done for perceived employee convenience, or because a door is required for emergency exit and the architect decides to make this door a point of entrance as well. Sometimes, additional points of entrance are provided in an attempt to resolve a poorly designed internal circulation system.
Having too many entrance points increase security risks and makes it difficult to properly control access in and out of the building. Having out-of-the-way employee entrances can cause an increased number of security violations (tailgating, door propped open, etc.) and place employees at risk. Having unnecessary entrance points increases initial security system costs as well as the costs for ongoing maintenance. Each unneeded entrance door is an additional point of potential failure in the building's security system
#9 - Architect Relies Exclusively on Elevators to Provide Security
Multi-story buildings are sometimes designed where the elevators provide direct access to an open floor area. Often, the point on the floor where the elevator lands is unattended, allowing anyone who steps off of the elevator to have free access to the entire floor.
To provide "security" for the floor, the architect specifies card readers for the elevator, requiring that employees use their access card in order to get to the floor. This arrangement fails to consider the ease in which an intruder can gain access by following an employee on or off the elevator; or by simply walking into the elevator and riding it until it reaches the desired floor.
(See related article: Weaknesses of Elevator Access Control)
#10 - Architect Specifies Doors or Locks that Look Good But Work Poorly
Architects often want to give a distinctive look to their buildings and often choose to use specialized or customized doors and/or lock hardware to achieve this goal. Unfortunately, most doors and hardware that fall into this category provide poor security and cause long-term maintenance headaches for the owner.
Examples of problematic types of doors and hardware include:
Doors over eight-feet tall.
Automatic sliding doors (unless specifically designed for security use).
Accordion doors (such as used for fire separation or as movable partitions).
Doors or lock hardware that are custom-made for a specific project, or are principally used in a foreign country.
Electric bolts and electromagnetic shear locks.
Any type of floor-mounted electric locking device.
A good security consultant can keep architects from unintentionally doing things that compromise security. Smart architects include a security consultant on their design team, and smart owners insist that they do so.
For more information about avoiding design mistakes that compromise security, please contact us.