Physical Security vs. Electronic Security

by Scott McChesney, MCSP, CHS IIII

This article is part of Wood Harbinger’s newsletter series.

Over the last several years, security has taken on many faces and definitions. We have electronic security, which focuses on the use of electronics, such as access control and CCTV, to “protect” our property, including outdoor and indoor spaces. We have information security, which refers to the security of digital networks. Then there’s physical security, which refers to the “protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to an enterprise, agency, or institution. This includes protection from fire, natural disasters, burglary, theft, vandalism, and terrorism.”The multifaceted nature of modern security has created progressive options but has also left many struggling to understand and determine what our security solutions should actually look like. We have seen incidences where security measures have succeeded and all too many events where they have fallen tragically short. What causes this failure and what criteria is needed for more positive outcomes?

One Size Does Not Fit All

Too often, we find security focused on only electronic security, which is just one aspect of a security solution. The technology available has come a long way and can be integrated with a building’s facility infrastructure and data network systems. A building might have a top of the line security camera and access control system, with controlled entry at every door and a camera placed in every corner, but have no coherent strategy for how these systems should be effectively deployed or used in conjunction with security policies and procedures or staff training about what to do in the event of a situation. Unfortunately, the gap is often realized only after a tragic event. We look back and see how the situation could have been avoided or mitigated, but we are left with only forensic video or access alarms from the electronic security system.

How can this happen, with all the amazing security procedures and cutting edge technologies available to us? We have been led to believe that electronics offer a complete solution. In interviews and in speaking to people who have been involved in these tragedies, I hear over and over again, “I thought we were safe because we had card readers and cameras.”

Electronic security is an essential part of target hardening, but overreliance on devices leads to a false sense of security. Equipment alone cannot stop a tragedy. Often times the electronic security devices when used alone only offer forensic evidence of an event after the fact. A well-planned and coordinated approach incorporating policy, procedure, and training—in tandem with supporting devices— is the solution that can deliver improved safety and produce positive results in the event of a situation. That’s where Physical Security comes into play.

Physical Security Planning: The Well-Rounded Solution

Physical security, as we can see from its definition, is itself a layered concept designed to protect people, places, and things from a variety of harmful scenarios, both natural and calculated by humans. Physical security is an overarching concept that incorporates different tools to carry out a strategic plan. Electronic security is one of these tools, along with threat/risk assessments, environmental design components, policy and procedure review and development, and personnel training, to name a few. It is essential that security planning not start with where you put electronic devices; indeed, equipment placement should be one of the last factors considered, as location will be informed by the overall physical security plan.

I can tell you honestly, most electronic system manufacturers and integrators have little to no experience in developing security plans. As a former integrator myself, I quickly realized that in order to offer my clients a complete security plan I would have to seek the education and experience elsewhere. It has been a continuous learning experience over the last 17 years to develop the expertise. It’s also relevant to keep in mind that manufacturers and integrators make money based on the number of items you purchase; their end goal is not the always the effectiveness of your security plan, because they have a vested interest in the volume of equipment that you buy.

I recommend reaching out to an integrator or manufacturer if your overall goal is to expand an existing system, you understand the available equipment, and you have an existing physical security plan that can inform placement of such equipment. In all other scenarios, a physical security consultant can bring the most value in all phases of a project. The right consultant should ultimately pay for themselves by guiding the design, helping you avoid unnecessary changes or additions, maintaining schedule and budget, and, in the end, delivering a system that is effective in both cost and user outcomes.

Why You Need a Physical Security Consultant

Let’s start with a standard new design project. Bringing in a physical security consultant will give you the complete picture of all aspects of security—not just the electronics. They will look at threat-risk, policies and procedure, and the integration of multiple systems to increase workflow and avoid inefficiencies. This expertise is a rarity in many consultants or integrators that do “security design,” as this is often interpreted as simply electronic security systems design. A physical security consultant can offer complete programming, including all documentation to build and deploy a successful system.

Next let’s look at the design/build model for new design or existing system renovation. A common scenario in this model involves employing a consultant for the first phases of the design, from concept to around 100% design development, and then it is handed off to an integrator to complete. The issue is that most technology integrators are not accustomed to the design world. They often struggle to finish out designs and to coordinate properly with the other trades. While the design/build model can work with an experienced integrator, bringing in a consultant to help guide the process can help confirm and track the progress of the design, potentially saving money.

One of the most common security projects involve expansions of existing systems. In this scenario, the question I often get is, “Why do I need a consultant, I am just adding to the existing stuff?” The answer is that the system you began with may bear no resemblance to the system you may now have. Systems can change over time, with added equipment, lost or forgotten licenses, and integration of electronics into the policy and procedure plans. Often, new equipment may not even be needed, despite signs that it is. I have completed systems evaluations for many projects that already had open licenses that weren’t used, or systems that just needed a few tweaks to work optimally. These “hidden solutions” can save thousands of dollars by foregoing unneeded new equipment or taking advantage of new technology not offered by your existing integrator.

It pays to have a comprehensive view of the big picture. This is the kind of service that a practiced physical security consultant can provide. With the right expertise applied to your needs, you can optimize performance while assuring strong financial stewardship.

  • Share this page.
    Share on LinkedInShare on FacebookTweet about this on TwitterShare on Google+
  • This entry was posted in All Engagements, E-Newsletter and tagged , , . Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

    One Comment

    1. Posted August 13, 2016 at 4:07 am | Permalink

      physical security vs.electronic security very nice post i’ll wait for next post.

    Post a Comment

    Your email is never published nor shared. Required fields are marked *

    You may use these HTML tags and attributes <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

    *
    *

    • Share this page.
      Share on LinkedInShare on FacebookTweet about this on TwitterShare on Google+