By

Ralph Witherspoon, CCP

There are more than one million office buildings in the United States, ranging from small one-story buildings, to low-rise office parks, to towering skyscrapers. Increasingly, more and more Americans spend a significant part of their lives working in such buildings. And businesses increasingly house their most important assets - their employees and their sensitive printed and electronic information - in such buildings.

However, just like bank robbers who rob banks because that is where the money is, many criminals go to office buildings to steal, assault, rob, rape and spy because that is where their potential victims - companies or individuals - are located.

This brief article will provide the reader with guidance on some basic issues concerning securing office buildings in America today. It should not be relied on as the sole basis for a complete security plan, and does not contain legal advice. Readers should consult their attorney or security professional for advice about their specific situation.

How Likely a Target Is Your Building?

Where you are located and how attractive a target you are perceived to be by criminals and even terrorists will, in large part, determine how likely you are to actually be targeted. And how potential criminals and attackers perceive your building depends, in part, on their assessment of their potential "gain" versus the visible security measures you have. In other words, what is their likelihood of success, versus their risk of going to jail? Often a lucrative but well-protected building will be by-passed in favor of the less well-secured "easy" building.

In a commercial building, security risks come from both outsiders and building and tenant employees, and may include murder, robbery, rape, assault, theft, fraud, commercial espionage, arson, vandalism, bomb threats, workplace violence and (displaced) domestic violence, plus sabotage, to name but a few. The heavy concentration of people and property, coupled increasingly with "open" floor plans, make modern office buildings susceptible to these type threats. Plus, the always-present risks of fire, explosion, and natural disasters have to be considered in building design, construction or rehab.

Architects, contractors and management responsible for designing or implementing security in any new-build or rehab commercial building should first identify the assets (including people) to be protected, along with the likely threats to the facility. For example, in a stand-alone fast food facility, the threat of an armed robbery may be high; it would be less, however, in a two-story office building housing doctors (and drugs); and even less in small office building housing mainly accountants and similar “low-risk” tenants. A survey of all present or potential tenants should be made to ascertain what type of business each is or will be conducting; what significant business assets are present; and which businesses, if any, may constitute an increased risk to both the building and specific tenants from criminals, political activists, etc. A single high-end jewelry store can significantly increase risks. If not yet built, the developer should have a good idea of the type of tenants it hopes to attract.

The building threat assessment should include a review of any known past crimes in the building (if it’s built and operating), along with an evaluation of the type and rates of crime in nearby office buildings, and in the immediate area. Local law enforcement will usually provide area data. In a dense “downtown” area, several blocks in each direction should be evaluated. In suburban or exurban areas, a 1,000-foot to one-mile radius around the building may be used.

There is, unfortunately, no "cookie-cutter" plan that will secure each and every type of office building. Some security measures can be designed into the building plans and installed during construction or renovation; others will need to be developed then implemented or installed after tenants have been identified and operations begun. Developers and management of each building will have to identify their specific security needs, starting by conducting a risk assessment.

Security Risk Assessment

A security risk assessment (an exhaustive examination of the existing building and any surrounding property, including a review of the building plans and any security processes, policies and procedures) should be conducted. Local laws and codes pertaining to security measures, fire life-safety codes, and building evacuation requirements should also be reviewed. Observations of the building site should be made at various hours of the day and night, and also on weekends to determine “customary” activities and traffic patterns. Based on the identified threats, plus any identified gaps or shortcomings in security (vulnerabilities), developer / owner / management can start to develop an overall security plan, including cost-effective counter-measures.

Where management does not have qualified expertise on staff, or such staff is not readily available to conduct a security survey due to other commitments, an independent, non-product affiliated security consultant should be retained to assist.

Crime Prevention Through Environmental Design

Many security professionals advocate the use of Crime Prevention Through Environmental Design (CEPTED) principals to reduce crime risks. Multiple studies suggest that most criminals select their targets using a rational decision-making process that is influenced largely by the criminal’s perception of target availability and vulnerability. Most criminals want an “easy” target, and don’t want to be identified committing their crime. Accordingly, CEPTD principals are based in part on:

	Natural surveillance – reducing “blind spots” and other measures to increase the ability of occupants and casual observers (police on the outside and legitimate visitors inside) to see and monitor persons and activities. This includes sufficient numbers and size of windows for visibility in and out, along with low shrubs and high tree canopies so as not to obstruct visibility;
	Territorial Reinforcement – Establishing some sense of “psychological ownership” and responsibility among building tenants and employees so as to increase their vigilance, and the likelihood that they will defend “their” property against incursion by challenging intruders or reporting suspicious acts;
	Natural access control – using doors, walls, shrubbery and other natural or manmade obstacles to direct vehicle and pedestrian traffic to limited numbers of controlled access points; isolated or "risk" areas such as loading or delivery docks should receive special attention, including increased lighting, locking, and observation (patrol, alarm, or when a building security staff is present, CCTV) - all to deter or prevent unauthorized access to the building while monitoring activities; and,
	Maintenance and management – owners / operators taking steps to ensure that the building looks well cared-for and crime-free in such areas as lighting, paint, signage and the prompt repair of broken or defaced items. This sends a message to criminals, and others, that someone cares and is “looking-out” and responsible for the building.

Parking and Adjacent Spaces

Special attention should be given to any underground, adjacent, or attached parking spaces, surface lots or garages. These are frequent targets of criminals committing theft from and of automobiles, plus robbery, rape, and car-jacking (all sources of lawsuits against building developers, owners and operators).

I recommend that interior garage lighting be a minimum of 6 foot-candles (measured both vertically and horizontally) throughout the garage, 24-hours per day. Sunlight seldom adequately enters garage interiors and cannot be relied upon. Vehicle and pedestrian entry or control points require at least 15-20 foot-candles of illumination. Interior walls and ceilings should be painted with a glossy or semi-glossy white paint to increase light reflection. Pillars and ramp corners should be painted in contrasting colors for driving safety.

For surface lots I recommend a minimum of 3-foot candles of light (measured vertically and horizontally), preferably controlled by timers or photoelectric cells. Lot boundaries can be marked with low walls, hedges, planters, shrubs (less than 18” in height and with tree canopies not less than 10’ above the pavement), or a change in surface color or texture. This is designed to provide a clear demarcation of where specific “private property” starts, and psychological deterrent to trespassers and criminals.

Access Control

Because most security incidents occur inside a building, special attention should be given to controlling building access. While tenants and visitors require access, freedom of access to buildings and particular offices in them is also very important to criminals. The nature and level of access control (along with visible security measures such as CCTV cameras in office building lobbies, hallways and garages) also establishes the building’s security culture or "image", which is important in deterring criminals.

In cases of small office buildings, management frequently leaves the doors open for tenants and visitors. If the risks are relatively low, this may be acceptable during the office-day. Locks on all exterior doors which are closed at night should always be of high-security commercial grade, with their exterior hinges "pinned" or welded to prevent removal. Because the perimeter access points to the building are not well-controlled, interior doors to individual offices should also be of high security materials and locking devices.

As an alternative in buildings with only a few tenant employees, general building access might be controlled with each employee having a key, or a card operating a simple front and back door electronic card access system. Visitors and delivery persons would have to use a building directory intercom to seek admittance. Depending on the system, tenants would then remotely "buzz" visitors in (convenient, but not very secure), or be required to physically go to the lobby or entry door to admit visitors.

Where stricter access control is necessary, buildings might use a receptionist or security officer (proprietary or contract guard company) to screen all visitors and employees. Where there are more than 75 employees, or there is high-turnover in employees, then use of a building or tenant issued photo ID card for visual screening is recommended. An alternative, especially in larger buildings or those with higher risk, is use of an electronic card access control system by all tenants. When card access systems are used, employees/tenants can be processed automatically through one or more lines, while visitors can be directed to a special line for screening and bag search (if desired or required). Temporary (time expiring) badges could be issued to visitors who have been "approved" by tenants, or for access to "public" offices.

Note that most mid to large office buildings (five or more stories) will require a combination of technology and manpower to adequately address their security needs. Systems and hardware alone won’t accomplish the entire task, and neither do guards. Integrating both into a comprehensive security plan is usually required.

Special attention should be given in all buildings to “common areas” such as lobbies and hallways. Because they are often used to facilitate thefts or sexual assaults, both men and women’s restrooms should have lockable doors requiring key access.

Attacking the Building

Malicious vandalism, and major damage by disgruntled building or tenant employees might be directed against the building itself, rather than directly against the tenants or their property. Management should secure access to the building ventilation system and electrical and telephone rooms, including any access points on the individual floors. Accessible utilities (water, power and gas) on the property, but outside the building, should also be secured. Openings permitting access to the building from the roof should be secured against entry from the outside if the roof is accessible from nearby (within 15 feet) buildings or trees.

Emergency Planning

Every office building should have an emergency plan that mitigates the impact of any security breach or other disaster. Special attention should be given to developing and practicing building evacuation plans. While evacuation drills for fire and bomb threats are inconvenient, they are critical to life-safety and should be performed at least once each year. Building tenants and employees are constantly changing. They are less likely to panic in an emergency if they have gained confidence by practicing evacuations and know what to do. And lives will be saved!

Periodic Review

Finally, whatever security plan is developed and implemented, it should be periodically reviewed to ensure that it is in fact operating the way it was originally designed by the developer, architect and operator, and that it continues to adequately address the changing threats to the building and its tenants. If management does not have the in-house capability to do so, a non-product affiliated security consultant should be retained to assist with the security review or audit, and to provide an independent, un-biased viewpoint.

Today it is not enough just to be prepared for office building emergencies. In the wake of September 11^th, building tenants, employees and visitors are seeking a sense of order and predictability in their workplace, and security against criminals and other controllable threats. This requires a comprehensive and continuous approach to security by building developers and management from design through daily operation.

If you have a current need or concern, give us a call to discuss your situation… we can usually help!

Ask us about our Service Guarantee… or see the link under that name in the upper left of the entry page.