February 19, 2015
Let’s rewind 20 years in school campus security, for both primary and secondary institutions. Some things remain the same – but overall there have been substantial changes. Going two decades back, schools had intrusion systems, and especially at the grade school level, were not very much different than today. The objective was to protect schools from simple crime, most of it anticipated to be of the petty crime category such as theft and vandalism. Occasionally, there were isolated threats involving student arguments and aggressive behaviors. In general, the security system was turned on at the end of the school day, and the building locked up. Some degree of patrolling was incorporated, intrusion alarms, law enforcement patrols, and perhaps a night watchman.
The security needs at universities were somewhat different. While there was also the threat of property crime and theft from the staff, students and outsiders, the campus buildings had to remain open into the night, and the premises needed to allow access for students, faculty, administrators, visitors and service providers. This created additional campus challenges that were addressed in various ways, but comprehensive security plans were very often not developed or implemented
An Unanticipated Incident Impacted Campus Security Forever
The tragic Columbine High School massacre occurred on April 20, 1999 in Colorado. It was an elaborate planned attack by two senior students that took the lives of a teacher & 12 students, while injuring over 20 more. At the time it was considered to be an isolated event. However, in retrospect, it was a precursor to a number of similar events that were to happen years later. In April 2007, a lone shooter killed 32 people and wounded 17 others on the Blacksburg campus of Virginia Polytechnic Institute and State University forever impacting our nation. With advanced telecommunications, the news of the shooting went global, and media focus pushed public awareness and political agenda forward. Learning institutions scrambled to upgrade their security systems, increase protection, and demonstrate that security was being incorporated. Many schools had security systems now in place, and being monitored, but an important element was often missing: professional level oversight. Installations of hundreds of surveillance cameras may give the appearance that a school is taking necessary security measures, but they may not be inspected regularly or functioning properly, and monitored without a diligent and comprehensive overview. New video security systems for schools were sometimes installed by multiple companies on the same campus, with no coordination between college annexes and other remote facility buildings that were serviced by yet another third party security vendor, and monitored completely separately. So while more advanced systems were available, their effectiveness was contingent on the master plan developed within each individual educational facility.
Current Assessment of Campus Security
School security has progressed in a very positive direction as we move now into the middle of this decade. There are components that security experts like myself input as part of our daily work, and recommendations that include a very high level of coordination, continuous evaluation and upgrades, and diligent management. Academic institutions absolutely must have policies and strategies which beyond equipment installs have to also encompass continuing administration, maintenance and monitoring. No facilities are cookie cutter variety in shape and size, infrastructure, or geographic location; they all have their own makeup and physical layout, and school campuses need to be safe while open for access 24/7. Accordingly, there is no one perfect across the board security strategy. It is important for administrations and internal teams to comprehend fully that all security installations and implementations are nothing more than just tools. It is problematic when complacency sets in. It is crucial that all programs in place are in constant review, because a campus can no longer assume that everything will just be OK.
School Campus Potential Vulnerabilities
Additionally, the industry is waking up to potential vulnerabilities in IT based school video surveillance systems. Everything needs to be encrypted. Situations were experienced where default settings were not changed during the installation process, enabling an easy hack into the sophisticated systems. Emanating in Russia, someone publicized a number of camera feeds simply by accessing a monitoring website and entering the default ID’s and passwords. This level of security has to be installed by a professional with specialized expertise. From a cybersecurity standpoint a building energy management system can potentially be a weak link that can be exploited to gain access into the information network. Often, university facilities are involved in government research, and critical information can be compromised by a breach in security. There are also privacy and compliance issues and legal ramifications if financial and personal information becomes compromised. Risks, threats and vulnerabilities can be diminished, but it takes much more than just a solid IT person and core systems, and more than the internal facility staff.
Key Components of Security
- School and campus ID cards are an elementary piece of security technology – but they are a very big one! This is the area of access control, and in the secondary school sector that encompasses the entire campus including residence halls, labs, cafeterias, sport facilities, etc. There is a high population turnover, so management of ID’s is difficult for many academic institutions to do on their own with just their internal resources and team.
- Security system tools are installed in many academic institutions and numerous schools have spent a substantial amount of revenue on these security systems items. That alone does not ensure that they are properly maintained or incorporated well into a comprehensive strategy. Security experts can provide a solution by evaluating and determining how their operation functions, and subsequently keeping the tools – that help prevent incidents or detect activity – functioning properly. Systems software can also be monitored remotely, from a central control center providing analysts a view of the entire security landscape.
- Consulting is generally provided by vendors who attempt to advise and guide as to how to install systems. Often times they do not have the operational expertise to completely evaluate risks, threats, vulnerabilities, and ongoing compliance. Additionally, when there are multiple vendors on different sites – more than one campus /annexes, etc. – there are many components that can be disjointed. A higher level of consultancy is recommended. An expert in school campus security and risk management can offer a total evaluation, establish processes, implement solutions and help focus in on the total security landscape.
- Data Analysis creates a helpful stream of information as to what is REALLY happening on your school campus. In a short time there will be enough data outlining a clear overview, which establishes the norm. With that, it is easy to see what happens outside of the normal activity and the full view of isolated incidents, and red flags anywhere across the campus. The security experts can then put three of four things together to clearly see and analyze the trends – such as how many people populate certain buildings. This information is valuable for a whole number of considerations such as consolidation possibilities. Diligent security specialists are trained to establish and identify key indicators that signal potential vulnerabilities.
Regardless of the huge amount of money spent on security within a campus, it takes continuous review and strategy, and the preeminent question to pose is: Does your campus security expert currently have all of the elements in place and under control to ensure the highest level of protection? If your answer is not a definitive “YES” – we recommend undertaking a physical security risk assessment by a third party.
School & Campus Security Moving Forward
In New Jersey, 85% of campuses and school districts have spent additional money to improve security after the Sandy Hook incident. Recommendations can be acquired from security experts outside of the administration and the institution’s internal security team, but the success or failure of it all is contingent on how well those recommendations are implemented – and that is up to each individual school, college or university. The current climate is that no one is really totally satisfied with where campus and school security is at – more than half the population says that it is not sufficient. It is a complex problem to solve, physically, culturally, and socially. Campuses are investing heavily in technology but are challenged with how to use the technology, establishing processes while ensuring they are followed, and making certain that the systems (tools) are doing the job they are intended to do.