When it comes to securing a facility against electronic and/or physical penetration, the benchmark that needs to be achieved is referred to by security professionals as SID, for Security in Depth. At its heart, SID refers to all of the factors that both reduce the probability of penetration, while at the same time enhancing the probability of detection before any penetration can occur.
Layers Equal Leverage
In the Newtonian world of counterespionage, for every high tech action, there is an equal and opposite reaction. What this boils down to is the fact that there is no single security parameter or electronic device that is one hundred percent bulletproof from an SID standpoint. Alarms can be deactivated; guards, dogs and motion sensors can be spoofed; and CCTV cameras can be disabled. To achieve a high level of SID, all these items need to be layered so there is no single point of failure that can be leveraged by an adversary in order to breach a facility’s security.
A Security Audit Is Step Number One
Before you can determine which layer or layers of security will best mitigate the threat of a breach, it is vital that a security audit be performed by an Accrediting Official (AO) in order to survey the existing security already in place. Another factor that needs to be considered by the AO is the type of facility to be secured. The established security protocols for an embassy compound are not going to be the same as a military installation, government compound, or contractor facility. Both the facility and its surrounding environment must be considered in terms of security.
Such factors as controlled or uncontrolled office space, adjacent buildings with separate access controls, alarms, elevator controls, stairway controls, and the procedures that permit and bar access must be assessed and coordinated as part of the SID audit. SID also requires that at least one of the following mitigations be applied to surrounding structures: fenced compounds with access restricted by a controlled vehicle and/or pedestrian gate, alarm equipment installed in accordance with the manufacturer’s instructions, guard patrol, and surveillance equipment to include motion sensors and video cameras.
While the AO may develop additional strategies to mitigate risk and increase the probability of detection based upon the results of the audit, the cost of mitigating any potential security threats far outweigh the consequences should a breach occur.
Ed Meskel is vice president of SCIF Global, a Jacksonville, Florida firm that specializes in the design, construction and shipping of Sensitive Compartmented Facilities worldwide. To learn more about SCIFs, visit http://scifspace.com or call 855-524-SCIF.