Security in High Performance Buildings: Four Pillars to Success
Frazer Holmes, global market leader for security with our High Performance Buildings Group in Melbourne, Australia, discusses the importance of early collaboration with security experts during the design process to deliver smart buildings.
Why you need a secure high performance building
Optimizing high performance buildings for maximum efficiency is a key focus for asset owners and facility managers. Optimization involves integrating all major building attributes, including operational efficiency of its occupants, energy efficiency, durability, and lifecycle performance. To effectively support efficient building operations, occupants need to be able to perform their roles safely and securely. Security plays a key role in creating this operating environment through the appropriate deployment of security treatments, guided by a philosophy and framework of risk management.
Considering security early in the design of a high performance building can lead to efficiency benefits over a building’s life cycle by reducing maintenance costs of security technology, maximizing loss prevention throughout the building itself, and minimizing manpower requirements. All of these can be facilitated by considering security in the architectural layout of the building itself, while supported by a professional security consultant early in the design process.
Cyber, physical, electronic, and procedural security: The differences explained
A secure high performance building diminishes the probability and impact of security incidents; however, different facets of security create a robust and resilient building environment. Generally, these facets are separated into cyber, physical, electronic, and procedural security.
Cybersecurity is a collection of technologies, procedures, and practices designed for the protection of computer systems from an attack, theft, unauthorized access or damage to hardware, software, electronic data, or network. In high performance buildings, cybersecurity takes center stage when compared to traditional high-rises, particularly due to the increased reliance on integrated services platforms, sensor nets, and sophisticated control systems that could allow a malicious actor unprecedented control and access to a building’s operation.
On the other hand, physical security refers to the physical protection of people, tangible assets, and property from circumstances that may result in damage or loss. Typically, this includes the physical layout of a building and the barriers, locks, controls, walls, vaults, and safes allowing access to authorized people and disabling access to unauthorized intruders. Physical security is most effective when integrated into the architecture and has proportionately more architectural and aesthetic impact the later it is considered in a project.
Within the context of physical security, electronic security is the deployment of security technologies such as closed-circuit television (CCTV), electronic access control and intrusion detection systems, intercoms, and other technologies to enhance the security operations within a building. Security technology such as cameras and swipe cards are often the first things that come to mind when people think of building security, but they are just one tool and are often used as a way to better leverage security manpower in keeping a building secure.
Finally, procedural security describes the measures concerning a process, policy, or an established routine that must be followed (i.e., standard operating procedures) for monitoring and response by building staff. Procedural security is what facilitates effective security manpower deployment and reinforces the responsibilities of non-security staff in security activities. Security officers and facilities staff, such as receptionists, who lack proper training or guidance through a suite of procedures, can lead to inconsistencies and inefficiencies in security operations.
Integrating security approaches
Prior to the integration of the types of security mentioned above, cyber, physical, electronic, and procedural security were traditionally applied as separate components. However, as threats have grown more sophisticated and building owners are expected to respond more rapidly to the constantly changing environment, omitting any of these security types can still leave gaps in your security plan.
Cyber, physical, electronic, and procedural security all have their parts to play and rely on each other to enhance and maximize their effectiveness. Like many things, with security, the whole solution is more than the sum of its parts. Examples of this interdependence include:
- CCTV cameras being ineffective at supporting a timely response to a security incident without live monitoring by trained security officers
- Cybersecurity measures such as firewalls, encryption, and cyber intrusion detection become moot if attackers can steal the physical IT hardware storing sensitive data using brute force at their leisure off site. Critical IT equipment must be in a physically secure environment.
- Physical security design, such as a minimization of building entrances, can reduce the need for expensive electronic security deployment
- Electronic security such as CCTV and access control systems rely on cybersecurity measures to remain operational in the face of a technical attack. Hackers who can subvert the security systems will enable a much more effective physical intrusion into a building.
- All the electronic and physical security in the world can eventually be overcome by determined attackers given enough time. At the end of the day, it is the manpower facilitated by procedural security that will bring a resolution to security breaches.
Collaborative design approach
Oftentimes, security is not considered until the architectural or fit out design is already completed. This is often because security is solely seen as a minor building service that is not impacted by the larger building design context.
The assumption that security consists purely of security guards, CCTV, access control cards, or ID badges is generations out-of-date. Modern security solutions and integrations within high performance buildings require a holistic and tailored approach that is best applied through early engagement with specialist security consultants rather than engagement with building services engineers later in the building design process. By doing so, high performance building owners and operators can realize the benefits of a secure environment over a building’s life cycle.
