Security Assessment

Choose two of the four settings from Ch. 9 and carefully review the accompanying summaries, bullet points, and floor plans.

Complete a security assessment for each setting using Appendix G.

Provide at least two countermeasures specific to physical security and one countermeasure specific to personnel or security management for each setting. Explain your choices.

213

A Sampling of Settings

After reviewing the basics in Part I and then taking a look at the multiple lay-
ers of security that can be applied to any target environment outlined in Part
II, readers will begin to see how ideas about security and the process for iden-
tifying security objectives begins to take shape. Chapter 3 provided a series of
snapshot scenarios to use to consider how some of the basic threat and risk re-
lated security concepts from Part I could be discussed in various settings.

Those new to the security industry may have difficulty in their initial efforts
to apply these concepts in different environments. This is an acquired skill and
takes some practice. So practice. This chapter provides an opportunity to play
with the ideas presented in the text so far, and will allow you to play with these
ideas more fully by offering the chance to consider these ideas in four fairly
comprehensive, yet totally fabricated, target environments. In class we call this
“target practice.”

The target environments include a bank, an airport, a school, a hospital,
and a convenience store. Think about the security issues you are likely to en-
counter and then plan a security response for each of these settings. Consider
an abbreviated list of the topics discussed in the book so far: threat identifica-
tion, assessment of risk levels, physical security, asset protection, information
security, computer security, personnel issues, and security management. Your
goal is to take this information and develop a clear set of security objectives.
Maybe you even want to provide an integrated system. Maybe you want to
identify the threats to the environment. How would your evaluation differ if you
do it by yourself, or if you do it with two other students? How much research
can you do to help you make decisions about the threat list and possible coun-
termeasure responses?

Certainly, there is no way to provide information about any environment in
such a short scenario. Consider the information provided in this chapter to be
only general background information. Get to know the setting by looking at the
relevant sample floor plan, and then begin the process of identifying and ex-
ploring information about securing that particular environment. Even with the
floor plans provided, you will have to make some assumptions about the set-
tings. If you get stuck, make a note about the information you think you need
in order to move forward with a decision and then move on to other things.
These exercises are appropriate for individuals, groups, or for the entire class,

C H A P T E R

IS
B

N
:
0
-5

3
6
-9

1
2
7
1
-8

214 CHAPTER 9

if you have one. They are always fascinating, loads of fun, and, without excep-
tion, informative.

USING THE STRUCTURE OF THE TEXT AS A GUIDE

One approach to using this chapter might be to do a security evaluation for
each setting, based on the information presented in the previous chapters. For
each setting, review the basics from Part I, including environmental conditions,
threats, risk levels, and countermeasures, and then expand on those to include
the internal security issues presented in Part II. Again, these are physical se-
curity and asset protection, information and computer security, and personnel
and security management. Think about how these distinct elements of the se-
curity response could be integrated and connected into an overarching security
plan. No two readers will develop exactly the same plan, and that is fine.

The objective here is to take time to think through the layers of security
and spend time considering the breadth and depth of their importance in a spe-
cific target environment. Security must be seen as being bigger than just buy-
ing cameras and contracting with an alarm company. Attention must be given
to the concepts, the essential pieces of the larger security system. I teach my
students that specific information may not always be useful, but if you under-
stand the concepts and general principles behind the specifics you can take
that information anywhere and make it work for you.

Consider using the plan in Exhibit 9–1 as a guide to the chapter. Note that
public law enforcement, legal liability, and disaster responses (including acci-
dents and emergencies) are involved in an overall security management strat-
egy, but they are discussed in Part III as external connections. After spendin

time with Chapters 10, 11, and 12, revisit these scenarios with an eye toward
linking your existing security objectives with these external connections.

The Selected Settings

Each case study begins with a sample floor plan that I made up. Information
collected from recent journal articles and trade publications about that type of
target environment follows. This information is not exhaustive. Just as in real-
life target environments, security professionals get to know what else they
need to know by going beyond the information provided. Readers may choose
to look beyond this information and bring in additional resources. It is not the
job of the people working within the environment to provide a security profes-
sional with everything he or she needs to know about security in that setting.
Security professionals must research both their environment and environments
with similar security-related concerns, in an effort to better serve the needs of
the target setting. Such is the task you now have before you.

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

A SAMPLING OF SETTINGS 215

Exhibit 9–1 Proposed Plan for Reading about Each Setting

1. Draft a list of individual security objectives for areas within the target environment.
2. Draft a statement detailing the overall security objectives for the target environment.
3. Identify a list of likely threats and assign related risk levels.
4. Consider the physical security concerns.

• Using the “layer of defense” process or the “interior/exterior” threat identifica-
tion process, discuss physical security options.

• Identify technologies that would be useful in the setting to ensure physical
security.

5. Consider asset protection.
• What areas in the environment include assets important to the company?
• What actions should be taken to enhance security for these targeted areas?
• What assets are going to be particularly troublesome to protect?
• What specific conditions may make providing adequate security difficult?
• What technologies would be useful in the setting to protect the assets?

6. Consider the information and computer security needs.
• What information in the target environment needs securing?
• What would a policy and procedure manual for that environment contain?
• What computer system (networks, etc.) are at work in the environment?
• What vulnerabilities are likely to exist in the computer systems?

7. Consider the personnel issues.
• Is it better to use contract or proprietary security personnel in the environment?
• How should hiring and employee selection be handled in the environment?
• What groups of people will spend time in the environment?
• What responsibilities will nonsecurity personnel within the environment have

for security?
8. Consider the security management concerns.

• What role do different divisions of the company plan in security?
• What is the structure of the group of security professionals within the target en-

vironment?
• What authority do the security professionals have?
• What coordinating efforts are necessary for addressing a threat?

9. Consider the goal of integrating security objectives.
• How do agencies and divisions within the target environment relay information

to each other?
• How do agencies and divisions relate to each other?
• How do agencies and divisions relate to the overall security objective?

10. Think about the generalizations you have been forced to make during this exer-
cise. Which of your responses might change as a result of adding additional in-
formation about the site-specific conditions in a given target environment?

Another thing readers may want to keep in mind is the fact that many large
environments (e.g., hospitals, airports) will have different people in charge of
different aspects of their security and/or management operation. Most security
professionals do rely on other security professionals. For purposes of this chap-
ter, however, readers should imagine that they are the security manager
charged with directing the development of the overall security plan in each
setting.

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

216 CHAPTER 9

TARGET ENVIRONMENT: HOSPITAL

Hospitals (Figure 9–1) must be prepared for everything. If there is an accident
involving multiple victims, the hospital must be prepared to address the needs
of a large number of people—sometimes without much notice. Most hospitals
have many different parts, including maternity wards, operating rooms, recov-
ery rooms, intensive care areas, emergency rooms, patient waiting areas, phar-
macies, gift shops, and food service areas. There are different security con-
cerns for each division.

Specific threats in the hospital will differ, depending on the area of the hos-
pital. Risk levels associated with those threats may also differ. Consider the fol-
lowing issues as they relate to the security needs of a hospital:

• Most hospitals are shifting paper medical records to computer databases
that contain electronic medical records.1 Hospitals, like other organiza-
tions in other industries, are moving toward an organized information
system, with a chief information officer coordinating this effort.2 How can
patient information be protected yet still readily available to medical
personnel?

• Between 1983 and 1998, 103 babies under six months of age were ab-
ducted from health care facilities by nonfamily members.3 Newborns
were taken from the mother’s hospital room, the nursery, the pediatrics

Main
Entrance

Patient Registration

Administrative

Offices

Gift Shop

Main Lobby

Radiology

Surgery Center

Surgery
Recovery

Surgery Consultation

Surgery
Waiting Area

Cashiers
OP

Pharmacy Emergency
Department

Cafeteria

MRI

Laboratory

Emergency
Waiting area

Triage

Outpatient
Services

Outpatient
Entrance

&
Waiting

Area
Emergency
Entrance

E
R

R
e

g
ista

tio
n

FIGURE 9–1 Sample Target Environment: Hospital

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

A SAMPLING OF SETTINGS 217

unit, or elsewhere on the facility property. Most of the babies have been
recovered; six remain missing.4

• Hospitals with psychiatric wards face additional threats and risks.5,6

• Various steps must be taken by hospital personnel to prevent the trans-
mission of disease. One of the most prominent occupational risks to
health care workers is exposure to blood-borne viruses. While disease
transmission to workers can take place in various ways, much research
has been done on the process of taking blood from the patient.7

• Hospital emergency departments experience many security problems.
People who are under stress, either as a patient or as the family mem-
ber of a patient in a life-threatening situation, can be extremely de-
manding—so much so that hospital staff may require security resources
to get their job done. Often understaffed due to budget cuts and over-
flowing with patients who use the emergency department as a “walk-in
clinic,” emergency departments must deal with people who yell and get
irate because they are not being attended to as quickly as they think
they should be.8

• With cuts in social assistance, more people are coming in with more so-
cial problems. “You get a lot of street people, a lot of psychiatric patients
and drunks.”9

• The implementation of managed care systems (including health mainte-
nance organizations) has health care professionals frustrated with the
frantic pace they must keep, which they blame on the change toward
managed care coverage.10 Jobs are being cut, and people are nervous
about losing their jobs.

• Hospitals are introducing computer-controlled drug vending machines,
like the Pyxis Med Station System 2000. One hospital reported that the
new system jammed two times in one hectic weekend, making the drug
supply unavailable.11

• Hospitals that provide acute care and operate at bed occupancy levels of
90 percent or more face regular bed crises, which place patients at risk.12

• It is recommended that medical equipment or utility system components
that are deemed “critical to patient safety” have emergency procedures
including backup systems in the event of malfunction or failure. “Critical
to patient safety” means that the equipment or component includes life-
supporting, life-sustaining, or other critical equipment whose malfunc-
tion would result in an “adverse patient outcome.”13

• Hospitals are deciding how to best provide quick access to data and fur-
nish referring physicians with relevant data while also maintaining pa-
tient privacy. Some hospitals use a computer program that provides ac-
cess to information electronically from any Web browser on the hospital’s
computer network.14

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

218 CHAPTER 9

• Certain types of protective clothing are more effective at filtering infec-
tious agents and, therefore, can help health care workers reduce expo-
sure to several pathogens that are borne in blood and body fluids.15

• A California-based health care association estimates that 1500 of the
2700 hospital buildings in the state could collapse during a serious earth-
quake.16

TARGET ENVIRONMENT: AIRPORT

Airport (Figure 9–2) security is increasingly a feature of national and interna-
tional news. As the airline industry expands, as people increasingly travel for
business and pleasure to all parts of the globe, the industry is forced to con-
front some new challenges. Aviation disasters create disturbances for the in-
dustry and the traveling public. Within the next decade, the number of annual
U.S. aircraft passengers is expected to be 1 billion.17 Threats of terrorism result
in increased security efforts, which can lead to flight delays and unhappy pas-
sengers. The causes of some aviation disasters may never be determined. After
four years of investigation and recovery of more than 95 percent of the wreck-
age, the cause of the crash of TWA flight 800 is not known.18 The federal gov-
ernment’s response to this tragic crash included the implementation of height-
ened security measures at all airports and the creation of a White House

R
u

n
w

a
y

T
a

x
iw

a
y

Baggage
Claim

Ticket Counter
Customer
Waiting
Areas

Flight School

Parking

Terminal
Entrance

Hanger
Small Planes

Air Traffic
Control

Facility
Maintenance

Machine
Shop

S
n

a
ck A

re
a

FIGURE 9–2 Sample Target Environment: Airport

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

A SAMPLING OF SETTINGS 219

Commission on Aviation Safety and Security. Reducing unknown risks in air
travel comes with direct tradeoffs. “Each measure to improve safety and secu-
rity can have an impact on the direct costs to travelers, delays, convenience,
civil liberties, fatalities, and taxpayer costs.”19 Consider the following issues be-
ing discussed in the aviation industry:

Considerations Identified Prior to 9/11

• In 1998, the National Transportation Safety Board received 2210 reports
of commuter and private aircraft accidents within the United States, and
these accidents resulted in 641 fatalities.20

• Thieves in airports are targeting laptop computer owners. By employing
distraction techniques, the thieves are making away with the computers.21

• Enhanced security precautions allowing only ticketed passengers into
gate areas do not permit entry for persons traveling with the new elec-
tronic ticket, or e-ticket.

• An airport in southwest Florida has been using a dog to scare away birds;
collisions between birds and jets last year cost the U.S. civil aviation in-
dustry an estimated $300 million in damages.22

• In August 1999, a sting operation at Miami International Airport high-
lighted security concerns about airport employees. The relaxed nature of
checks on prospective employees has been a real problem.23

• Strikes or sickouts by air traffic controllers, flight attendants, and pilots
have disrupted airline services to passengers.

• Airport security managers can implement a new technology, called threat
image projection, to test the alertness of the security screeners. The tech-
nology projects a simulated threat into an actual bag, for example.24 The
system projects simulated objects, such as a handgun, into a bag as it
moves through the X-ray machine to see if guards make the observation.

• The Coalition for Airport and Airplane Passenger Safety (a group of labor
unions representing firefighters, airline pilots, flight attendants, and
workers in a number of airline trades) prepared a report titled “Surviving
the Crash: The Need to Improve Lifesaving Measures at Our Nation’s Air-
ports.”25 The report suggests that passengers and workers at U.S. air-
ports are not adequately protected from a variety of life-threatening con-
ditions.26 (The Federal Aviation Administration [FAA] disagrees with the
findings presented in this report.)

• Outdated FAA regulations are to blame for firefighter and rescue units not
being properly staffed, equipped, or trained to respond to crashes and
other emergencies. In addition to being unprepared for aviation disasters,
airports are woefully unprepared to address terrorism threats, accidents
involving hazardous materials, medical emergencies, and problems that

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

220 CHAPTER 9

might result from such a heavy concentration of passengers in the airline
terminals.27 (The FAA disagrees with the findings in this report.)

• Traveler fatigue and frustration are becoming increasingly evident, with
high-profile incidents resulting in the need for security intervention.28

• There is concern about the state of explosive detection technologies,
their lack of reliability, the frequency of false alarms, and the delays in
processing passenger baggage. The FAA has certified only one explosives
detection machine (the CTX 5000) for checked baggage screening. The
certified machine has an actual “throughput rate” that is much less than
the designed rate of 500 bags per hour; thus, two units are necessary to
meet the FAA’s throughput requirement. Even with two machines, there
is significant potential for operator error. It seems likely, for example,
that in the press of rush hour, operators will start ignoring “positives” to
reduce the ire of busy travelers. Estimates are that it would cost $2.2 bil-
lion to put these detection machines in the 75 busiest airports in the
United States.29

• Proposed programs to match passengers with bags by checking claim
tickets, for example, could add an estimated $2 billion annually, com-
pounded by the need to find additional personnel and additional time to
implement the programs.30

• The Computer-Assisted Passenger Screening program, developed by
Northwest Airlines, is being used in over 240 cities to screen passengers
in an effort to prevent terrorism. Customer information is matched against
undisclosed criteria to determine whether the passenger’s luggage should
be subjected to additional screenings. The passengers are not informed
that the additional screening is taking place.31

• Surface capacity at airports is increasing, and existing ground control ef-
forts are argued to be insufficient to prevent collisions on the ground.32

• In bad weather, both pilots and air traffic controllers require critical in-
formation on airport conditions and relevant traffic.33

• Personal identification and verification of airport personnel is essential.
• Most airports deal with cargo and freight transport as well as passenger

transport, although this usually happens in a different section of the
airport.

• Investigators from the FAA conducted a battery of 170 tests at eight U.S.
airports. They gained access to restricted areas in 117 cases. Of particu-
lar interest is the fact that once they had entered secure areas, they were
able to board aircraft operated by 35 different aircraft carriers. Violations
that allowed access to restricted areas included an absence of personnel
assigned to the task or lack of awareness and willingness to enforce the
existing procedures.34

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

A SAMPLING OF SETTINGS 221

• Questions have been raised about the role of vendors and other airport
tenants (fast food vendors, newsstands, mall shops, etc.) in meeting se-
curity objectives.35

Considerations After 9/11

• There are additional security checks of carry-on luggage.
• Vehicle check points are in place at many large airports.
• Increased numbers of Federal Air Marshals are on board commercial

aircraft.
• There is strong support for pilots to carry guns in the cockpits on a vol-

untary basis.
• Armed National Guard officers are posted throughout airports to in-

crease security.
• Some security experts say that an invisible wall of security, like that set

up in casinos, could help alleviate anxiety and inconvenience. This would
mean relying heavily on surveillance cameras and undercover security
officers. The possibility of profiling is expected to increase.

• The Transportation Security Administration (TSA), which oversees air-
port security, recently conducted tests and found that privately con-
tracted screeners missed fake weapons smuggled by undercover agents
in a quarter of the trials.

• The TSA has deployed federal screeners to 82 airports.
• The TSA has announced 145 Federal Security Directors, who are re-

sponsible for 380 airports.
• The TSA is accepting applications for positions in 420 airports and has

received over 1.1 million applications to fill some 52,000–54,000 federal
passenger and baggage screener positions.

• The Aviation and Transportation Security Act mandates that a sampling
of all checked luggage must be scanned for explosives after December
31, 2002.

SCHOOL SECURITY

Incidents of school violence (Figure 9–3) have been prominent in the media in
the last 5 to 10 years. Technological devices for enhancing security are becom-
ing fixtures in schools across the country. The most likely products used by
school security professionals include emergency communications devices,
badging systems, access control and alarm systems, closed-captioned television
(CCTV) systems, and metal detection or X-ray screening.36–38 Judging by the
incidents reported in the last decade, students could be facing various threats
that might require expanded emergency response plans. If evacuation is or-

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

222 CHAPTER 9

Food
Service Area

Faculty
LoungeAdministrative

Offices

Nurses Station

Stage

Cafeteria and Auditorium

Student Seating

Main
Entrance

Emergency
Exit

Rear
Entrance

Emergency
Exit

Kitchen

Playground

Grade
5

Grade
6

Grade
4

Grade
5
Grade
4
Grade
4

Grade
3

Grade
3
Grade
3

Grade
1

Grade
2

Grade
2
Grade
1
Grade
1
Grade
2
Grade
1

FIGURE 9–3 Sample Target Environment: School

dered, it is possible that students could be sent into the line of fire if snipers
wait outside the school. On the other hand, if a classroom lockdown is ordered
in an attempt to isolate students from attackers but the attackers used explo-
sive devices, students, faculty, and other staff may become victims. School se-
curity professionals (such as Curtis Lavarello, executive director of the Na-
tional Association of School Resource Officers) argue that much of the concern
about security in schools is directly linked to access to guns. While many peo-
ple are concerned about what they identify as an increase in violent crime in
schools, experts are constantly reminding people that “schools are still among
the safest places for children.”39,40 Some school officials argue that what is done
in schools to provide a safe learning environment will not ever be the same af-
ter the Columbine High School shootings in Littleton, Colorado.41 Consider the
following information about school crimes and crime prevention efforts:

• Safe School Crime Stoppers set up an anonymous hotline for parents and
students to call and report suspicious or unlawful behavior.42

• Most of the alleged killers in recent school shootings actually told other
people about their plans before they acted.43

• Violence occurs at greater levels in schools where minor infractions of
school policy are ignored.44

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

A SAMPLING OF SETTINGS 223

• School resource officers are used for security but go beyond the tradi-
tional role of security guard to developing relationships with students as
a proactive measure to prevent crimes.45

• Schools can enhance physical safety by taking the following steps:
1. supervising access to buildings and grounds
2. reducing class size and school size
3. adjusting scheduling to minimize students’ time in hallways or in po-

tentially dangerous locations
4. conducting a building safety audit
5. arranging supervision at critical times
6. having adults visibly present throughout the school facility
7. staggering dismissal times and lunch periods
8. monitoring the school grounds
9. coordinating with local police to ensure that there are safe routes for

students going to and from school46

• Creating a positive school environment by increasing positive encounters
in the classroom and school community is proving to be one of the most
effective ways to address potentially violent or disruptive behavior. Clear
expectations, consistent treatment, and just actions can go a long way in
addressing classroom fears.47

• Although windows are also vulnerable, doors are the usual access point
for intruders in schools. Choosing the right locks for entryways can be
critical.48

• Each year, on average, 9 children die in school bus crashes; another 26
die when hit by either the bus or a passing car.49

• “Peer mediation” is being added to school programs to help students re-
solve conflict.50,51

• Some school programs are rejecting metal detectors and bomb-sniffing
dogs in favor of programs focused on prevention and early detection.
One example is the Principal’s Student Leadership Group, in which kids
who are selected to help monitor incidents.52

• Signs that a student is troubled include excessive feelings of rejection,
expression of violence in writings and drawings, and overt threats.53

Other warning signs are a history of drug abuse, talk about suicide, a lack
of coping skills, a precipitating event, and no apparent emotional support
system.54 Schools must have a plan in place to help these students when
warning signs are displayed.

• One of the most troubling trends in schools is the increasing incidence of
bomb threats.55

• Arson, theft, and vandalism can be recurring problems for any school.
• A “war on drugs” is being waged in the nation’s public schools.56

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

224 CHAPTER 9

• Requiring students to wear uniforms is argued to reduce “acting out”
behaviors.57

BANK SECURITY

Clearly, banks (Figure 9–4) are one of the most notorious targets for theft.
These days, however, in addition to their traditional banking services, banks
have added automated teller machines (ATMs) and are expanding to include
banking services online. Banks are increasingly layering access control
throughout their facilities rather than just having perimeter security.58 Fur-
thermore, various techniques are argued to be excellent weapons against coun-
terfeit checks. These techniques include transaction reports, fingerprint signa-
tures, a training and award program for bank personnel, and the issuance of
security alerts. Consider the information in the following lists.

Banks in General

• The greatest financial losses to banks result from external check fraud
and internal embezzlement.59

• The prime time for bank robberies is from 10 A.M. to 3 P.M. with Friday
being the day of choice.60

• One type of secure entry that is being explored in various banks is a se-
ries of double-locking, bullet-resistant doors. A customer comes in

Safe and Safe
Deposit box Area

Bank Manager
Office

Loan
Officer
Office 1

Loan
Officer
Office 2

Te
lle

r
S

ta
tio

n
s

D
rive

T
h
ro

u
g
h

Te
lle

r S
ta

tio
n

S
to

ra
g
e

Security Passage
Way

Entrance
Foyer

Drive T
hrough Lane

A
T

Exit Enter

Customer Lobby

FIGURE 9–4 Sample Target Environment: Bank

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

A SAMPLING OF SETTINGS 225

through one door and must go through selected security devices (e.g.,
CCTV, metal detector) before proceeding through a second entry door. As
the exterior (or first) door locks, the interior (or second) door unlocks so
the person may proceed through. The system resets itself when the inte-
rior door is shut.61 These systems are more common in European and
South American banks and, at $40,000–$50,000, are quite expensive.62,63

• Today, sophisticated computer programs allow criminals to create corpo-
rate payroll checks that are nearly indistinguishable from the real thing.64

• One type of fraud that appears in banking institutions is the use of a le-
gitimate customer’s information by an illegitimate user. The legitimate
customer’s full name, address, Social Security number, and account in-
formation is used by the perpetrator, who then acquires a fake ID and
comes to the bank claiming to be that customer. In one bank, this hap-
pened three times in a year, to the tune of just over $50,000 in losses for
the bank.65

• Although the number of bank robberies is down, according to the Fed-
eral Bureau of Investigation (FBI), the number of incidents involving a
weapon and the number of cases that involve violence are up.66

• Some of the best information about robbery prevention comes from
analysis of the robberies that have happened across a chain of banks over
time. This allows the banking institution to zero in on vulnerabilities.67

• Title 12 of the U.S. Code, also known as the Bank Protection Act of 1968,
outlines minimum standards for the installation, operation, and mainte-
nance of security devices and procedures at financial institutions.68 It re-
quires all federally insured banks, savings and loan institutions, and
credit unions to designate a security officer, cooperate with and seek ad-
vice from the FBI and other law enforcement agencies, develop compre-
hensive security programs and implement protective measures to meet
(or exceed) federal standards, keep “bait money” (or money for which
numbers have been recorded), periodically remove excess cash from the
tellers’ windows and bank premises, and finally, develop stringent open-
ing and closing procedures.69

• Security cameras installed at a six-foot height can easily be covered over
with spray paint or disabled during a robbery.

• Computerized signature and photo records are a much more effective
means by which to verify signatures than the signature cards that have
traditionally been used.70

• Poor-quality security cameras can result in a picture whose resolution is
so bad that the picture taken is useless.

• The open design of banks often leaves tellers accessible and over-
exposed.71

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

226 CHAPTER 9

• Client information is as important as the money clients deposit. If clients
do not believe the bank will keep their information confidential, they
might take their money somewhere else.72

• The theft of data (e.g., customer accounts, customer profiles, credit
records, loan records) has compelled many banks to invest in access con-
trol systems.73

• Banks are reported to be interested in security systems that are conve-
nient, able to be networked throughout their entire system of bank
branches, sophisticated, and integrated.74

• Financial institutions want access control databases that can automati-
cally communicate with all other databases so that information can be
exchanged almost instantaneously.75

• Bank management wants access control features that are integrated with
other features (like CCTV and ID badging systems) to provide, for ex-
ample, visual confirmation in addition to the access record kept by the
access control system.76

• Online services are said to “save you hours of standing in lines, punching
a calculator, and juggling paperwork.” An increasing number of banks
now offer custom Web sites that let people pay bills and download bank
and credit card statements. Even better, the sites help people research
mortgage refinancing, find the best credit cards, and analyze their in-
vestments.77

• In 1998, approximately 1200 banks contracted for Web-based banking
designs. In 1999, over 7200 were estimated, with more projected to come
in the following years.78

ATMs

• In 1992, there were 70 ATM burglaries and attempted burglaries. By
1997, there were an estimated 200.79

• With the growing need for convenient access to cash, ATMs are more
common and less fortified. In 1985, there were approximately 44,000
ATMs; in 1997, that number had increased to approximately 165,000.80

• ATMs hold anywhere from $15,000 to $250,000 depending on the size of
the machine.81

• Satellite tracking systems are being used in ATMs as a means of retriev-
ing the equipment if it is taken.82

• Various ATMs in the United States and abroad are testing the use of iris
scan technology. A photo of the iris is taken and then converted into a
computer pattern. The pattern is compared to data on file. The process
takes about two seconds.83

• Fraudulent use of ATM cards costs banks up to $150 million a year.84

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

A SAMPLING OF SETTINGS 227

• Bank cards with magnetic tape are being replaced by “smart cards” that
store cardholder data. Smart cards are said to be infinitely more durable
and secure.85 From the moment smart cards appeared on the market-
place, hackers have been trying to crack the code.86,87

• Lighting is seen as an integral security feature for ATMs, but there are no
national guidelines about this lighting. In some places (e.g., New York
City) a city ordinance dictates the lighting standards required for
ATMs.88

CONVENIENCE STORE SECURITY

When looking at information about the incidence of robbery at convenience
stores (Figure 9–5), readers must be discerning. For example, a 1991 report
put out by the National Association of Convenience Stores (NACS) said that
during the 10-year period from 1976 to 1986 the number of convenience stores
doubled while the number of convenience store robberies remained relatively
constant, suggesting that the robbery rate per store was cut in half over that
10-year period, due in large part to the implementation of several deterrence
measures.89 These measures include (1) cash control techniques, (2) clear
sight lines in the stores, (3) prominent position of the cash register, (4) lack of

Stock Room
Manager’s OfficeEmployee

Lounge

Cold
Storage

C
o

ld
P

ro
d

u
ct C

a
se

Check-out Counters

Product Shelving

Area for
Self Serve

Items

Frozen
Product
Case

Freezer
Storage

Restroom
Men’s

Restroom
Women’s

ATM

Pay
Phone

Product Shelving
Product Shelving
Product Shelving

P
ro

d
u

ct S

h
e
lvin

g
P
ro
d
u

ct S
h
e

lvin
g

P
ro
d
u
ct S
h
e
lvin
g
Product Shelving

Delivery
Entrance

Enter
Only

Exit
Only

FIGURE 9–5 Sample Target Environment: Convenience Store

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

228 CHAPTER 9

escape routes, (5) balanced exterior and interior lighting on the premises, and
(6) employee training programs. Furthermore, the industry study took issue
with FBI data reported in 1990.90 It may not be surprising that the industry
projected numbers that were lower than the FBI’s. In 1989, the NACS study
projected 23,311 convenience store robberies compared with the FBI report of
36,435.91 For 1990, the NACS findings suggest 22,935 compared to the FBI-
reported 38,435 convenience store robberies.92

In 1992, Ron Hunter and C. Ray Jeffery outlined in their research that the
preventive measures endorsed by the greatest number of studies include (1)
having two or more clerks on duty, especially at night (a form of employee sur-
veillance); (2) cash handling techniques; (3) access control features; and (4)
natural surveillance.93 Hunter and Jeffery highlight elements of the Sessions re-
port (the FBI data) suggesting that between 1985 and 1989 robbery in conve-
nience stores increased 28 percent, representing the most rapid growth within
all categories of robbery during that period.94 While the NACS study suggests
crime rates were “cut in half,” the Hunter and Jeffery article suggests the “dra-
matic increase in convenience store robberies is of major concern to public of-
ficials and the convenience store industry.”95

The industry also disagrees with the FBI regarding the dollars lost at these
robberies. According to the NACS survey, register robbery in 1989 averaged
$173, compared to the FBI’s average of $364. As mentioned briefly in Chapter
8, the losses from theft are minimal when compared to the loss of business
from customers, who are afraid to shop in the stores; the loss of qualified em-
ployees, who are afraid to work there; and successful litigation by individuals
who have been harmed because of convenience store robberies.96

In one of the earliest studies of convenience store robberies (1975), Crow
and Bull found that the “results support the concept that robbers select their
targets and that physical and behavioral changes at the site can significantly re-
duce robberies.”97 Consider some of the following points of interest:

• The peak robbery period for convenience stores is between 9:00 P.M. and
11:00 P.M. That same study found that nearly 35 percent of robberies in
Florida occurred between 11 P.M. and 6 A.M.98

• Approximately 94 percent of all convenience store robberies had only
one victim. The robbery success rate does not increase as the number of
victims increases.99

• Crime prevention strategies supported by the NACS include the use of
signs indicating that the clerks have access to only limited funds, good
cash handling procedures, enhanced visibility inside and outside the
stores, alteration of escape routes, use of security devices, encouraging
activity in or near the store, employee alertness, and store cleanliness.100

NACS argues that if these recommended practices are followed, it will be

A SAMPLING OF SETTINGS 229

unnecessary to have multiple clerks on duty, use security enclosures, and
limit store hours (close stores at midnight).101

• Florida has some of the most stringent mandated prevention strategies in
the nation. The prevention techniques recommended by the Florida De-
partment of Legal Affairs include silent robbery alarms, security cameras
capable of identifying robbery suspects, drop safes or other cash manage-
ment devices, well-lighted parking areas, posted signs indicating that
there is less than $50 cash on hand, clear and unobstructed windows,
height markers at entrances, no concealed access or escape areas, cash
handling policies to limit available cash at any given time, employees
trained in robbery deterrence and safety, and two clerks on night shifts.102

• Handguns were used in 71 percent of the reported homicide cases in
convenience stores.103 Sixty-five percent of the homicides involved no re-
sistance or provocation from the clerk and were therefore labeled as
“random/senseless” violence.104

• Two-thirds of the reported rapes in convenience stores were unrelated to
a robbery.105 Eighty-nine percent of the rapes reported occurred at
night.106

• No conclusive findings could be reached about the effectiveness of
bullet-resistant barriers in convenience stores.107

• Gasoline driveoffs accounted for 48 percent of all police calls from con-
venience stores.108

REFERENCES
1. M. Hagland, “Confidence and Confidentiality,” Health Management Tech-

nology 18, no. 12 (1997): 20–25.
2. S. Pelton, “Authentication Captures Security of Hardware, Convenience of

Software,” Health Management Technology 20, no. 10 (1999): 50.
3. T. Eskreis Nelson, “Safeguarding Newborns: Managing the Risk,” RN 62,

no. 3 (1999): 67–70.
4. Eskreis Nelson, “Safeguarding Newborns.”
5. C. Leliopoulou, H. Waterman, and S. Chakrabarty, “Nurses’ Failure To Ap-

preciate the Risks of Infection Due to Needle Stick Accidents: A Hospital-
Based Survey,” Journal of Hospital Infection, May 1999, vol. 42, no. 1,
53–59.

6. R. L. Calvin, “Evaluation of the Protective Value of Hospital Gowns against
Blood Strikethrough and Methicillin-Resistant Staphylococcus Aureus
Penetration,” Association of Operating Room Nurses Journal 69, no. 6
(1999): 1264.

230 CHAPTER 9

7. C. Leliopoulou et al., “Nurses’ Failure.”
8. M. McDonald, “Overstretched in Emergency: On Both Sides of the Border,

Hospital ERs Feel the Pinch,” Maclean’s 109, no. 49 (1996): 74(4).
9. McDonald, “Overstretched in Emergency.”

10. McDonald, “Overstretched in Emergency.”
11. McDonald, “Overstretched in Emergency.”
12. A. Bagust, “Dynamics of Bed Use in Accommodating Emergency Admis-

sions: Stochastic Simulation Model,” British Medical Journal 319, no.
7203 (1996): 155.

13. G. Mills, “Issues in Health Care Construction,” Heating, Piping, Air Con-
ditioning 70, no. 7 (1998): 28(4).

14. Pelton, “Authentication Captures Security of Hardware, Convenience of
Software,” 50.

15. Calvin, “Evaluation of the Protective Value of Hospital Gowns,” 1264.
16. C. Vanchieri, “Badly Braced for the Big One,” Hospitals and Health Net-

works 72, no. 20 (1999): 42.
17. M. Lease and T. Burke, “Law Enforcement’s Response to Small Aircraft

Accidents,” FBI Law Enforcement Bulletin, February 2000, 14.
18. R. W. Hahn, “The Cost of Airport Security Measures,” Consumer’s Re-

search Magazine 80, no. 7 (1997): 15(5).
19. Hahn, “The Cost of Airport Security Measures.”
20. National Transportation Safety Board, “1998 Aviation Accidents,” http://

www.ntsb.gov/aviation/9801.htm, accessed February 2000.
21. “Laptop Theft: A Variation on an Old Trick,” Maclean’s 109, no. 20

(1996):

17.

22. “Feather Buster: A Florida Airport Unleashes a Weapon in Its Battle

against Birds: Border Collie Jet,” People Weekly 52, no. 7 (1999): 85.
23. J. Dettmer, “FBI Has Grounded Airport Security,” Insight on the News

15, no. 35 (1999): 48.
24. M. Lavitt, “New Technology Tests Alertness of Airport Security Screen-

ers,” Aviation Week and Space Technology 150, no. 13 (1999): 88(2).
25. M. Bradford, “U.S. Airport Safety Criticized,” Business Insurance 3

(1999): 1.
26. Bradford, “U.S. Airport Safety Criticized,” 1.
27. Bradford, “U.S. Airport Safety Criticized,” 1.
28. “Diana Ross Released and Given Warning,” Jet, vol. 96, no. 19, p. 54.
29. Hahn, “The Cost of Airport Security Measures.”
30. Hahn, “The Cost of Airport Security Measures.”
31. P. G. Chronis, “Airlines Have New Security ‘Screen’: Secret System Raises

Discrimination Questions,” Denver Post, 1 January 1998, B-01.
32. S. Young et al., “Safely Improving Airport Surface Capacity,” Aerospace

America 36, no. 5 (1999): 22.

A SAMPLING OF SETTINGS 231

33. Young et al., “Safely Improving Airport Surface Capacity,” 22.
34. T. Anderson, “Airport Security Fails Tests,” Security Management, Feb-

ruary 2000, 73–74.
35. Anderson, “Airport Security Fails Tests,” 74.
36. M. Fickes, “The AVS’s of Security Technology,” American School & Uni-

versity 71, no. 11 (1999): SS21 (4).
37. M. Kennedy, “The Changing Face of School Violence,” American School

& University 71, no. 11 (1999): ss6(3).
38. Kennedy, “The Changing Face of School Violence.”
39. J. Agron, “Lessons Learned,” American School & University 71, no. 11.
40. Kennedy, “The Changing Face of School Violence.”
41. Agron, “Lessons Learned.”
42. Agron, “Lessons Learned.”
43. M. Simpson, “Taking Threats Seriously,” NEA Today 17, no. 1 (1998): 27.
44. M. Dunn, “Critical Elements in School Security,” American School &

University 71, no. 11 (1999).
45. C. Mulqueen, “School Resource Officers More Than Security Guards,”

American School & University 71, no. 11 (1999): p. 17(1).
46. Dunn, “Critical Elements in School Security.”
47. J. N. Lederhouse, “You Will Be Safe Here: Realizing a Positive School Cli-

mate,” Educational Leadership 56, no. 1 (1998): 51(4).
48. J. D. King, “Locking in on Safety,” American School & University 70, no.

2 (1997): 36.
49. A. Spake, “Tussling over Buses,” U.S. News & World Report 127, no. 13

(1999): 62.
50. P. Welsh, “The Price of Protection,” U.S. News & World Report 126, no.

17 (1999): 28.
51. “NEA Affiliates at Work for Safety,” NEA Today 18, no. 1 (1999): 14.
52. D. Goodgame, “7:10am School Security: Always on the Lookout for Signs

of Trouble,” Time 154, no. 17 (1999): 74+.
53. D. Marcus, “Metal Detectors Alone Can’t Guarantee Safety,” U.S. News &

World Report 126, no. 17 (1999): 26.
54. S. Band, “School Violence: Lessons Learned.” FBI Law Enforcement Bul-

letin 68, no. 9 (1999): 9.
55. J. Agron, “Safe Havens: Preventing Violence and Crime in Schools,”

American School & University 71, no. 6, (1999): 18(5).
56. B. Dority, “Big Brother Goes to High School,” Humanist 57, no. 2 (1997):

37(2).
57. M. Gips, “Securing the Schoolyard,” Security Management, March 1996,

47–53.
58. J. Kirch, “Investing in Better Controls,” Security Management, May

1999, 83.

232 CHAPTER 9

59. R. E. Anderson, “Bank Security,” in Handbook of Loss Prevention and
Crime Prevention, ed. L. Fennely (Woburn, MA: Butterworth-Heinemann,
1982).

60. P. Carroll, “The Chicago Bank Robbery Initiative,” FBI Law Enforcement
Bulletin 66, no. 4 (1997): 9–15.

61. J. Konicek and K. Little, Security, ID Systems and Locks: The Book on
Electronic Access Control (Newton, MA: Butterworth-Heinemann, 1997),
76.

62. Konicek and Little, Security, ID Systems and Locks, 76.
63. T. Mann, “Policies That Pay Off: Although Robberies Are Down, They Are

Becoming More Costly and Violent,” Security Management, February
2000, 42–46.

64. K. Null, “One Bank’s Fraud Fight: Security Doesn’t Have To Sit by Help-
lessly in the Fight against Financial Services Fraud,” Security Manage-
ment, February 2000, 37–41.

65. K. Null, “One Bank’s Fraud Fight,” 38.
66. T. Mann, “Policies That Pay Off,” 45.
67. Mann, “Policies That Pay Off,” 45.
68. Anderson, “Bank Security,” 740.
69. K. Hess and H. Wrobleski. Introduction to Private Security (Minneapo-

lis, MN: West Publishing Company, 1996), 526.
70. R. Bordes, “Security Measures That Earn Interest,” Security Manage-

ment, June 1994, 71–72.
71. Bordes, “Security Measures,” 71–72.
72. J. Kirch, “Investing in Better Controls,” Security Management, May

1999, 82–88.
73. Kirch, “Investing in Better Controls,” 84.
74. Kirch, “Investing in Better Controls,” 85.
75. Kirch, “Investing in Better Controls,” 84.
76. Kirch, “Investing in Better Controls,” 84.
77. M. Hogan, “Easy Money Meets the Web,” PC/Computing 10, no. 10

(1997): 129.
78. B. Orr, “A Service Bureau for Next Generation E-banking,” ABA Banking

Journal 91, no. 4 (1999): 68.
79. Gannett News Service, “ATMs Proving Convenient to Robbers as Well as

Users,” St. Cloud Times, 6c.
80. Gannett News Service, “ATMs Proving Convenient,” 6c.
81. Gannett News Service, “ATMs Proving Convenient,” 6c.
82. Gannett News Service, “ATMs Proving Convenient,” 6c.
83. P. Davidson, “ATMs That ID Consumers by Eye To Get Test.” USA Today,

March 18, 1998, p. A1.

A SAMPLING OF SETTINGS 233

84. Davidson, “ATMs That ID Consumers,” A1.
85. J. Kutler, “Even Abundant Security Features Don’t Spur Smart Card Buy-

In,” American Banker 163, no. 221 (1988): 1–3.
86. Kutler, “Even Abundant Security Features,” 1–3.
87. P. Wayner, “Code Breaker Cracks Smart Cards’ Digital Safe,” New York

Times, 22 June, 1998, D1.
88. R. Goetzke, “Shedding New Light on ATM Security,” Security Manage-

ment, September 1994, 57–60.
89. National Association of Convenience Stores, Convenience Store Secu-

rity: Report and Recommendations (Alexandria, VA: 1991), 4.
90. W. B. Sessions, Crime in the United States: 1989 Annual Report (Wash-

ington, DC: Federal Bureau of Investigation), 1990.
91. National Association of Convenience Stores, Convenience Store Secu-

rity, 13.
92. National Association of Convenience Stores, Convenience Store Secu-

rity, 13.
93. R. Clarke, ed., Situational Crime Prevention: Successful Case Studies

(New York: Harrow and Heston, 1992), 195.
94. W. B. Sessions, Crime in the United States: 1989 Annual Report (Wash-

ington, DC: Federal Bureau of Investigation, 1990), 21.
95. Hunter and Jeffrey, “Preventing Convenience Store Robbery Through En-

vironmental Design,” in Situational Crime Prevention: Successful Case
Studies, ed. R. Clarke. (Albany, NY: Harrow and Heston, 1992).

96. Clarke, Situational Crime Prevention, 195.
97. Crow and Bull, Robbery Deterence: An Applied Behavioral Science

Demonstration—Final Report (La Jolla, CA: Western Behavioral Sci-
ences Institute, 1975), ii.

98. R. Degner et al., Food Store Robberies in Florida: Detailed Crime Sta-
tistics (Gainesville, FL: Florida Agricultural Market Research Center,
1983), 26, 27.

99. Degner et al., Food Store Robberies in Florida, 18–19.
100. Clarke, Situational Crime Prevention, 204.
101. Clarke, Situational Crime Prevention, 204.
102. R. Butterworth, Study of Safety and Security Requirements for “At-Risk

Businesses” (Tallahassee, FL: Florida Department of Legal Affairs, 1991).
103. National Association of Convenience Stores, Convenience Store Secu-

rity, 17.
104. National Association of Convenience Stores, Convenience Store Security,

17.
105. National Association of Convenience Stores, Convenience Store Security,

234 CHAPTER 9

106. National Association of Convenience Stores, Convenience Store Security,
17.

107. National Association of Convenience Stores, Convenience Store Security,
22.

108. N. LaVigne, “Gasoline Drive-Offs: Designing a Less Convenient Environ-
ment,” in Crime Prevention Studies, Vol. II, ed. R. Clarke (Monsey, NY:
Criminal Justice Press, 1994), 91–114.

Associate Level Material

Appendix G

Security Assessment

Directions

Choose two settings from Ch. 9 of the text and list each setting. Then, complete the following tables. List five threats appropriate to the environment from the setting you chose. Rate the risk for each threat from 0 (low) to 10 (high). Then, list five appropriate countermeasures, including at least two countermeasures specific to physical security and one countermeasure specific to personnel and security management. Once you have completed the tables, write a brief explanation of each countermeasure, stating how the countermeasure reduces the risk associated with that threat.

Setting 1:

THREAT

RISK

COUNTERMEASURE

Probability

Criticality

Total

Example:

Information theft

Employee screening, limited computer access, and computer monitoring

Setting 2:

THREAT

RISK

COUNTERMEASURE

Probability

Criticality

Total

CJS 250

Turn in your highest-quality paper
Get a qualified writer to help you with

“ Security Assessment ”

Get high-quality paper

NEW! AI matching with writer

Still stressed from student homework?

Get quality assistance from academic writers!

Order now