19 December 2012

Security Trends in K-12, Some Thoughts

For lack of staff, money, expertise, and time, school districts for the most part still can’t put a huge emphasis on education programs similar to those run in many colleges and corporations to continually remind people about the rules they need to follow when dealing with physical security and confidential data. Maybe 2013 will be the year that starts to change, especially since the Newtown, Connecticut shooting, making the mitigation of risk more palatable and far less pricey than the potential of extended legal actions.  I say this because it bothers me as a parent and a physical security professional, that we spend so much more protecting our Data Centers and Networks than we do in our schools.

The “Active Shooter Scenario” is everyone’s worst case situation, I work with this everyday in protecting hospitals (Code Silver), in malls or any other open to the public facility.  Based on all that I have read on the above incident, I do not believe that anyone could have handled that situation better than it was handled. The school staff did an outstanding job and Law Enforcement responded immediately keeping the carnage to a minimum. My point is schools do not need to be open. We can reduce access and push back the perimeter, which I believe is the only way to reduce the active shooter threat. 

Many times, when I would bring up K-12 school security enhancements I would get push back like “We want an open feeling in our schools and the employees won’t allow that.”  Hopefully what Richard Cantlupe, an American history teacher at Westglades Middle School in Parkland, Fla.: He called Newtown "our 9/11 for schoolteachers." If this is true and we can at least give our schools the same protection as our data centers will come a long way in making our schools safer.  

After 911 we had Presidential Directive 7 which was a Homeland Security Presidential Directive that established a national policy for Federal departments and agencies to identify and prioritize critical infrastructure and to protect them from terrorist attacks. The directive defines relevant terms and delivers 31 policy statements. These policy statements define what the directive covers and the roles various federal, state, and local agencies will play in carrying it out.  We need to add our schools to this list and give grant money to the school districts to get it done today.

The solution is available; it will just cost some money.  The school designs are mostly fine; we just need a few enhancements to reduce the threat, especially the perception of a school being a soft target. However you can never completely eliminate the threat completely.  I have many ideas on this issue and look forward to discussing them in future postings.  I have a check list I have used in the past that I picked up along the way that gets everyone thinking.  If you would like a copy please go to  https://dl.dropbox.com/u/62454695/k-12_School_Safety_Security_Checklist_McDonald_AACI.pdf.  If you have any questions, comment here or call anytime!

Physical Security Talking Points and Fraud

When discussing physical security, there are several important talking points to consider. Here are some key points to include: Risk Assessm...