The Risky Business of DIY Security: There Is a Better Way
A serious pitfall of Do-It-Yourself campus security is the temptation to tackle a project that should be entrusted to professionals.
Avoid the DIY approach to safety and security. Instead, take a mindful approach that is systematic and leverages the expertise of qualified professionals.
April 22, 2019 Dennis Elledge, RA, PSP, AIA
The current rise and popularity of DIY (Do-It-Yourself) in America is phenomenal. It’s more than a movement about crafting and cooking. Americans are willing to take on virtually anything to save time or money to meet a legitimate need or simply for the thrill of a challenge.
However, a serious pitfall of DIY is the temptation to tackle a project that should be entrusted to professionals. Legal contracts, medical consulting, construction management, etc., are complex endeavors with big risks and far-reaching ramifications. Without regard for potential harm and liability, and despite limited training or experience, highly motivated and well-meaning DIYers do take on these and other traditionally professional or technical activities.
There are exceptional DIYers who have had applicable training or experience and produce impressive, functional results. But if their perspective is skewed or their skills fall short, the welfare of their families, organizations and communities is at risk. Such is the case of self-directed and sometimes self-performed– DIY –security programs in campuses and businesses across America.
As the home chef does, corporate and administrative executives and their teams find information-rich programming on television and the internet. They are inundated by education and parent associations, boards, trade magazines, and government studies and publications from FEMA, the DOJ, DHS and the FBI. They receive articles, checklists, suggested products and procedures, and quasi-standards for institutional and personal security.
Part of this information overload and reaction is the reality of America’s violent society. Local, national, and international news broadcasts make it very clear that we need effective prevention, appropriate security and reliable protection.
The Dual Dilemmas of DIY Security and Business as Usual
The typical approach to security concerns by organizations in the past was for them to be aware of possible threats, provide a safe environment as best they could and rely heavily on a little help from their friends in law enforcement. Despite widely publicized, intense security issues in targeted violence scenarios, little has changed in the approach at the local level. Staff training is provided, and incremental physical improvements are made with the hope that they will be effective. Unfortunately, this well-meaning, hands-on approach is inadequate for such critical needs, but it is still the norm due to many factors.
The reality of both random and targeted violence in schools, businesses, entertainment venues, and houses of worship in the United States is undeniable. Sometimes denial gives way to a resolve to “do something about it.” Inadequate security budgets and in-house resources are stretched. Reactionary thinkers offer unproven tactics. Familiar vendors push trending safety products to facility managers. Law enforcement and volunteer groups are directed to “do their best” even though they are not properly trained, educated or experienced. The DIY security solution is launched on a wing and a prayer.
At this point of awareness, it is imperative that those in positions of authority and influence cease doing business as usual. They must take an honest look at their community, facility and personnel’s current and past approaches to security and safety. Consequently, their priorities are forced to shift from protection of property to protecting human life.
A comprehensive assessment of current conditions must be performed. Recommendations for a reasonable process and implementation schedule must be developed and approved. This daunting task cannot be taken on with outdated methods or with a DIY mentality, but rather with a mindset of the new business as usual.
Pivot 3 Case Study: University of Central Florida In March 2013 UCF faced an active shooter situation in which a former student planned to pull the fire alarm in a residence hall and then shoot his classmates as the building was evacuated. However, the shooter’s gun jammed, and as officers were closing in on the gunman, he took his own life. During the university’s response to t``he incident, accessibility to critical video data was a major issue. Read More
The New Business as Usual
The new business as usual strategy takes a mindful approach to security, safety, and protection of property and life. Rather than piecemeal, DIY solutions involving incremental purchases and physical improvements, it employs a comprehensive yet systematic approach. Project-based processes are inherently systematic and begin by engaging professionals. Project programming, design and management are best performed by certified professionals. Security-specific assessments, design and project management are necessary to a successful outcome and should be performed by a board-certified security consultant.
This project-based approach can be highly cost effective compared to incremental spending. Without a complete campus and facility-wide plan for guidance, low-priority, incremental improvements can be poor and risky investments. Involvement of staff at multiple executive and administrative levels can be time consuming, costly and cumbersome and might still yield ineffective solutions.
A professional security design consultant will use results from a comprehensive security risk assessment (CSRA) to produce a specific scope of work for competitive bidding. This method will result in procuring the exact services and products needed from qualified contractors on a specified schedule for the best price. Procedural changes, communication advancements and capital improvement projects can add significant long-term value to the facility. These successful projects produce tangible, potentially life-saving results as well as evidence of the leadership team’s engagement and accountability.
In addition to a professional and superior design, this more responsible and accountable approach can be shared with all stakeholders. The foundational CSRA prioritizes all needs. Once the assessment is complete, a long-range master plan of implementation can be established in conjunction with projected funding of the recommendations. The CSRA and its action plan provide credibility of the findings, feasibility of implementation and evidence of committed leadership.
What does the CSRA entail? Simply stated, a board-certified consultant experienced in security risk assessments performs an in-depth site, campus and facility survey of the client property––school, business, healthcare facility, church, entertainment venue, etc. He or she conducts interviews, collects data and defines potential issues. The client or owners’ representative receives a report with prioritized recommendations to maintain and improve the security and safety policies including operational and best security practices, safety and security procedures, physical security measures and site hardening projects.
This approach involves much more than the infrastructure alone. It includes prevention, policies, procedures, personnel, compliance, infrastructure, technology, response and recovery preparations. Much of what is needed is about communication and operations. For instance, there is much optimism regarding prevention options and technology from reporting and tracking software.
Some initiatives will cost little or no extra money and can be enacted quickly. Part of this holistic approach requires coordination of all aspects in a systematic, reasonable and balanced way.
10 Essentials of a Comprehensive Security Program Implementation Process
Unlike the haphazard DIY approach to campus security, the new business as usual approach incorporates the following 10 essentials:
Name an internal security team composed of main stakeholders and a certified security consultant as facilitator.
Commission a CSRA throughout the facility/campus.
Obtain a record set of facility’s architectural drawings and conduct a comprehensive preliminary architectural security study (ComPASS) of the site and plans for use by the security team in cooperation with the assessment.
Identify priorities and estimated cost ranges associated with each project.
Develop and institute operational, organizational, policy and procedure recommendations. a. Establish emergency operations plans. b. Provide staff and occupant training. c. Develop prevention programs and staffing. d. Create and coordinate recovery plans and processes. e. Ensure coordination and communication with all levels of law enforcement and other first responders including fire department and EMS, as well as regional medical services, prevention coordinators, recovery team, and others as appropriate.
Achieve required governmental and district compliance.
Develop long range masterplan of project implementations.
Begin the first project design of the masterplan using a professional security design team consisting of the district administrator and security director, project architect/security designer, board-certified security consultant, and other key personnel.
Competitively bid and execute the first prioritized project.
Repeat the process, project by project, year by year as annual budgets permit.
Consider Hiring Board-Certified Security Design Professionals
Board-certified physical security professionals (PSPs) are generally individuals involved in the security industry, in design, installation, training, assessment, architecture, etc. Licensed architects with PSP certification are in a unique position to consider the physical infrastructure’s security concerns. With expertise in life safety and fire safety code compliance and implementation, a licensed architect routinely deals with aspects that are closely related to security concerns in the planning, design and construction of buildings.
A licensed architect who is also board certified as a security professional brings a unique and valuable combination of essential skills and experience to the tasks of comprehensively assessing facility security risks, developing successful solutions to address and mitigate those identified, and preventing those and others in the future. The outcome is two-fold: preventing loss of valuable assets, and more importantly, protecting from harm and saving human lives.
Dennis Elledge, RA, PSP, AIA, is a principal at DE/SL LLC, Architecture & Security Design. Registered in the State of Missouri, Elledge has been practicing architecture for more than 40 years. His specialties are houses of worship, K-12 and secondary schools. He is a board-certified PSP, internationally credentialed by ASIS. Elledge’s architecture and security business is located in the Greater St. Louis, MO metropolitan area.