Here are ten procedures that private-sector and government facilities can use to deter or mitigate terror attacks.

Enforce a standoff zone:

A standoff zone is a secure area in which only pre-screened vehicles, bicycles, etc. are allowed to enter. A 100- to 300-foot standoff zone is ideal, but the effects from a blast are decreased in direct correlation to the increase in distance between a blast and its intended target. Therefore, even a 10-foot standoff zone is better than no standoff zone. Bollards, barriers and barricades (natural and man-made) enforce the integrity of the standoff zone.

Implement surveillance detection:

: Nearly every major terrorist attack has been preceded by months and years of surveillance. Initial surveillance is usually conducted by amateurs or unwitting accomplices – children, taxi drivers, delivery/service persons, etc. – paid to take photographs, provide facility descriptions or other information (or information is surreptitiously elicited from them). Once a target list is narrowed, comprehensive surveillance is conducted by professional operators. Security personnel should be trained to observe and report unusual interest in a facility or activities that are out of context for the environment (e.g. a taxi driver photographing a service entrance). As planning progresses, operators may conduct tests or dry runs, such as attempting to enter a restricted door to test the security response, or driving the intended route to identify potential obstacles.

Screen deliveries:

All delivery, service and courier vehicles and their contents should be screened using the following procedures:

• deliveries, other than courier services, should be scheduled in advance, and drivers should be required to present a bill of lading that reflects the driver’s name and a password issued by the Receiving Department;

• all drivers, including couriers, and their assistants should present photo identification and their presence should be documented;

• all license tags should be documented;

• ideally, cargo should be inspected by security at a remote location and sealed by security until arrival in the receiving area, where the seal is broken by building security or a receiving clerk/dock master;

• all incoming parcels should be x-rayed or physically inspected; and

• no parcels should be accepted anywhere other than at the designated receiving area.

Stagger security:

The number of security personnel on-duty, as well as the times at which shifts change, should vary by day to eliminate a discernable pattern. When conducting patrols, security personnel should use random start and finish times and vary their routes (at times, even suddenly changing direction or backtracking). If possible, vary the methods of patrol (vehicle, bicycle, walking). The use of both uniformed and plain-clothed security personnel is advantageous.

Screen visitors:

Where possible, screen visitors at a remote location, distant from any facilities. Visitors should be scheduled, in advance, by their hosts, and hosts should be required to escorts visitors at all times. Visitors should present government-issued photo identifications, which should be held until their visitors’ passes are returned. (This is known as a credential-exchange program.) Hand-carried belongings should be visually inspected or x-rayed, and persons should be required to pass through a magnetometer. Outerwear, such as jackets and coats, should be opened and/or removed for inspection.

Screen employees:

All employees should be required to wear facility-issued photo identification at eye level on their outermost garments. The use of access cards is recommended, and is best when used in conjunction with biometric or keypad systems. Always verify either electronically or visually that the cardholder is the person to whom the card is issued, and never assume that an employee with whom you are acquainted is still employed at the facility.

Review your emergency procedures:

Know what to do and when to do it. Review, and if necessary, update your security, evacuation and life safety procedures and policies.

Make security the responsibility of all users:

Everyone that works at your facility should be reminded continuously to observe and report unusual behavior. Users should challenge those who appear lost or are not known to them. For example, a person walking through tenant office space should be asked, "May I help you?" Simply acknowledging them and removing their anonymity might deter a potential incident.

Assess your security:

Retain a security consultant to assess your physical, technical and operational security. Where possible, their involvement early in the architectural, engineering, landscape design and construction phases can help to avoid costly mistakes.