When thinking of security, people tend to think of cameras, security officers and metal detectors. While these are all important elements of building security, the best security plans begin long before these elements are installed, and long before the building itself is even constructed. They begin on the drawing board, as designers and clients come together to sketch out buildings able to withstand a wide variety of threats, ranging from natural disasters to man-made attacks and cybersecurity concerns.

As an architect specializing in corporate and urban design, I have helped clients fulfill a variety of security needs, from the everyday to the top-secret. Some clients are simply seeking to provide a safe, comfortable workplace – after all, we all want to feel secure when we are at work or at school. For other clients, security is of paramount importance – they are responsible for critical data and operations that must be protected from natural and man-made threats. Their buildings are more than just structures – they are targets, living under the shadow of a bulls-eye. In each case, good design can be a very powerful defense mechanism.


Campus and Building Security – General Best Practices

Whether through small design decisions, such as sight lines or lighting, or bigger undertakings, such as sealing rooms and buildings from physical or digital invasion, a building’s design scheme can be its first line of defense against a wide range of potential threats, ranging from petty crime to bioterrorism. Specific threats will differ based on a facility’s function and location, and designers should work with owners to analyze, prioritize and accommodate a building’s particular needs. However, there are several general best practices that can greatly improve a facility’s overall security by subconsciously encouraging safe usage and diffusing potential internal or external threats.

When planning for security, the psychology of a particular design is just as important as its tangible attributes, if not more so. The built environment can significantly affect users’ thought patterns and behavior. Often without their knowledge, building occupants and visitors respond to environmental cues that encourage particular behaviors and discourage potentially harmful tendencies. Lighting is perhaps the most common example – well-lit, open areas tend to deter crime, while darker, enclosed spaces can encourage it. Other design features can have similarly strategic effects on behavior, and are part of the larger discipline of Crime Prevention Through Environmental Design (CPTED). Key goals include using the built environment to improve visibility, control access and increase a facility’s resilience.



Promoting visibility, and even creating the illusion of visibility, can help deter crime and foster a sense of security among building users. Designers should abide by an “eyes on the street” mentality, both within and outside of their building, allowing security personnel and building occupants to monitor potential threats. For example, using straight, unobstructed sight lines with no blind corners eliminates potential hiding places and creates spaces that can be easily surveyed. Curves, alcoves and other obstructions should be kept to a minimum in highly-trafficked areas. Landscaping should reduce places to hide and avoid plantings and shrubbery exceeding the height of an average person. To encourage surveillance among building personnel, windows and other openings should allow for easy viewing of high-activity areas, as well as of street activity outside. For example, including ample windows in highly-trafficked spaces, such as building lobbies, allows occupants to clearly see activity on the street and identify potential threats before they arrive. Similarly, orienting offices to face major corridors encourages occupants to take note of their surroundings and can facilitate early threat detection.

Each of these design strategies create spaces with a sense of openness and visibility that can act as a psychological deterrent against would-be threats. These spaces also create a sense of watchfulness and accountability, as building occupants can become guards of sorts, able to quickly spot any problems and provide important information to security personnel.



The creation of open, visible spaces should be carefully balanced with measures controlling and restricting building access, to ensure that the open spaces themselves do not increase potential threats. The wayfinding strategies built into a facility are key to achieving this goal. Signs, placards and other markers should guide all visitors to a central area upon entering the building, with minimal opportunity to disperse into other rooms. This makes it much easier for on-site security personnel to scan incoming visitors and identify potential threats. Lighting, artwork and other interior design elements should subconsciously enforce this direction by emphasizing spaces where designers most wish to draw the eye and direct visitors’ footsteps.

Aside from pedestrian access, secure designs should also limit vehicle access and, as much as possible, remove a building from the radius of external threats. For example, an exterior perimeter, even one simply demarcated by bollards or planters, will prevent vehicles from directly approaching a facility, and distance it from any accidents, explosions or other threats that might occur on nearby streets. Other external features, such as plazas and courtyards (provided they are highly visible and easily monitored) are also useful as buffer zones.



In addition to focusing on preventing threats, secure building designs should include built-in mechanisms to improve resilience if and when such threats become a reality. A building’s resilience is key to its security, and designers can increase resilience by creating spaces that proactively adapt to unexpected situations. In flood-prone areas, for example, elevating crucial functions like a hospital’s emergency room or an office building’s IT nerve center can help preserve operations even as waters rise. Additional safeguards include reinforcing connectors and other structural elements to withstand extreme loads, enhancing insulation to guard against utility failures and installing resilient backup power sources and redundant systems to provide insurance in an emergency.  


High-Security Facilities – Designing Additional Defenses

While no one wants to see their building damaged in the event of a disaster, there are certain facilities where loss of function can have extraordinarily dire large-scale implications. These high-security facilities should take into account the best practices mentioned above while also providing increased protection to safeguard mission-critical operations and highly-sensitive information. Data centers are a good example of facilities needing specialized protection. These facilities house tremendous amounts of information, typically affecting networks far beyond their physical location. Imagine, for example, if a national hospital network’s central data facility went offline during a tornado. If you were a patient in any one of that network’s hospitals, your medical history, prescriptions, MRI results or CT scans could vanish, damaged by a weather event that you likely did not even know was occurring. Multiply that loss by thousands of patients around the country, and you have a terrible headache on your hands. To prevent such losses, data centers and other mission-critical facilities should be designed with physical safeguards far exceeding those of a typical building. As one data center client put it, we must design facilities that will remain online even when Buicks are flying through the air. Several factors can help designers achieve that charge.

  • Location –High-security data centers should be placed in an inconspicuous location, remote from other buildings and outside of city centers or transportation hubs. Additionally, data centers should be located in a different city from the primary operators that they serve, to minimize the risk of both facilities being under duress simultaneously.
  • Exterior ConstructionThough designers love to create visually striking buildings, it is wise to refrain from that tendency when working on this type of high-security facility. Data centers should be nondescript, better suited to deflecting attention than to attracting it. Windows should be kept to a minimum and walls should be thick, reinforced with concrete or steel.
  • Facility LayoutCrucial operations should be located at the center of the building, with non-crucial and administrative functions creating a perimeter shield.

Similar precautions apply to facilities housing sensitive information, though such facilities cannot always be hidden away in a remote location. Often, seemingly ordinary office buildings must, through less visible methods, ensure both physical and cybersecurity. These can be categorized as Sensitive Compartmented Information Facilities (SCIF), a subset of building design with extremely high security standards and strict certification requirements. Within SCIF facilities, particular areas where sensitive information are stored or discussed is sectioned off and protected with numerous, layered features, including aluminum-lined walls, sound-masking systems and electronic or radio frequency shields.

Whether a building is a SCIF facility or simply a normal office building, security should always be a top priority, from the drawing board onwards. Good design allows the building itself to take on an active role in ensuring occupant safety, by subconsciously directing users, emphasizing safe behavior and deterring outside threats. The severity and cost of such precautions varies, but with each step taken, our buildings, our cities and crucially, our people can become a bit safer, a bit more secure behind the defenses of a smart built environment.  


About the Author: Patrick Gilbert, AIA, LEED AP is an architect with Gresham, Smith and Partners. He has worked on a wide variety of projects for GS&P, including office, retail and educational spaces.