Creating a layered, 3-level entrance strategy for critical infrastructure facilities

Critical infrastructure is the lifeblood of our civilization, delivering power, water, fuel, connectivity and other elements vital to the population. Any disruption could have devastating effects on families, businesses, schools, government and every other aspect of society.

Because it is so important, critical infrastructure is governed by a host of regulatory compliance laws. These include the requirement to have a “defensible” physical security strategy in place with only authorized individuals permitted on site. To ensure this, it is further required that all regulated sites be secured with access control; that they have a form of supervision to ensure access is controlled; and that they are able to verify these factors by retaining access records. Facilities found to be noncompliant are subject to penalties and fines.

Keeping unauthorized individuals off the premises is the job of access control. However, meeting compliance in this industry is not as simple as installing a basic access control system at the perimeter.

The best way to protect the full facility is to use a layered approach with differing levels of security in different areas of the premises. It works as follows: as you move from the perimeter fence line all the way to the most sensitive areas at the core of the campus, the access control products utilized get more sophisticated and more effective at barring intruders from gaining access.

To create this strategy, security entrances provide an ideal solution. All security entrances fit into one of three levels, all of which relate to the mitigation of tailgating. To determine which entrance best fits each need, consider the security goal at that entry point. It could be tailgating deterrence, requiring only a low security level; detection, requiring a medium security level; or complete prevention, necessitating the highest security level.

Meeting these differing needs are numerous different options to choose from — high-security portals, security revolving doors, speed gates and full-height, optical and tripod turnstiles. These vary significantly in their ability to prevent unauthorized entry and provide an array of choices from which to build a defensible, layered approach to reducing risk.

Here is a quick overview of three levels of security entrances:

1. Deterrence

The outermost layer of the premises is typically a fence line or parking structure. To deter tailgating or otherwise restrict access from the parking lot into the main area of the facility or campus, full height turnstiles are the ideal security entrance. Because of their size, it is impossible to jump over these turnstiles, and mechanically they allow only one rotation per authorized credential. It should be noted that it is not impossible for two small people to squeeze through the turnstile in the same compartment — and there are no sensors or alarms to alert security when that happens. Therefore, full-height turnstiles can be considered a deterrent, not a full security strategy.

Adding turnstiles at the perimeter delivers other benefits to critical infrastructure facilities as well. In addition to providing a controlled entrance at the perimeter, they provide a discrete, pedestrian entry option that safeguards visitors who otherwise might walk through the vehicle gates and risk injury or enable entrance by unauthorized vehicles. With their rugged construction, full height turnstiles can withstand harsh outdoor weather conditions.

2. Detection

Level two of a layered strategy is detection. At this level, it is still not impossible for a tailgater or other uncredentialed individual to bypass the controlled entrance. However, if this occurs, it will be detected by sensors or cameras installed at the entry, and authorities will be alerted via alarm, email, notification or other mechanisms.

Virtually every critical infrastructure facility will have some sort of lobby that is a reception area for visitors and vendors, and this is where level-two solutions are recommended. Optical turnstiles are often used in lobby or reception areas. They allow credentialed access to authorized individuals while deterring and detecting tailgating attempts by others.

Staff or security members in the lobby can check in vendors and visitors, providing them with a visitor pass for entry. In the event of tailgating, an alarm can alert staff immediately.

3. Prevention

The third layer of an access security strategy is focused on entry points to the most highly sensitive, limited interior access areas. For these locations, security mantrap portals provide unauthorized entry assurance without the need for guard supervision. Such portals involve a two-step entry process that allows one person entry at a time. In these cases, the individual not only needs to have valid credentials, but must also authenticate identity through a second level of validation, usually a biometric credential such as facial recognition, a fingerprint or iris recognition in order to get access through the entrance to the secured area.

A high-security portal can prevent any attempt to gain unauthorized access as well as confirm the identity of the user entering. With these types of systems, there are two interlocking, automatic sliding doors. Upon authorization, the first door opens, allowing a user to enter the portal. Integrated sensors confirm the user is alone and, if so, a signal is given to the second sliding door to open, completing the passage into the secure area. A secondary biometric system can be used to confirm identity once inside the chamber.

Though securing highly sensitive access areas can be costly, when security leaders consider the cost of a 24/7/365 guard presence, the return on investment can make sense.

For facilities with employee-only entrances, there is another third-level option. While visitors and vendors may head to the lobby, employees can “self-serve” by entering through a secured entrance in another location. For these locations, revolving doors can prevent tailgating and piggybacking without slowing down traffic during the busiest times of day, such as the morning arrival period, lunch times and evening departure. These doors are so efficient at preventing unauthorized entry that they can operate alone, without the need for manned supervision, and provide valuable metrics unavailable with other entry types.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.

ON DEMAND: Apple Mac computer use is growing in the corporate space. Having the solutions and the knowledge base to respond to events that include Mac computers is just as important as their Windows counterparts.