Organizational leaders should work to strike a balance: to offer a warm and welcoming facility, while at the same time ensuring that their members, students, staffs, clients and building are safe and secure. Leaders concerned with everybody’s safety and security should prepare to deal with emergencies, because “on the fly” reflexes might not be as effective as a pre-determined and rehearsed plan. While your “to-do” list at the beginning of the academic and program year is long, consider these tips to help you prepare for emergencies and ensure you can protect your constituencies.
1. Control access to your facility
No unauthorized person should be allowed to enter your facility. Every person entering your facility should be screened by security (or other) staff.
- Limit entrances and exits. Limit access to your facility to monitored entrances.
- Don’t slow down regular users. Create a system to identify regulars (e.g., staff, members).
- Screen irregular visitors. g., people with appointments, contractors, etc. See more at Sample Building Access Policies & Procedures.
- Divide your building into sectors. Should people authorized to use one part of the building be able to wander into another? If you have an access control system, take advantage of its capabilities to allow specific access. Alternatively, use color-coded badges, wristbands or ID cards as a low-tech solution.
2. Plan your emergency response
Stuff happens. Emergencies are not events that you can handle on the fly. Consider having plans, procedures and designated teams empowered to make decisions during emergencies, and trained and prepared to respond to events.
- Develop and train an emergency response team. Designate someone to be in charge during an emergency and someone else as backup. Build a support team. Have the team work together on your response plans.
- Build a relationship with your local police.Work with your local police throughout the year and give them the opportunity to get to know your programs, your rhythms, your people and your building. Ask them for suggestions as to how to make your people safer.
- Know what to do if you receive a threat. Get some ideas about preparing for phone, email or social media threats and evacuations and sheltering at: http://www.jcrcny.org/2017/02/to-evacuate-or-not-to-evacuate-that-is-the-question/.
- Have an “active shooter” Do the people in your facility know what to do if a person with a gun or sharp-edged weapon shows up? Find more information at: www.jcrcny.org/activeshooter.
- Be ready to tell people what’s happening. Don’t let your stakeholders learn about an emergency at your facility from the media. Be prepared to communicate. Have some pre-written messages: be first; be right; be credible. Consider options including hardware and web-based emergency notification systems that will simultaneously email, text and phone pre-prepared lists, dedicated social media groups or free apps such as WhatsApp or GroupMe that will send texts (including a link to your website with more info and updates). Now is the time to collect the cell numbers of your stakeholders.
- Involve your board in the security and preparedness process.
3. Develop a routine
Security, done well, must be done daily and involve everybody.
- Create a culture of security. Everyone should feel responsible to report suspicious activity. “If you see something, say something” should be part of your culture of security.
- Be aware of hostile surveillance. If you see something, say something. If it is not an emergency, call the NYPD at (888) NYC-SAFE, outside NYC (866) SAFE-NYS. For more information download Indicators of Terrorist Activity from the NYPD, Guide to Detecting Surveillance of Jewish Institutions from the ADL at adl.org/security and Security Awarenessby Paul DeMatties at Global Security Risk Management, LLC.
- Schedule regular walkarounds. Designate an employee to complete a “walkaround” of your building and your perimeter on a daily basis, if not more often. They should be looking for suspicious objects, items blocking evacuation routes and anything else that “Just Doesn’t Look Right.”
- Make sure you’re getting the right information. Sign up for alerts to learn when the local and/or global security threats conditions change. Sources: JCRC-NY Security Alerts at jcrcny.org/security, https://www.nypdshield.org/public/signup.aspx, emergency alerts from Notify NYC or your local emergency management office and have a weather app on your smartphone to warn you about severe weather.
- Work with your security provider and your staff to write, “post orders”. Your guards should not merely decorate your entrance. They should know what you expect them to do daily and in emergencies.
4. Don’t forget to train
Major leaguers take batting practice before every game. True, they started batting in the Little Leagues, but drills help people to know, instinctively, what to do. Emergencies that turn to chaos become crises. People know what to do during a fire drill, because they have participated in fire drills since grade school.
Use tabletop exercises involving a wide swath of stakeholders to help you to determine policies and procedures. Once you have determined your plans and procedures, schedule evacuation and lockdown drills. And remember … once is not enough.
5. Explore your security hardware options
Your security hardware should support your security procedures. There are federal and New York State grants available for many organizations (see: www.jcrcny.org/securitygrants for more details). Consider obtaining the funding for:
- Your main and secondary doors should lock securely and be able to withstand an attack by a determined intruder.
- Do your windows lock securely? Reduce the risk of break-ins, vandalism and even mitigate the extent of injuries from bomb blasts by properly installing security/blast-mitigation film on your current windows or replacing them with windows with those properties built-in.
- Access control systems. The electronic possibilities are endless: access cards, biometrics, alarms and more. Get professional advice (see JCRC-NY’s guidance on Security vendors), figure out a hardware plan that is expandable and adaptable.
- Video monitoring. Deploy CCTV systems in various ways. First, as part of a video intercom system to identify people seeking to enter your facility. Second, to monitor secondary entrances (you can add alarms that warn you that a door was opened, alerting someone to check the monitor), and finally, to help to detect hostile surveillance.
David Pollock and Paul DeMatteis
firstname.lastname@example.org | August 30, 2017
With over 150 hoax bomb threats reported, you should have already have a plan. However, the ongoing threats should serve as a reminder to review our ongoing guidance, make use of the resources and implement the recommendations, as appropriate.
Should we be worried? At this time the experts conclude that the series of
incidents referencing threats against schools, Jewish facilities and businesses likely do not represent a credible terrorist threat for two reasons:
- terrorists’ rarely provide operational insight into their planning, and
- the fact that nearly all hoaxes in the United States are conducted by criminal actors or those instigating a nuisance prank.
What are my options? Many security experts question the wisdom of the policy of evacuation. After all, a terrorist could trigger an evacuation of a facility with a simple phone call and then attack the evacuees in multiple ways. On the other hand, someone could place 100 hoax bomb threat calls, but actually plant a bomb on the 101st. (In rebuttal, why make a warning phone call when simply planting the bomb works).
The bottom line is that there is no perfect solution, so all institutions should think about their options and consult with local law enforcement in the absence of the pressure of an actual emergency.
Think about options
Your response should be tailored to the nature of the threat. Don’t expect people to gather information, to analyze the situation and to identify the best option in the wake of a threat. Understand the risk (use the chart to the left) and define actions that can be taken under various circumstances.
Some other ideas:
- Set up a meeting with your local police to review and discuss your options.
- There is no perfect solution. This is an issue that should be raised at a security committee or board meeting. Remember, your reputation is at stake and your decision may create liability issues.
- Identify possible options leading to a sheltered evacuation, i.e., one that minimizes the dangers of an attack on evacuees:
- Is your parking lot a relatively safe area? Could you evacuate there and stand an appropriate distance from your facility? Is there a sheltered path to an adjoining building? Can the local police establish a perimeter to protect the evacuees?
- Develop appropriate protective measures based on your facility’s characteristics. For example, some facility managers have identified areas (e.g., a pool or gym) that are not cluttered and therefore, easy to check for bombs. If the architecture of the building is engineered so that the building would not likely collapse on those inside, one option is to evacuate people to these safe (or more accurately, safer) places (HT to Steve Levy of ISA).
- Communicate, early and often. If you decide not to evacuate, some stakeholders will question your judgement and try to second-guess you. A well-planned sheltered evacuation option is easy to explain and to show that your highest priority is the safety of your stakeholders. Whatever you choose, have pre-written messages ready to go should you become a target.
No one can give you a perfect answer. Identify your options, consult with the best people possible and keep your people safe.
The answer is, it depends. The question comes up at almost every one of our security training sessions. Honestly, there are both advantages and disadvantages of either option. Guns and Security: the Risks of Arming Security Officers in the December issue of Security Management (a publication of the security industry trade association, ASIS) discusses many of the issues that must be considered.
Each organization must carefully weigh the pluses and minuses themselves, as applied to their building, their constituencies and their culture. Since this decision could possibly affect your brand, your reputation and/or your liability, it is advisable to include your board of directors in the decision. If your organization is leaning towards armed security, we suggest four “best practices”:
- Hire any armed security guard on the basis of their experience, training and judgement rather than their weapon. If you hire e.g., an off-duty/retired law enforcement officer, you are hiring much more than their gun.
- Deploy armed guards as one element of a multi-layer security plan. If a determined intruder is targeting a specific institution, a solo guard (armed or not) may become the first, unfortunate target without any opportunity to even his/her weapon.
- Contract with an outside firm. Given the documented risks associated with armed guards (outlined in the Security Magazine article), consider contracting with an independent vendor and make sure that they are responsible for the supervision of armed guards, all aspects of the armed guard’s ongoing training and compliance with governmental training, licensing and other requirements.
- Discuss your decision with your insurer. Whether the armed guard is, or is not, your employee you may have some liability and/or named in any lawsuit. Make sure that your insurer knows about your decision and that your are appropriately and adequately covered. (n.b., Some institutions employ an outside security consultant to manage their employees. A discussion between the security consultant and the insurer may assuage the concerns raised by the insurer).
NYPD does have a Paid Detail Unit which provides officers to perform off-duty, uniformed security work within New York City for approximately $45/hour. Click here for more information and contact details. Of course, the above recommendations still apply.
|Quick tips: What should your guard(s) be doing?|
|Guards should not be merely uniformed potted plants adorning your lobby. Rather, they should be an important and active component of your overall security plan.
If you have a single guard, his/her logical priority is access control (see our suggestions on how to develop an access control policy here). At the same time, don’t lose sight of other important functions, including:
The security management industry calls instructions for guards, “post orders” which clearly outline the duties, responsibilities, and expectations of security guards. For example, your post orders should clearly set forth your access control policies and define the areas of your property that should be included in a walk-around and their time and frequency (e.g., upon arrival and upon returning from lunch).
The past few months have been busy with JCRC-NY coordinating major training sessions for hundreds of institutions in the NY area. There is a heightened awareness of the potential for attacks and a willingness on the part of organizations to “Step up their Game.”
All of the trainings focused on security/terrorism awareness, building a culture of security within organizations and active shooter responses. Kudos and thanks to our wonderful partners, including: NYPD Counterterrorism, U.S. Department of Homeland Security and the FBI. Our common goals are to strengthen the ties between law enforcement and nonprofit organizations and to empower them by giving them to tools and knowledge to respond as well as possible. Here’s some examples of our recent work: Continue Reading