Secure Buildings: Always better by design
Updated: May 11
Security is not just cameras and locks, writes Optic Security Group Managing Director Mark Lloyd, it’s also the security thinking that goes into how a building is oriented to site, the building materials selected, and the design of the structure itself.
The software engineering world would have us believe that ‘security by design’ is a concept that they came up with to describe the practice of building-in security considerations at the earliest possible point of the software design process.
It’s a simple idea: prevent breaches by good design, and avoid the additional costs associated with making alterations after gaps are discovered – especially following a breach. In other words, ‘baking it in’ as opposed to ‘bolting it on’ later.
The fact is that ‘security by design’ has informed the design of physical structures for millennia. It’s just that it’s tended to have been associated with structures built specifically to protect (bank vaults), defend (fortresses) and incarcerate (prisons).
The ‘Panopticon’ proposed by 18th century English philosopher Jeremy Bentham stands as perhaps the most infamous example of physical security by design. Based on a circular structure, the rather Orwellian concept featured a central observational core from which an authority could enjoy line-of-sight visibility of all occupants. The idea was ultimately incorporated into a range of institutional buildings, mostly prisons… and possibly the odd open-plan workspace!
Today’s security threats are clearly different to those faced in the past. Commercial and retail premises, for example, accommodate people, information and assets that require protection from armed attackers, corporate spies, opportunistic thieves, organised criminals, terrorists and lone actors, malicious insiders, and fixated or drug-affected persons exhibiting antisocial behaviours.
To some extent, legislation and standards provide some benchmarks for the baking of security into the design of structures, but these constitute a cookie-cutter minimum. Commonwealth Government guidance, such as the Protective Security Policy Framework (PSPF) and Australia’s Strategy for Protecting Crowded Places from Terrorism (Crowded Places) are also helpful.
These two documents explicitly reinforce the importance of a risk-based approach to security and a security-based approach to building design. The PSPF, for example, points its readers to the value of fully integrating “protective security when they plan, select, design and modify facilities to ensure people, information and assets are protected,” while the Crowded Places guidance makes the useful point that “security is more cost effective when incorporated into the design phase” of a venue.
This is a compelling point. Incorporating security into the design phase of a construction project is more cost effective than bolting security controls on afterwards. Even before weighing up security systems, such as access control and CCTV, there are some basic building blocks to consider:
the neighbourhood, including crime statistics, any ‘hot spots’, nearby places of interest that may attract criminal activity, and any ‘sensitive’ neighbours;
the situating of a premises in relation to its surrounds, including the size of the stand-off perimeter (the distance between an asset and a threat), and vehicular access/egress points;
the use of existing topography and constructed landscaping (Crime Prevention Through Environmental Design – CPTED) for cover, concealment, and visibility;
the modelling of occupant flows in the premises, noting areas of potential vulnerability, such as blind spots and choke points; and
the selection of building materials (structural framing, walls and floors) to mitigate against explosive blast, ballistic attack, cyber intrusion and environmental degradation.
Importantly, there should be an evidence-basis to these considerations. Site selection and proposed physical security measures should be the result of site-specific risk and threat assessments and site-specific physical security plans formulated by a security risk professional.
So, consider your (or your client’s) physical security requirements at the earliest stages — preferably during the concept and design stages – and any time you’re planning new sites or buildings, selecting new sites, or planning alterations to existing buildings. It’s the smart approach, and it will save you.
Optic Security Group is a trusted security risk partner of public and private sector organisations across Australasia. With decades of experience in the design and build of security system projects, we have the consultancy, design and project management capabilities to ensure your projects are secure by design.