Archive for category: Access Control

By Kevin Whaley, CPP, Sr. Security Consultant at Kenton Brothers

Welcome to Part 3 of our discussion about Crime Prevention Through Environmental Design (CPTED).

In Part 1, I introduced the concept of CPTED and the importance of ensuring CPTED principles are considered when developing or enhancing your security program. In Part 2, we dove into greater detail on the concepts of Natural Surveillance & Natural Access Control. In Part 3 of the series, we will be looking at Territorial Reinforcement and Maintenance.

As a quick recap: in the first part, we touched on the four key overlapping concepts of CPTED which include:

1. Natural Surveillance
2. Natural Access Control
3. Territorial Reinforcement
4. Maintenance

In the second installment, we went into greater detail about the in’s & out’s of Natural Surveillance & Natural Access Control such as;

• Natural Surveillance – the placement of physical features, activities and people in a way that maximized visibility from the surrounding environment.
  • WHY? It increases the threat of apprehension by taking steps to increase the perception that people can be seen.
• Natural Access Control – Natural access control means controlling access to a site. People are physically guided through a space by the strategic design of streets, sidewalks, building entrances, and landscaping.
  • Clearly defines entryways and guides personnel to specific entrances that are well lit and overlooked by surrounding areas.

Just as a reminder, the overall goal in the successful implementation a CPTED plan of action, we must understand that all human space:

• Has some designated purpose.
• Has social, cultural, legal, or physical definitions (such as expectations or regulations) that prescribe the desired and acceptable behaviors.
• Is designed to support and control the desired and acceptable behaviors.

With that understanding in mind, our approach should focus on:

• Manipulating the physical environment to produce behavior effects that reduce the fear and incidence of certain types of criminal acts;
• Understanding and modifying people’s behavior in relation to their physical environment
• Redesigning space or using it differently to encourage desirable behaviors and discourage illegitimate activities; and
• Reducing the conflicts between incompatible building users and building uses, with the goal of eliminating “no person’s land” that no one takes ownership of.

There are various controls that can be implemented that can supplement or support the approaches listed above.

Territorial Reinforcement and Maintenance of your CPTED program.

Territorial Reinforcement:

Territorial reinforcement involves establishing a sense of ownership and belonging in a specific space, which can be achieved through various design elements and strategies. When a space appears to be clearly defined and “owned” by a particular group or individual, it may discourage potential criminals by making them feel like trespassers or intruders and that the potential for detection is high.

Importance in CPTED: By implementing territorial reinforcement, CPTED aims to deter criminal activity by promoting the perception of active ownership and surveillance. A well-defined and cared-for area signals to potential offenders that their presence is likely to be noticed and that there is a higher risk of detection and apprehension. This may lead to a decrease in the opportunities for criminal acts to occur, as criminals tend to avoid spaces where they feel more vulnerable and exposed.

Examples of Territorial Reinforcement:

1. Clear boundaries and property lines demarcated with fences, hedges, or other physical barriers.
2. Well-maintained landscaping and exterior areas, indicating active use and care.
3. Signage and symbols that represent community ownership or surveillance, such as neighborhood watch signs.

These examples of territorial reinforcement can (and should be) enhanced with other physical security measures including but not limited to:

1. Surveillance cameras
2. Speakers with pre-recorded messages stating that the person is being watched or that authorities have been called.
3. Sufficient illumination
4. Security officers
5. Access Controls
6. Active/Passive intrusion sensors

However, no matter how advanced or intricate your CPTED program is, it can deteriorate and become obsolete without proper care and maintenance.

CPTED Maintenance:

CPTED maintenance involves sustaining a sense of ownership and control over a space through ongoing upkeep and community involvement. Neglected or poorly maintained areas can attract criminal activity as they signal a lack of guardianship and a reduced risk of detection.

Importance in CPTED: Regular maintenance of public and private spaces is critical to the success of CPTED. Well-maintained environments foster a sense of pride, ownership, and responsibility among community members. It reinforces the idea that residents are actively invested in their surroundings and are vigilant against criminal behavior. This collective effort makes it less attractive for criminals to target such areas, as they are more likely to be noticed and reported by the community.

Examples of Territorial Maintenance:

• Prompt repair of broken windows, damaged fences, or graffiti.
• Adequate lighting to ensure visibility and reduce hiding spots.
• Community engagement and participation in the upkeep of shared spaces.

 

The image to the right is an example of POOR CPTED maintenance. As you can see, the vegetation is growing through the fence line, damaging it significantly and there are various areas where intruders have cut and recut through the fence line. The lack of prompt repair, landscaping maintenance, and lack of illumination, make this industrial facility a tempting target.

In conclusion, territorial reinforcement and maintenance are essential components of Crime Prevention Through Environmental Design. By creating a sense of ownership and responsibility within a community and ensuring that spaces are well-cared for, CPTED aims to discourage criminal activity and promote a safer environment for residents and visitors alike. These proactive measures empower communities to take control of their surroundings and play an active role in crime prevention.

I hope you will watch out for the final installment where we will review the concepts we’ve discussed and how they all can be tied together.

Have more questions about CPTED or would like an assessment? Give us a call at 816-842-3700 and our board certified security professionals will get you taken care of!

By Neal Bellamy, IT Director at Kenton Brothers

As in all security, it only takes one weak link to bring the whole castle down. You can have the best moat, the best turrets, and the best drawbridge. But if there was a secret, unguarded passage and the enemy discovered it, it could certainly lead to your demise. In the commercial access control world, the Weigand Protocol is that un-guarded secret passage.

The Weigand Protocol

The Weigand protocol has been used since the 1980s and is named after the Weigand Effect. The Weigand protocol is used to detect the 1’s and 0’s sent from a commercial security reader to the access control panel. (To be clear, there are two separate transmissions that happen when you present a card to a reader.)

The first communication is from the card to the reader itself. This transmission can be protected by the card technology being used. Both the card and the reader have to have the same technology to be compatible. iClass®, Mifare®, and Felica® are examples of card technology where the transmission is encrypted between the card and reader. Proximity is another type of card technology, but the transmission is not encrypted

The second transmission is from the reader to the door controller. With very few exceptions, the Weigand protocol has been the method to support this transmission. If you have an encrypted card technology (and you should) it’s like encoding a message with the Enigma machine, then translating back to plain German and sending the un-encrypted message on horseback to its next location. If the courier gets intercepted while the message is unencrypted… all of that amazing security of the message has been wasted. If someone could change the message without you knowing, you might even make the wrong decision. You might think this is CIA/MI5 material, but it is way more accessible than you think.

Enter the $25 Weigand interface.

If you look online, you can find a board that can be installed between a reader and control panel that will intercept and log every access card being used. The board is smaller than a poker chip and can be installed behind a reader pretty easily. Once installed, it is powered by the door controller and is completely invisible to the reader and access control system. The attacker can leave it in place for a few days or a few weeks, while it collects every card read. Then, when they are ready, they can retrieve the list of cards from the built-in Wi-Fi interface. If the attacker only needs access to get into that single door, they can even “replay” the card number from the Weigand interface back to the door controller, probably granting access. If they need access to multiple doors, they could use the information to recreate identical cards to the ones you are using.

Placing one of these Weigand interfaces at the front door of a facility could be devastating for your building security.

OSDP = Open Supervised Device Protocol

There is hope. The answer is to also encrypt communication from the reader to the panel.

Open Supervised Device Protocol (OSDP) aims to do this and more. OSDP has been an international standard since 2020 and is all about encrypted communications. It also adds bi-directional communication with readers (know when readers are offline/disconnected), allowing more than one reader on a port, etc. Over the last couple of years, board and reader manufacturers have been implementing OSDP into access control hardware. While not every manufacturer or model supports OSDP, support is growing. For most systems, OSDP can be added on a door-by-door basis. You can convert high-profile doors to OSDP while waiting to upgrade low-risk doors if your budget doesn’t support an all-or-nothing approach.

I need to mention a side note here for Gallagher. When I first encountered Gallagher security products in 2010, they were already using their HBUS technology for their readers. While Gallagher supports OSDP, the HBUS technology provides very similar benefits as OSDP like encryption, bi-directional communication, and multiple readers on a port… but HBUS has been doing it for much longer. An additional benefit with Gallagher HBUS and readers is being able to create your own card encryption key easily. This means that no other organization in the world will have a card that can be read on your Gallagher system. This is not a requirement for Gallagher, but it is super simple to do and is part of our standard procedures when installing a new Gallagher system.

Transmitting card numbers from the reader to your access control panels might be the chink in your access control’s armor. As part of our security standard, KB will make sure you are using encrypted communication from the card all the way to the access control system.

If you need help evaluating the next steps in your access control setup or how to get started on the right foot, let us know! Just give us a call and we will be happy to help.