Lock Down On Safety
By Jason Contant
It's fair to say many, if not most, people have heard of the so-called "Tylenol murders" in Chicago that claimed several lives three decades ago.
It’s fair to say many, if not most, people have heard of the so-called “Tylenol murders” in Chicago that claimed several lives three decades ago.
It was the fall of 1982 when seven unsuspecting people purchased and consumed what they believed to be extra-strength pain medication, but which turned out to be capsules laced with cyanide. Investigators later determined someone had purchased bottles of pills, laced the contents and returned the containers to pharmacy and food-store shelves in the Chicago area. What the Federal Bureau of Investigation described as “the largest product-tampering investigation in the history of modern law enforcement” spurred stringent regulations in the United States. The person or persons responsible were never found.
Intentional tampering may be rare, but it still highlights the need for security to be top of mind, whatever the circumstances. And security brings to mind products, procedures, measures and personnel, all working together in a bid to keep people safe and businesses protected.
While security may trigger images of hardware — think locks, fences and cameras — a fuller view includes everything from physical barriers and mirrors to safety awareness training and facility access. Also on the list are sturdy exterior doors and door frames, good lighting, emergency telephones, security personnel, watchdogs, alarms and panic buttons.
The Tylenol incident was an example of what could play out in any workplace. “Even in the most tight military base or nuclear facility, if you have the resources and will and knowledge, you can beat almost any system,” cautions Dick Sem, president of SEM Security Management in Trevor, Wisconsin, who has almost 40 years of experience in the field. “What security is about is managing most risks as reasonably as you can,” Sem suggests.
In industrial work environments, oftentimes that comes down to controlling access. While high-level security may be a no-brainer at a nuclear facility, “must-haves” at entry and exit points in an average workplace setting — say, a manufacturing plant, warehouse or food-processing facility — may not be as obvious.
“Almost every food plant I’ve been in has had very loose security,” Sem reports. “All they need is one person to contaminate a small batch [and] they could be put out of business just from the bad press.”
Bruce Gibson, president of Express Entry Exit in Mississauga, Ontario, is seeing some progress — not only in food processing, but also in the pharmaceutical industry and all levels of government. “They want to become more and more aware of how to handle all the traffic that is coming through the front doors,” says Gibson.
Whatever form it takes, access is access — and that may be bad news for security. Consider loading docks or unmonitored entry ways. “Oftentimes, loading docks are very accessible,” says Sem. “I’ll walk by employees and they’ll look at me like, ‘I wonder who he is,’ but nobody will say anything or report me,” he says.
“It really behooves these businesses to control who’s coming and going,” Sem comments. “Obviously, you could come in and steal things, assault [and] in food and beverage facilities, you can come in and contaminate or tamper with product,” he says.
But unauthorized access seems not to receive the same attention as other areas of risk. “If you’re not wearing a hard hat, safety glasses or safety shoes, somebody might say something, but on the other hand, if you’re a complete stranger, you might not be stopped,” Sem offers.
For example, he suggests that non-company truck drivers can prove a “weak point” in workplace security if they are given the freedom to roam around.
In Full View
So how should employers track third parties, including contractors and visitors? One option is a visitor management system (VMS), software that scans and uses information from a piece of personal identification, such as a driver’s licence, to record data onto a badge. This “electronic secure record” can then be used to identify “everybody who has walked through the door from a non-employee perspective,” says Gibson.
Tripped by a bar code scanner, the badges can be used as one-time or multiple-use options that feature the visitor’s name, affiliation, host name, authorized areas of access and expiration time. “You build it into your system that at eight at night, every one of those visitor badges is dead. You can never use it again,” says Gibson.
A similar option is a card-reader type of system for employees and other authorized persons. These systems allow employers to track and control entry into specific areas of the facility, and which doors are used. Most important, the card can be removed from the system once the person leaves the premises, Sem says.
A higher-level reader can also come in handy during emergency management situations by incorporating the number of visitors on site. In the event of an emergency such as a fire or chemical spill, Sem says, “you can just hit a button and it will print out who is on property at this moment.”
With a VMS, Gibson points out, a visitor or contractor can provide a cellphone number — if permitted to carry one on the site — that can be called should an emergency occur.
Gibson suggests one of the biggest advantages of a VMS is its enhanced security compared with traditional sign-in logbooks. Calling logbooks “antiquated,” he notes that a visitor can simply write down any name or company, and rarely does anybody check to confirm the identity of the person. Furthermore, he argues that if a security incident or emergency does occur, “when they come back and look in that logbook, way too high a percentage of time, they can’t make out a person’s name, time [or] date, [and] pages go missing.”
Competitors, hackers and suppliers can also read a logbook to gain confidential information about the business, or visitors can neglect or forget to sign out and return badges. This means unauthorized visitors can use unreturned badges to breach the facility and possibly gain access to employees, restricted areas, equipment, compounds or proprietary data.
Privacy concerns from both visitor and employer standpoints — especially the option to include photographs in some VMS databases — are an obvious issue, says Gibson. While still a grey area, “what companies are telling us is that if you are coming to do business with us as our visitor, we can demand a certain level of information from you or you don’t have to come and do business with us,” he relays.
Work settings that typically use or consider using a VMS include, for example, pharmaceutical facilities, chemical-processing plants, government buildings (municipal, provincial or federal), health care facilities, casinos, and banks and financial institutions, Gibson says.
For high-security workplaces, however, VMSs and card reader systems may be considered too rudimentary to provide adequate protection. That may be where a biometric system comes into play. Using a feature unique to an individual — such as the retina, fingerprint, voice or even geometry of the hands — these systems are clearly at the higher level of security options, but tend to be expensive.
Sem breaks down access control systems, from the lowest to the highest security, into four categories: electronic keypads, mechanical locks and keys, card reader systems, and biometric systems.
The lowest level, an electronic keypad, only “gives the illusion of security,” he comments. That’s because someone can easily see someone else punching in the code, the code can be shared with unauthorized staff, and codes are infrequently, if ever, changed.
Mechanical locks and keys, he adds, may be viewed as less secure because these can deteriorate over time.
But mechanical and electronic systems are only part of a potentially advantageous security mix; there are also options like barriers and mirrors. The latter includes quarter-, half-and full
-dome mirrors, which provide everything from a straight, one-way sight line to “every angle on a four-way intersection,” says Jayson Johnson, a sales representative for Ralston CanSafe, an industrial safety equipment distributor in Fergus, Ontario.
Mirrors are just about everywhere: in convenience stores, distribution centres, pharmacies, hospitals, industrial kitchens, farm operations and manufacturing facilities, just to name a few. However, selecting the right mirror demands looking at a workplace’s specific needs and design. The general rule, says Johnson, is that “for every foot you want to see, you need roughly an inch of mirror. So if you want to see 25 feet away, you go with a 26-inch mirror.”
Of course, the needs of a convenience store will differ from those of a distribution centre. “If you want to see if somebody is putting something in their pocket, maybe you need a bit bigger mirror,” Johnson says. “But if you just want to know if there’s a machine coming down the aisle or someone coming around the corner, then one inch for every foot is a good rule to go by.”
Frank Dawood, president of Nova Coating Technologies Inc., a manufacturer of mirror-grade products in Mississauga, Ontario, says he has heard estimates of one inch for two or three feet of required viewing distance. “If they want a wider viewing distance, they would buy a bigger dome,” Dawood says. His company offers mirrors in 18, 26, 29, 36 and 48 inches, but customized units are also available.
As for the best material, Johnson says mirror-grade acrylic is preferable to glass because, “believe it or not,” it provides a better and clearer reflection.
A good complement to a mirror is a closed-circuit television (CCTV), says Dawood. “What happens is the CCTV camera can only cover a certain amount of space. So what [his customers] do is they bounce a camera off the mirror to get into the hidden spots.”
Sem suggests that a video camera system can serve three functions: deterrence (its very presence may help prevent theft or robbery), real-time monitoring and as an investigative or forensic tool (for example, following a crime or security incident).
“One thing you definitely shouldn’t do is have dummy cameras. That creates a false sense of security,” Sem cautions. “If you have cameras, they should be real ones doing real work.”
In workplaces such as gas stations and transit vehicles, cameras may be used in combination with physical barriers or protective shields. Ron Gabruck, director of safety and security for the Edmonton Transit System (ETS), says the service has been experimenting with safety shield prototypes. “It’s a sense of security. It’s not going to stop everything, but it may, in fact, prevent them from being spat upon, for example,” Gabruck says of transit operators.
But it is also critical to ensure that worker buy-in has been achieved if a security option is to function as effectively as intended. “Our operators have been clear they don’t want to be caged in at all times. They want the ability to remove the shields,” Gabruck says.
The ETS is considering other security options, including a new radio system, scheduled to be rolled out this spring. There is also the possibility of tracking both transit operators and vehicles through GPSs.
Protecting personnel is one benefit of a physical barrier; another is preventing damage to a facility, suggests John Weber, president of Omega Industrial Products in Saukville, Wisconsin. Physical barriers are effective in high-traffic areas at workplaces where vehicles and people frequently mix, such as in distribution centres, says Weber.
Whether a company or organization decides to go with a VMS, mirror, barrier or a combination of numerous security options, choices will ultimately depend on the application and the level of security required.
Needless to say, security products, procedures and measures are of little use if employees are not trained how to properly handle them. As such, it is “critical” that there be some underlying awareness of the safety issues, Sem suggests.
“That’s probably the most powerful, the least costly and the most neglected security measure of all,” he says.
Jason Contant is editor of CANADIAN OCCUPATIONAL HEALTH & SAFETY NEWS.
Hard Choices On Software
Bruce Gibson, president of Express Entry Exit, a provider of visitor management system software based in Mississauga, Ontario, recommends that any such system offer the following features:
• all required languages (more than one language may be needed for those companies that have business operations in multiple countries);
• capability to identify returning visitors (such as contractors, consultants, expected visitors and visitors on a watch list) and to notify the host employee of a visitor’s arrival;
• ability of employers to register visitors through a remote self-serve kiosk when employee entrances and remote entries are used;
• compatibility with common computer systems, bar code and proximity card scanners; and,
• ability to easily and quickly generate detailed reports of visitor traffic by employee, department or building. This may prove particularly helpful in emergency situations.
A Clear Picture
For something like violence, which can occur from within or without, options for determining security needs include performing a security survey, a risk assessment and/or a security vulnerability assessment.
Why would an organization conduct a survey or an assessment? Information from SEM Security Management in Trevor, Wisconsin points to, among others, the following reasons:
• there is a need to understand the real risk, threats and vulnerabilities and to evaluate the effectiveness of existing and planned security measures;
• a security loss incident, violence, theft, threat, attack or other compromise has occurred, and there is a need to prevent or mitigate recurrence;
• a significant change is occurring, such as a new process or construction of a new building, significant hiring or layoffs, acquisition or merger, potential strike or work stoppage;
• there is an industry-or government-driven requirement to perform assessments; and,
• the organization wishes to evaluate, benchmark, validate and/or test existing security programs or assessment/audit methodologies.
A properly conducted assessment can, indeed, offer peace of mind by letting an organization know whether or not its security program properly and cost effectively addresses real risks and threats, increases awareness and appreciation of security and loss prevention, mitigates security-related liabilities, and reduces security expenditures while maintaining or increasing levels of protection.