The other day I received an email from a DHS official asking if I would consider writing a blog about the use of armed guards at chemical process facilities. DHS is working on their guideline document for Risk Based Performance Standards and the question came up about armed security guards. It would be contrary to their Section 550 charter for DHS to specify whether or not guards should be armed, but they would like to provide some coherent guidance for facilities to use in developing their Site Security Plans (SSP).
DHS is certainly not looking for me to provide guidance. I think that what they are looking for is a dialog to ensure that all sides of the issue are examined by a variety of sources. Blogs can be part of that dialog, especially if the readers get involved in providing feedback.
There is no single answer
Like most things in the security arena, there are almost certainly no hard and fast rules about whether guards need to be armed. Each facility will have to make their own decision based on the facts on the ground, the level of threat, and their integrated security plan.
There is one certainty. The decision will have to be a deliberate decision, well documented and understood by all members of the security management team. If anything goes wrong, the decision will certainly be second guessed. I would also expect that DHS inspectors will ask questions about which ever way the facility goes with its guard force.
Guard Force Missions
Before we can examine the pros and cons of armed guards we need to look at the missions that guard forces may be called on to perform. Gone are the days of guards just standing around, opening and closing gates. They will have a number of important missions to perform as part of the Site Security Plan (SSP) for high-risk chemical facilities. Those missions may include:
- Access Control : Facilities will be identifying critical areas that will require access controls to prevent unauthorized personnel from accessing sensitive equipment, chemicals and processes. One method of access control is to use place a guard at the entrance to the restricted area. Generally speaking the perimeter fence will define the primary restricted area (the entire facility), so Gate Guards are performing Access Control.
- Perimeter Patrols : The facility fence line marks the perimeter but does not act as a barrier to penetration. A well trained operative can penetrate standard fences as quickly as most people can walk through the front gate. To turn fences into security barriers facilities must keep them under surveillance. Perimeter patrols are one method of doing this.
- Security Escorts : Personnel who have unaccompanied access to critical areas will have to be part of the personnel surety program for the facility. There will be occasions where personnel not in that program have a legitimate need for access to those areas. They will require escorts while they are in those critical areas. Security personnel can be a resource for those escort services.
- Security System Monitoring : As facilities employ more electronic security systems to monitor perimeter fencing and critical areas within the facility, the output of those systems will have to be continuously monitored. This is a prime security force function.
- Counter-surveillance Operations : As I noted in an earlier blog (see: "To Stop an Attack, Spot the Surveillance") a successful attack is always preceded by surveillance. Detection of that surveillance through the use of counter-surveillance operations can allow that attack to be prevented.
- Incident Investigation : Effective security systems will have false alarms. Security forces are typically charged with investigating each alarm to determine if it signals an actual security breach.
- Intrusion Response : When the security perimeter is breached; whether it is by a common trespasser, a thief, an industrial espionage agent, or a terrorist; the security force will respond to that intrusion and detain the individual.
- Counter-force Operations : In the event of the worst case scenario, a full scale terrorist attack on the facility, the security force will be called on to respond to the attack with a counter attack to protect the facility, facility personnel and the surrounding community.
Electronic Security Systems vs Security Forces
With continuing advances in electronics and robotics many of these missions can be at least partially performed by electronic security systems. Computer integration of perimeter sensors and CCTV (see: "Security Equipment Review 2-8-08") can allow for the elimination of routine perimeter patrols. Biometric access devices can keep entrances to restricted areas locked to unauthorized users. Robots are being developed that can be used for incident investigation.
These systems can be used to augment security forces and even to reduce the number of security personnel required onsite. For the foreseeable future these devices will not be able to replace a guard force. An integrated site security plan will include a reasonable balance of security devices and security personnel.
Onsite vs Offsite Security Forces
Few facilities are going to be large enough (physically and financially) or at enough risk to maintain or require an onsite security force large enough to perform each of these missions 24/7. There are areas of the world where this is a requirement, not an option; the Niger Delta oilfields come to mind. Facilities in the United States will be hard pressed to justify such a full-time guard force to their shareholders.
A possible alternative for most facilities is to contract with a security firm to provide most of these manpower intensive services on an as-needed basis. Many of these firms can provide on-call security escort services when contractors are going to be working in critical areas. Small teams may be available to perform incident investigation and intrusion response services. If an appropriate threat is identified, even counter-force teams are available at a price.
A less costly alternative is the use of local police forces for investigation and response services. Police forces are trained in incident investigation and intrusion response. They have full authority for making arrests and detaining suspects. And, from a financial planning point of view, their services are already being paid for.
There are four main drawbacks to using third-party off-site security personnel:
- Response Time : Slow response times may mean the difference between suspects being detained at the fence line and intruders being in sensitive areas of the facility.
- Facility Familiarity : Chemical manufacturing facilities can be very convoluted and difficult to navigate. Offsite personnel will not have the level of familiarity with the layout that onsite personnel would.
- Hazard Familiarity : Chemical facilities are full of a wide variety of hazards, chemical andotherwise. Offsite personnel are not going to be intimately aware of these hazards. They have a higher probability of doing something that would increase the risks of a given situation.
- Personnel Surety : Facility management surrenders control of the background investigations and other personnel surety functions over these third party responders while retaining the responsibility under 6 CFR part 27.
Each of these drawbacks can be resolved with adequate planning and frequent training and response drills. Anyone that is contracting for or coordinating off-site response for security incidents needs to insure that any agreements include requirements for frequent site visits and drill responses by those security personnel.