My children are out of schools now, but I am always shocked at what I see on CNN’s Nancy Grace Show — all the terrible people who are snatching little girls on their way home from school. And what about the janitorial staff in some schools who don’t take time for the routine background check and find later that these men just rotate through the different schools looking for young victims.
I have been discussing this with some of my ASIS friends who do these types of assessment and they agree that sometimes it seems like the school management is not interested in a REAL security assessment, but instead just wants to punch the ticket so they can say it’s been done.
Conversely, they also find organizations who want to justify an expensive camera system, but totally ignore the basics….One of my friends wrote to me and said, “I have yet to see a school that has not spent a few thousand on detection systems to protect a few thousand dollars of computers but nothing on educating the staff and students on how to respond to critical events in conjunction with the first responders”.
He continued…. “ 99% of all of the school vulnerability assessments I have performed shows
is this: CCTV and Access Control systems are truly useful tools, but they follow the principle of responding after the horse has left the barn, when they should be putting time and smaller amounts of money into such things as fencing and meaningful emergency exercises to prevent and mitigate the threats. Dependence upon electronics is lulling the schools into a false sense of security – the real assets aren’t the computers – the real assets are the kids and staff. An effective true vulnerability risk assessment would show the way to making more informed decisions”.
The same thing happens to organizations who want to spend money on fancy, shiny, IT stuff, instead of doing boring things like:
1. Making sure the staff gets enough training.
2. Making sure that security plans are updated annually.
3. Updating the background checks.
Controls that cost less than $1000 are usually ignored for big purchases like digital color camera systems. We had one incident I remember where the organization had already paid for and installed the fancy camera system, but no one was available to do the monitoring!
Training in how to use new systems is also another area that often gets neglected and it is probably the SINGLE, MOST IMPORTANT PART of any new system. More than one organization didn’t keep using the new visitor management system because the staff never took the training and didn’t understand how to use it. Without that training, you might as well save your money.
And while we’re on schools – I actually got a letter from a big inner-city school district, and it was on letterhead and it said, “We regret that we cannot do a security risk assessment but we feel that if we identified particular risks, we might be liable if we did not fix them in a timely manner.”
YES – if you identify a terrible security problem and don’t fix it – you could be held responsible – but what if you have three teachers killed, or three students – Security shouldn’t just be about liability. It should actually FIX something.
One of the more successful schools assessment projects I have seen lately is down in Florida, where one of the schools is involving parents, as well as staff, in the school security program. There are online security guides that parents have to view, and they actually track it to make sure the parents are taking the online security training.
I got re-interested in the schools when I saw an HBO documentary on a Baltimore school that was having problems complying with the No Child Left Behind legislation, it’s called “Hard Times at Douglass High”. It outlined many of the problems that large city schools have to face, and although the documentary didn’t focus on security, security is always an issue.
Again, it’s the risk assessment that can give a school, whether it’s a public school, private school, magnet school or charter school a good overview of the security controls they have in place and what they need to do to improve. By setting up a program that REGULARLY assesses the school’s security profile, and does a cost benefit analysis on potential controls, the school will go a long way in protecting the interests of the students, the staff and the parents.