The perimeter of a site is one of the key locations where physical security measures and controls can be applied to protect both users and facilities. Without proper thought, the perimeter can become a significant vulnerability.
Perimeters are typically quite large and, without due thought, can present an adversary with numerous points at which their chances of a successful or undetected attack are higher. Poorly designed perimeter measures may also increase the number of alarms that need to be responded to.
A properly designed and implemented perimeter should:
- Help deter potential attacks
- Facilitate authorised access to the site for both pedestrians and vehicles through intended access points
- Deny unauthorised access through intended access points
- Provide an enforceable stand-off to reduce the effectiveness of threats located at the perimeter, such as vehicle-borne improvised explosive devices
- Assist in delaying, detecting and denying unauthorised attempts to breach site security
- Provide appropriate facilities to enable security officers to carry out their duties. This should include protection in case of an attack
- Help minimise the risk of collateral damage to people, facilities and infrastructure
- Work effectively with other security measures in and around the site
Before implementing new measures, or modifying existing measures, it is recommended that an organisation understands why measures are required and how they will help mitigate the risks faced. This process should also consider environmental and geographical constraints at the location to ensure measures will function effectively.
It is important to remember that physical security measures are only part of an effective perimeter solution. They must be implemented in a manner that supports organisational processes, both security and site operation, and the activities of security officers. When designing measures it is also important to understand how internal teams, and support agencies such as the police, will respond to incidents.
CPNI has produced guidance to help with the adoption of a risk-based, holistic approach to the development of Detailed Security Requirements (Operational Requirements) for new security measures.