Physical Security and Led Zeppelin’s In Through the Out Door

Physical security (graffiti?) is something that many risk professionals and auditors take seriously. Most organizations issue access cards to their employees, often configured differently to various floors or parts of the office. It’s well known that thieves will sometimes piggy back off someone coming into the office when polite employees hold the door open for strangers who appear to work there. (To mitigate that risk, simply asking “can I help you” will often deter the bad guy.) Alternatively, I’ve seen places install turnstiles in the lobby so only one person can get in at a time.

Doors are often configured so you need to swipe your access card to get into the designated area, while a motion sensor or pushing a button is required to unlock the door from the others side to get out.

Against that backdrop, I’d like to send All of My Love out to my friend Jimmy for sharing this tale. While working late In The Evening,  Jimmy noticed that one of the construction workers working there after hours, had slipped a file folder between the space in the glass doors and Hot Dog!, this tricked the motion sensor into unlocking the door and he got In Through the Out Door.  So much for high-tech security.

After this potential security breach was identified, Jimmy had to deactivate the motion sensor: the only way to exit is from pushing the button and that ended the threat of access by file folder. But here’s the rub: although the button is just 3 feet from the door the door, it releases the lock for less than one second. This is not enough time to get out. Effectively, exiting became a two-person job: you push the button while I open the door. It’s like some Fool in the Rain invented this technology.

In the end, the button was reconfigured to last longer.

One thought on “Physical Security and Led Zeppelin’s In Through the Out Door

  1. Stories that are so unbelievably (and frustratingly common).
    I know that physical access control is not as “sexy” as PSIM and doesn’t have the attention of the press the way CCTV surveillance does, but almost certainly the most effective way to prevent a lot of problems is to lock the door, thereby taking away the opportunity for most of those problems to even occur.
    But for some reason it’s really hard to find any security systems integrators who take it seriously.
    You’re not going to find many people who really understand locking technology and how to install the higher-security locks properly, so most integrators (actually they should be called “installers” generally because there are very few true integrators around) just install magnetic locks because they’re “easy” and cheap. That’s when you start needing pushbuttons and emergency exit devices etc.
    But in the majority of instances these things are either installed in such a way as they completely defeat the primary function of locking the door in the first place or (in many cases I have seen) they actually present a threat to the life-safety of the people using the building.
    There are numerous manufacturers of world class access control systems, but their products are now becoming so commoditize that the end users are driving down the price. Lower prices result in less time for clever people to think about things and less time to do it right. So everyone just does it the easy way and nobody knows any better. End users see situations like the one you describe and they think “these security guys are jokers! When I do this next time I’m going to refuse to pay their high prices, because they don’t know what they’re doing”. End result is even less money to do the jobs and even less involvement from clever guys who could actually make the systems benefit the businesses who choose to use them.
    It can be so much better, but you have to find the clever guys and pay them to do their jobs.

Leave a Reply

Your email address will not be published. Required fields are marked *