Best Practices for physical security of facility

5 views
Skip to first unread message

Len-IDEA

unread,
Apr 25, 2017, 6:27:13 PM4/25/17
to Campus Forum
Posted on behalf of IDEA member utility:

 

     We are doing a review of our physical security for our plants.  Was wondering if there are any best practices that can be helpful to understand DE benchmarking or how our peers approach this risk area.

Edward T. Borer Jr.

unread,
Apr 26, 2017, 10:01:08 AM4/26/17
to campus...@googlegroups.com

I would not consider what we do “best practices” but for comparison:

·         Our plant is continuously staffed by at least three people on all shifts.

·         Weekday shifts we have about 10 people in the plant (operations, maintenance, management).

·         We are a small enough group to recognize anyone who doesn’t belong there.

·         All staff are expected to challenge unfamiliar visitors who are not escorted.

·         All outside contractors are required to check in with the main control room upon arrival and before leaving every day.

·         Doors are not always secured during weekday shifts. We are discussing a change to that protocol.

·         Vehicle and loading dock entrances are only operable from the inside. They can be secured with a roll-up door or expanding metal gate to allow fresh air and sunlight into the plant.

·         We use keys for doors and padlocks. We are considering moving to a card-access protocol for main entrances.

·         During second, third, and weekend shifts all doors are supposed to be secured. This is hard to enforce 100%, but we are improving.

·         We have a simple video/voice intercom between the main personnel entrances and the control room.

·         Roof access scuttles are secured with a padlock unless they are in use.

·         Access to the thermal storage tank ladder, tank sump, and plant chimney ladders is secured with key locks.

·         We take IT security very seriously and have a dedicated server room within the plant for the plant SCADA and related devices. This requires card access and permission is limited to a very small population. It is visible from a control room. All SCADA panels are fitted with hard locks. Many additional details here.

Ted Borer, PE, CEM, LEED AP

Princeton University

Energy Plant Manager

MacMillan Building, Elm Drive

Princeton, NJ 08543-2158

Ph:(609) 258-3966

Fx:(609) 258-2298

Cell: (609) 731-2327

Home: (609) 466-3322

etb...@princeton.edu

 

Scientific evidence for warming of the climate is unequivocal.

Intergovernmental Panel on Climate Change

http://climate.nasa.gov/evidence/

 

“It would go a long way to caution and direct people in their use of the world, that they were better studied and knowing in the Creation of it. For how could [they] find the confidence to abuse it, while they should see the great Creator stare them in the face, in all and every part of it”

William Penn, 1693

--
You received this message because you are subscribed to the Google Groups "Campus Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to campus-forum...@googlegroups.com.
To post to this group, send email to campus...@googlegroups.com.
Visit this group at https://groups.google.com/group/campus-forum.
For more options, visit https://groups.google.com/d/optout.

Russell Thompson

unread,
Apr 26, 2017, 3:24:37 PM4/26/17
to campus...@googlegroups.com

For our two chiller plants and two steam plants:

·        All access points to facilities is via card swiped controlled doors (24/7)

·        All visitors are checked in by admin or control room operator via video/voice intercom

·        External areas of concern (gas regulation stations, chemical storage, etc) are gated and card swipe controlled

·        Main control room in plant has additional card swipe with even more limited access

·        Recently completed installation of cameras covering external areas adjacent to plants and most internal equipment areas.  These are monitored in central utility control room with recording in university’s data center.

 

Regards,

 

Russell Thompson

Director of Utilities & Engineering

Facilities Management Department

Duke University

O: 919-660-1494

C: 919-323-9300

Manning, Robert

unread,
Apr 27, 2017, 12:08:34 AM4/27/17
to campus...@googlegroups.com

Also won’t claim “best” practice but a few other things that may be “better” practice:

 

Card access system should be two factor (something you have and something you know), so in our case that means the card reader also has a keypad.  Use your card and punch in PIN.  That way if you drop your card on the way out it can’t be used by someone who finds it during the intervening time before losing it and realizing it is missing.

 

If perimeter of plant (all doors /access from outside) is two factor, then it may be acceptable to have interior spaces just card access.

 

Doors with card access still need to be keyed (with limited distribution keys) for emergency backup.  In all cases using a key should trigger alarm.

 

Card access should move away from swipe (magnetic strip) to touch (proximity)

 

Camera system linked to card access system (auto pan and zoom on door being activated, alarm being received, etc.)

 

Any door/access not in regular use that is padlocked instead of card access should still have a monitored alarm that detects when it opens

 

 

 

Bob

Reply all
Reply to author
Forward
0 new messages