How physical security, cybersecurity, and law enforcement can collaborate to improve campus safety
By Bruce A. Canal, CPP
Physical security software and hardware have come a long way in recent years. Yet while systems like access control, intrusion monitoring, and video management are powerful tools, it’s how we use them that matters.
With data breaches on the rise across the world, strengthening our security systems has become an urgent requirement. The human side of security also needs attention, as security departments and law enforcement alike are increasingly asked to do more with less.
A holistic approach to security, involving stakeholders from physical security, cybersecurity, and law enforcement is essential to ensure comprehensive safety and security. The best way to support this is with a unified software platform that brings together intelligence from disparate systems and supports collaboration by all stakeholders.
Improving How We Communicate and Share Information
A unified physical security software solution breaks down silos to ensure team members are connected and informed. It makes it easier to share information between physical security departments, cybersecurity specialists, and law enforcement agencies.
When there’s an active event, time is the enemy. You want all the information that you need to be easily accessible. With a unified platform, first responders can access real-time video footage and quickly communicate new information as an incident unfolds using their smartphones or other mobile devices. Better intelligence and situational awareness results in better decisions so security teams can respond more effectively and efficiently.
A unified platform can also support a more proactive prevention approach to security. Instead of ad hoc methods of communication, a unified platform organizes and streamlines channels. Thus, it’s easier to spot and monitor unusual activity on campus and then share that information with others. Teams can share threat intelligence in real time, enhancing situational awareness and identifying potential risks and vulnerabilities before they become active threats.
Collaborative Incident Response Planning
In addition to a unified platform, preparation is key for strong campus security. Bring all stakeholders into a room and open a dialogue. This should include not only internal departments but anyone who would have a role to play in an emergency scenario. Consider who could assist during an incident. Include public safety, emergency management, and even community or volunteer organizations.
Many campuses find it helpful to create an internal threat assessment team to anchor this work. Involve representatives from facilities, physical security, police, cybersecurity, counselors, deans, and so on. Ensure that everyone around the table is educated about the capabilities of your physical security platform.
Together you can effectively map out a comprehensive incident response plan and standard operating procedures (SOPs) to address foreseeable threats. If you don’t have the internal expertise to develop an emergency response plan, consider partnering with other schools to share resources or hiring a consultant.
Aligning Security and IT Policies and Procedures
Once you’ve mapped out your incident response plans, begin coordinating efforts to align physical security policies and procedures with cybersecurity best practices. Strong cybersecurity policies help ensure that your systems are operating smoothly during an event and proactively protect against cyberattacks.
As a simple example, when you install a new security camera, change the default password to something more secure. How to configure the new password, where to store it, and who can access it can all be clearly documented to avoid confusion.
Likewise, policies around privacy and data protection should be considered alongside security protocols. In a campus setting, you don’t have to compromise privacy for the sake of security. Modern video management systems can be configured to blur faces by default to allow security teams to monitor the campus while still maintaining privacy. In the event of an incident, investigators can lift the mask to identify people on an as-needed basis. Within a unified software platform, digitized SOPs can automate privacy processes and permissions and make it easier for everyone to follow the set protocols.
Ongoing Training is Essential
Continuous education promotes a culture of security and emphasizes the role each of us has to play in keeping everyone safe. Once you have your SOPs, policies, and plans in place, set up a regular cadence of training and education. In times of crisis, staff will respond.
An example could include a tabletop scenario to test your response and identify potential oversights or weaknesses. In this role-playing exercise, stakeholders run through what they would do and what problems or challenges they might face. This exercise is not only a great way to rehearse what you would do but can also reveal blind spots or other stakeholders who could be involved.
It’s beneficial to involve students in practice drills as well. You probably already have a regular program of fire drills. Consider what other kinds of emergencies your campus may face and what students need to know to be able to respond effectively in a crisis. Everyone on campus needs to know what their role is in the event of a natural disaster or emergency. Student preparation and practice will relieve any anxiety students may have about potential tragedies.
Likewise, every person who regularly accesses the campus network should be educated on basic cybersecurity best practices. These include changing default passwords, avoiding password-sharing, and keeping software up to date. Criminals look for soft targets. Don’t make it easy for them to find a weak point of entry into your system.
Creating Public-Private Partnerships
Schools can’t operate in a silo. Proactively building strong relationships with local law enforcement and other stakeholders makes you more resilient in times of crisis. One of the ways some schools have approached this is to formalize public-private partnerships. They can share resources, expertise, and best practices to improve crime prevention and emergency response.
The school resource officer program is a great example. The role of this officer is to provide support to the school community, including students, parents, school staff, and administrators. It’s a longstanding and effective program that supports community police work by focusing on prevention and early intervention.
Federating technology with local law enforcement is another example of an effective public-private partnership agreement. Police can easily access information in video management systems or other technologies to reduce friction and speed response in an emergency.
A camera registry program also allows police to leverage surveillance video from private cameras to assist in investigations. Police can’t access private security information at any time—they still need to ask permission. A camera registry program makes it easier and faster for police to submit the request.
Collaboration between physical security, cybersecurity, and law enforcement specialists is key to enhancing campus safety. A unified security platform improves communication between these teams and departments to proactively plan for joint responses and formalize procedures.
This multi-layered, holistic approach to security helps defend against modern security threats, which can come as easily from a weak password as a broken window.
Bruce Canal is Account Executive, Education, at Genetec, Inc. He joined the company in 2023 and is responsible for developing and driving business strategy for the education vertical. He brings over 25 years of education-related security experience. Bruce is the former director of physical security for the eighth largest school district in the United States and previously served as an officer for the Indiana State Police.