The Weakest Link

As I entered the administrator’s office, he asked if I had been able to defeat his building’s access control system. I had. In fact, I had signed into the building as“Ted Bundy” without showing identification and without an escort being called to walk me to the floor I was visiting… as required by the building’s access control procedures. I also told him that I had listed the reason for my visit as“to smuggle in weapons.” I then pulled a submachine gun and four handguns out of my shoulder bag (all rendered inoperable by a gunsmith). His eyes grew wide as I described how easily I had not only defeated his sign-in procedures, but his entry point metal-detection system as well. I had also found a floor plan on a vacant receptionist’s desk that listed the office locations for every key administrator in the building. I had been able to locate and speak to several key administrators while carrying my little arsenal undetected. Because of the building’s location in an urban area with a high rate of violent crime, he found these gaping holes in his security system disturbing.

The administrator had hired me to test his security system after a series of serious crimes had occurred in a new, eight-story administration building despite the presence of a million-dollar security camera, an access control system and a large security guard force. Aware of the vulnerability of his building and the people it houses, he had learned that he needed to spend more than $250,000 to correct the deficiencies that could have been spotted by an expert’s careful review of the building’s plans during the design phase. To his credit, he acted as soon as he realized that the building had serious gaps in security. Others have not been so quick to address security deficiencies, with devastating results. Just as the French learned in World War II, an impressive-looking defensive system can be easily defeated if there are vulnerabilities that remain unprotected. The original designer of the Maginot Line emphasized the fortifications would only protect France from invasion if adequate forces were available to prevent the Line from being outflanked. In a book written years before World War II, German General Hanz Guederin described how France could be defeated by using fast-moving armored forces to outflank the Maginot Line. The French apparently did not read his book, but Adolf Hitler did. Just as France was soundly defeated when the German Army exploited a weakness, the criminal element can exploit the weakest link in a college’s or university’s security strategy. Sometimes, taking a look at our defenses from a criminal’s perspective can help us identify and correct vulnerabilities.

Qualified safety consultants can be helpful, or asking a trusted safety colleague to visit your campus to look for vulnerabilities can prove to be beneficial. While the annual tactical site survey process and a careful review of reported incidents should be combined with student and staff surveys to identify areas in need of improvement, the Red Team approach has proven to be effective in closing the gap between the existing level of security and measures that should be in place.

Often used in high-security operations like nuclear power plants and military installations, the Red Team approach involves having an outsider see if they can compromise a facility’s or organization’s security. While it is not realistic or practical for an institution of higher learning to use Special Forces troops to try to breach security measures, a lower-intensity approach can prove invaluable in demonstrating security inadequacies and identifying solutions. With a dose of common sense and being careful not to create any dangerous situations or fear, this concept can be an excellent way to convince high-level administrators of existing vulnerabilities. A proactive safety strategy involves a fair amount of reflection and evaluation on what may take place in the future, rather than focusing entirely on what has occurred in the past. The Red Team approach is an excellent way to keep the future a safe one. What gaps would a Red Team test reveal in your institution’s safety program?

Michael Dorn is an internationally recognized campus safety expert who has authored and co-authored numerous books on the topic. He is the senior public safety and emergency management analyst for Jane’s Consultancy. He can be reached at .

About the Author

Michael S. Dorn has helped conduct security assessments for more than 6,000 K-12 schools, keynotes conferences internationally and has published 27 books including Staying Alive – How to Act Fast and Survive Deadly Encounters. He can be reached at