5 June 1998 link to Tempest Security Systems, Inc.

Progressive Architecture, March 1995, pp. 78-83.

Building Security: An Architect's Guide

Security systems are now more complex, with system design shaped by a host of factors. Here's a primer on the most important issues.

by Walter Cooper and Robert DeGrazio

Walter Cooper is a partner and Robert DeGrazio is a security consultant with Flack + Kurtz Consulting Engineers in New York. Anthony Nuciforo, associate principal, and Kenneth Silver, associate, also contributed to this article.


Security system design depends on the building type and location, and on what needs to be secured. Systems must also be responsive to codes and regulations, appropriately interactive with other building systems, cost effective in both the short and long term, and adaptable enough for foreseeable needs. Finally, security needs should be addressed early in the design process.

Building security is not just about installing the latest electronic gear and software package. Nor is it just a consideration for building types with highly specific occupancy considerations. Increasingly, buildings of all sorts are candidates for the kind of careful security planning that proceeds hand-in-hand with the architectural design process. To ensure an appropriate and cost-effective level of security, architects need to acquaint themselves with the range of security factors that affect design.

Security Against What?

The first question always has to do with what a security system is designed to protect. Obviously, a security system's most important job is to provide safety for all the employees, the staff, and the visitors who use a building. But security considerations go far beyond this. Access control very often extends beyond merely controlling who may enter a building - and monitoring when and where they do so - to include the control and monitoring of the specific people permitted access to particular areas within a larger facility. For different sets of reasons, a range of different building types - healthcare facilities, banks, hotels, offices with sensitive data storage areas - all require such concentric layers or levels of access control.

As that brief list of building types begins to make clear, security considerations are hardly limited to protecting people. All of a building's contents need protection from damage or loss. That's immediately obvious, of course, for warehouses and retail outlets, banks, and pharmaceutical storage rooms in hospitals, where pains must be taken to prevent the theft, respectively, of merchandise, currency and negotiable securities, and drugs and controlled substances. But it's also clear from even this partial list that control of access must always be complemented by control of egress, that is, who leaves a facility and what they're allowed to carry out.

In technically sophisticated facilities, it's not just material property but information - and the systems that carry it - that must be protected from harm. In many contemporary facilities, data and data systems rank second in value only to people, and it's vital to remember that data must be protected not only from loss but, perhaps more important, from damage that could lead to "down time" and the financial and institutional chaos that might result.

Already, one can begin to see how security is not a separate, stand-alone concern but ties into a host of other considerations bearing on all a building's systems, including power, telecommunications, and other vital utilities. The connection between security and fire protection is obvious, as is, for example, the link between security and seismic engineering in earthquake-prone zones. But taking the safety of data and data systems into account shows that such things as adequate backup and systems redundancy are also security considerations. What's more, the integrated infrastructure design being incorporated into many new facilities links security to all the other building information systems. For example, connecting access control to electronic personnel records means that "security" can in these cases no longer be considered a separate system at all. Thus, selection and design of an appropriate security system become ever more dependent on knowing something about all the other systems a building will use.

It's important to note that in some kinds of buildings the potential dangers from within a facility are as great as any that might come from the outside. This is true, for example, in many laboratories, where the presence of hazardous materials adds yet another variable to the security needs an architect must consider. Here, again, egress turns out to be as crucial as access, since the effectiveness of such a lab's security system depends on how efficiently the facility can be evacuated in case of accident.

Two other purposes of security - important ones, though seldom discussed - should also be mentioned. First, security systems and devices (e.g., closed-circuit TV cameras) play an increasingly large role in reducing facility owners' liability to lawsuits. Second, security components not only protect against harm but can provide crucial documentation in the investigation of crimes that have occurred.

Issues to Be Considered

Waiting until the last stages of the design process to begin thinking about security system requirements can spell trouble for budgets and construction schedules, and is a sure way to guarantee that the system installed will be less than optimal. Such was the case with a recent New York City university facility we worked on: security issues hadn't been dealt with up front by the building's designers, and, when security engineers were brought on board late in the game, they found there was no room for housing security system equipment. This necessitated a good deal of redesign, stalling construction and inflating costs unnecessarily.

Without attempting to make a complete list of the security-related issues architects should be aware of at the outset of a design, let us mention several of the most important. First, effective security is always an interplay of three elements: natural and architectural barriers, including anything from landscaping strategies that discourage access, to the number, location, size, and type of doors and windows; human security, including the protection provided by guards and other personnel; and electronic security, provided by any one of the array of systems now available.

Deciding on the optimal mix of these elements can involve many factors, but one important variable is the building's location. For example, a suburban facility may allow ways of incorporating physical barriers into landscape design that would not apply in an urban setting; a building located in a region (or country) where labor costs are low would permit greater use of human security than would be possible elsewhere. Staffing considerations should play another role in guiding the selection of a facility's electronic security system: the degree of that system's sophistication should depend, in part, on the number and skill of the personnel who will be available to operate it.

Local building codes regarding ease of egress during fire and other emergency situations present another set of issues affecting building security. The Americans with Disabilities Act has added yet another regulatory layer. The design strategies that will ensure that a building is both secure and accessible to the disabled need to be carefully thought out, especially since this is new territory that remains relatively unexplored. Just one hypothetical example should suffice to demonstrate the kinds of new variables the ADA introduces: an ADA mandate that a facility be accessible to the hearing impaired might mean that voice intercom must be supplemented by a visual intercom system, which in turn would alter the architectural requirements of an entry vestibule in which the intercom is located.

Another important design factor is the potential offensiveness of security systems. Security systems must often be designed in such a way that access control is not obtrusive, that users of a facility don't feel intimidated (and that legitimate visitors aren't made to feel unwelcome) by security devices, that employees' privacy is reasonably respected, and that restricting access to certain areas within a facility doesn't make those who are excluded feel like second-class citizens. Though such psychological issues pertain to a wide range of building types, they are especially germane to facilities such as hospitals and hotels, where the need to restrict access must always be balanced against the desire to provide a welcoming environment.

Aesthetic issues are related to this last set of challenges, though it's important to remember that aesthetic issues are seldom only aesthetic. For example, poor security-system planning at a Manhattan office tower complex created a doubly unfortunate situation: access control requirements were figured into the building's design after occupancy, meaning that large sections of what was a spectacular lobby are now cordoned off. The barricades and turnstiles belatedly introduced not only ruined the lobby's beauty, they also created huge, frustrating pedestrian-traffic bottlenecks at the beginning and end of the business day, since these turnstiles impair egress as well as access.

The kinds of security issues that must be considered always depend in large measure on the kind of building being designed. Designers of retail stores, for example, must pay close heed to security at loading dock and delivery areas and at customer and employee ingress/egress points; hotel architects must weigh security concerns against the importance of maintaining free public access to many hotel areas.

Tailoring Systems to Building Type

Among building types, healthcare facilities present so many security-related challenges to an architect that it's worth focusing on them in more detail. The need to achieve security while not impeding legitimate access is acute in hospitals and other healthcare facilities, making it especially crucial to attend to security considerations in the earliest stages of design. Recently, requirements have grown even more complex as more and more hospitals have tended to locate outpatient-care facilities outside the hospital proper. Where this is the case, the main and auxiliary buildings may have quite different security needs, intensifying the necessity for careful coordination of the different parts of a healthcare campus.

In designing healthcare facilities that are sympathetic to security needs, architects must take "do not impede" as an almost Hippocratic maxim. This applies not only to the flow of people in and out of the building but to the flow of materials as well. It's important to note that those areas of a hospital that are most sensitive in terms of security are also likely to be among the busiest: thus a pharmaceuticals depot must not only be utterly secure but also easy for those with legitimate access to use. This can affect a design in numerous ways, from the location of pharmaceuticals rooms to the width of corridors surrounding them.

Specialized functions within healthcare facilities also show how security needs are sometimes intimately linked to other aspects of facility management. This can be clearly seen in the containment and disposal of infectious and other hazardous wastes, where physical spaces and procedures must be carefully monitored to prevent liability suits. Space planners responsible for the design of staging and shipping areas for such materials need to be apprised of the range of security and related issues involved.

Of course, certain highly specialized building types - airport terminals, animal-research laboratories, prisons, casinos - carry enormously complex security needs, and the security design of government facilities is often regulated by specific codes with which the architect must comply. In every one the integration of architecture and security is essential.

An Integrated Design Approach

Integration occurs in two related ways. First, design strategies should be informed by security considerations from the beginning of the design process. This kind of integration involves architects' familiarizing themselves with the specific security issues of a proposed building, and in many cases may require that architects seek the advice of security consultants at a very early stage. Security engineers' input can help space planners minimize the amount of electronic security a finished facility will need - a vital consideration given the expense of electronic systems and the amount of technical expertise some systems require to operate. Security engineers can also help architects optimize a building's security system through the placement and size of perimeter barriers, windows and doors, corridors, stairwells, and so on.

Interaction between the architect and a security consultant can also help with the minutiae of architectural specification and decision making. For example, if a client plans to begin with a system of mechanical locks, but hopes to convert to electronic door locks at a later time, the security engineer can ensure that adequate conduits, cables, and spaces to ease that transition are installed at the beginning.

Second, intelligent security planning means taking advantage of the integrated infrastructure components now available. This entails planning up front for the spaces, pathways, and low-voltage communications backbone that will serve all a building's systems - not only security but fire protection, building management, lighting controls, and the audiovisual voice and data systems. Such integration is essential for future flexibility: when security information is no longer carried on a dedicated, point-to-point system, but instead shares the same media (cabling, etc.) used by other systems, all of them can be extended or rearranged at the same time. Since large, complex security systems often undergo extensive updates and renovations over a facility's lifetime, this integration can minimize costs over the long haul.


Ensuring that a security system will be sufficient and suitable for a facility's needs involves the balancing of many variables. By taking security considerations into account from the very start - and maintaining that awareness at each stage of the project - architects can help ensure that a building will be adequately protected, free of the kind of security overkill that often results when equipment is added at the last moment.

Security System Components

Lighting: One of the most basic (and cheapest) components of a security system. Carefully designed and coordinated interior and exterior lighting systems can exert a significant deterrent effect.

Perimeter control: Includes elements such as fences, walls, and landscaped berms that protect a facility's potential access ways.

Access control: Includes the immense variety of card-readers, chip-readers, and electronic locks that read information encoded on the cards, disks, or keys carried by employees. Popular systems incorporate insertion- or swipe-readers that interpret magnetic-stripe cards, or proximity-readers that do not require physical contact with the cards they read. Other components are the software for managing the distribution and encoding of cards and the processing of transactions, as well as the strikes, contacts, and releases that operate doors. Some more sophisticated systems incorporate biometric devices based on fingerprints, voiceprints, retinal patterns and the like. to allow or forbid access to restricted areas .

Pedestrian traffic control: Closely related to access control, covers devices such as electronic turnstiles equipped with card-readers. Banks of turnstiles often include larger gateways, also equipped with cardreaders, for wheelchair access. Vehicular traffic and parking control components also often play a role in facility security.

Intrusion detection: Includes the many types of sensors and alarm systems now available. Infrared motion sensors (1 below) can be ceiling- or wall-mounted; although such detectors are mostly used to protect interior spaces, there are motion detectors available for exterior use. Other devices detect the shattering of glass (2), or the opening of windows and doors (4, 5). Video motion detectors that detect movement on video signals transmitted from closed-circuit TV (CCTV) cameras are also available.

Monitoring and surveillance: Includes CCTV cameras and the monitors and security command centers they serve. Infrared cameras now on the market are capable of producing high-quality images in complete darkness. Pan-tilt-zoom (PTZ) devices permit the remote control of CCTV cameras; video switchers allow multiple cameras to display on a single monitor; time-lapse VCRs are capable of condensing nearly a thousand hours of continuous monitoring onto a single, 120-minute VHS tape. The monitoring of an entire security system is often performed from a single command center (3), or nerve center. In modern integrated systems, all security system information is carried over a single fiberoptic-cable infrastructure also capable of carrying other building control systems.

Five security product photos (29 kb)

See related article on data security within buildings.

Thanks to the author and the late, lamented P/A.