rxEPA
United States
Environmental Protection
Agency New England
US EPA Headquarters Library
Mail code 3404T
1200 Pennsylvania Avenue NW
Washington, DC 20460
202-566-0556
Colleges and Universities
O c t ob e r 200 3
Site Security Awareness
Safeguarding Against Terrorism
Introduction
Emergency planning and manage-
ment are increasingly recognized
as critical to the operations of col-
', leges and universities, and require
closer partnerships with first re-
sponders at the federal, state and
local levels. More than ever before,
emergency planning requires close
coordination among the respond-
v ing departments within an institu-
' tion including: public safety, Envi-
ronmental Health and Safety, pub-
lic information officers, residence
hall directors, student life, informa-
tion technology, and managers of
facilities housing hazardous mate-
rials. The purpose of this fact sheet
is to provide security suggestions
and to increase awareness on se-
curity matters that may impact
your campus, its stability, and your
community.
Site Security: Are you a target
for terrorism?
Physical security measures will
deter adversaries. Consider the fol-
lowing:
>Identify campus assets that
could be used as a weapon of
mass destruction (WMD);
>Provide layers of security,
carting at the campus's perim-
nd then assess other
a I operations such as food
°01 es; residence halls;
F- "ch facilities; laboratories;
03- Uion areas; and critical
006 ;, filters, and pumps;
^Perimeter protection measures
include fences and exterior
walls, bollards, personnel gates
and turnstiles, vehicle gates,
and security lighting;
> Employ skilled security personnel
to aid In access control and emer-
gency response;
>Access control measures, such
as signs, locks, alarm systems,
security doors and windows,
card-based access control
systems, and biometric sys-
tems;
>Surveillance and monitoring
through close circuit television
(CCTV)/surveillance cameras in
critical or restricted areas;
digitized card reader; faculty,
staff, student and contractor ID
badges; visitor pass/badge;
and/or entry log book;
> Protect and secure electricity,
communications, and other
utilities with uninterrupted and
backup power source, such as a
generator.
JUL 20
Faculty, Staff, Students and
Contractor Security
Threats that "come from within"
are the most difficult to detect.
<=> Restrict access and allow only
authorized employees who
work in sensitive or restricted
areas (Scientist, Service
Personnel, Visitors, Vendors,
Contractors, etc.);
O Establish background screen-
ing policies for all faculty, staff
and contractor;
^ Evaluate screening processes
for students, especially those
who may have access to
restricted areas;
^ Ensure that individuals in the
laboratories are aware of
restrictions on storage, trans-
ferring, receiving, and use of
materials with chemicals,
biohazards, explosives, or
radiological hazards.
=> Maintain inventory control of
all materials with chemicals,
biohazards, explosives, or
radiological hazards on your
campus.
"=> Implement prohibition policies
and reporting procedures for
faculty, staff, student and/or
contractor regarding physical
violence, verbal abuse, willful
destruction of property, and
intimidation.
-------�
Management Issues
In today's society, security is
everyone's responsibility. The fol-
lowing is a list of "risk-based man-
agement decisions" that must be con-
sidered in planning:
>lntegrate site security into your
campus's Emergency Response
Plan;
^Security should be given con-
sideration as one of the
university's core values. Estab-
lish written university policies
and procedures pertaining to
security;
>Use a risk-based approach to
assess and select the right
security control measures;
>Survey workforce skills;
> Assign the oversight of security
(e.g., physical, personnel, and
information systems) to top
managers;
>Include security in all appropri-
ate training and courses;
>Work with local, state, and
federal law enforcement and
other public safety agencies;
>Be an active member of your
Local Emergency Planning
Committee (LEPC);
>Assess and periodically reassess
your campus security systems.
Identify any existing or potential
threats, targets, vulnerabilities.
hazards, risks, as well as miti-
gation and countermeasures;
>Evaluate faculty, staff, students
and contractors identification
procedures;
>EXERCISE THE PLAN:
>Consider just-on-time manage-
ment of extremely hazardous
substances. Keep and use the
least amount of chemicals on-
site as possible. Explore product
substitution, especially in your
laboratories.
>Review suppliers' transportation
security procedures;
>Regularty update written secu-
rity policies and procedures,
including the following:
^Physical security systems;
^Results of vulnerability and/or
risk assessment;
•^Procedures for referring suspi-
cious incidents to campus
police or appropriate authori-
ties;
"^Protection of university
information, computers, and
networks;
"^Procedures for emergency
response, crisis management,
and shutdown;
^Recognition of security
breaches and proper actions
to be taken;
system for collecting and
analyzing reports of security
incidents;
of contact names and
information for reporting
security incidents.
Information, Computer, and
Network Security
Information, computer, and network
security are distinguished from
physical security because informa-
tion protection goes beyond propri-
etary information and university
procedures. Potential adversaries
can obtain information on chemical
processes, list of hazardous mate-
rials, and databases that relate to
biohazard research from a
university's computer and network
systems. The following tips should
be considered in establishing infor-
mation security:
0 Use protective hardware and
software;
0 Establish procedures for
protecting and destroying
sensitive documents;
0 Change codes and passwords
following a termination of
employment;
0 Back up all critical information
and data at an alternate loca-
tion;
0 Don't leave personal planning/
scheduling devices unattended;
0 Be aware that sensitive
information conveyed by
telephone conversations, radio
communications, and network
communications can be inter-
cepted. Consider using voice
encryption:
0 Periodically analyze University
computer transaction histories
to look for irregularities that
might indicate variances in
normal procedures and/or
security breaches.
0 Develop screening process or
procedures for computer
repairs if equipment may
contain sensitive information.
-------�
Weapons of Mass Destruction (WMD)
Examples at Campuses and Their Consequences
Explosives: Picric Acid (Dry and crystallized); Ammonium Nitrate;
Hydrazine Compounds; Diazo Compounds; Nitrocellulose
(Dry); Peroxide forming agents such as: Diethyl Ether;
Tetrahydrofuran; isopropyl Ether Dioxanes; Aldehydes;
Compounds with benzylic hydrogens; Compounds with
allyl groups
Chemical: Poison gas, blister gas
Biological: Anthrax; Small Pox; Ricin; Botulinum Toxin; Human Immu- •
nodeficiency Virus (HIV); Plague; Viral Hemorrhagic *
Fever(VHF) .
•
Nuclear: Any equipment or weapon that is designed to release I
radiation or radioactivity at a level dangerous to human •
life J
•
Note: In addition to the obvious consequences (e.g., deaths, injuries, dam- •
aged structures, possible contamination, possible long-term effects, far- *
reaching geographic effects), universities may also consider the economic •
consequences to the institution and the potential physcological ramifica- •
tions throughout the campus. J
Federal Offices
DHS (Watch & Warning Unit):
EPA New England
Environmental Emergency
1.888.585.9078 FBI - Boston, MA
800.424.8802
617.742.5533
FBI - New Haven, CT 203.777.6311
£+
Non-Emergency
EPA New England Customer Call Center 888.372.7341 or
617.918.III!
i Web Resources for Emergency Planning
\ Agency for Toxic Substances and Disaster Registry
\ American Red Cross
\ Education Resources Information Center (ERIC)
I Federal Emergency Management Agency (FEMA)
\ FBI/Awareness of National Security Issues & Response
\ Lawrence Berkeley National Laboratory
\National Response Team (NRT)
Office of Domestic Preparedness (ODP)
US Department of Education
US Department of Homeland Security (OHS)
http://www.atsdr.cdc.gov/
http://www.redcross.org
http://www.eric.ed.gov/
http://www.fema.gov/
http://www.fbi.gov/hq/ci/ansir/ansirhome.htm
http://securebuildings.lbl.gov/
http://www.nrt.org/
http://www.ojp.usdoj.gov/odp/
http://www.ed.gov/
http://www.whitehouse.gov/homeland/
This is a selected list of sites that provide timely and useful information about emergency planning and counter-
terrorism; it is not an exhaustive list of ail parties with a role or interest in the subject matter. Inclusion here does not
mean an endorsement of the site.
-------�
Homeland Security Presidential Directive (HSPD) - 5
National Incident Management System (NIMS)
In response to the terrorist attacks on September II, 2001, the President issued Homeland Security Presidential Directive
(HSPD)-5 which called for the development of a National Response Plan (NRP) to integrate Federal Government domestic
prevention, preparedness, response, and recovery plans into one all-discipline, all-hazards plan under the authority of the
Secretary of Homeland Security. This directive also called for the creation of a National Incident Management System (NIMS).
which would provide a standardized system for implementing the NRP.
NIMS provides a consistent yet flexible nation-wide framework within which local, State, and Federal levels of governments and
the private sector will work effectively and efficiently to be aware of, to prepare for, to prevent, to respond to, and to recover
from domestic incidents, regardless of their cause, size, or complexity. To provide for seamless cooperation among Federal,
State, and local capabilities, the NIMS includes the following core concepts and principles:
• NIMS standardizes incident management systems for all hazards and all levels of government.
• NIMS extends incident management into the awareness, prevention, and preparedness domains.
• NIMS facilitates the flow of (financial and physical) resources in pre-incident planning and post-incident execution.
• NIMS establishes a common operating picture that promotes useful information flow (Communications, Intelligence, and
Information Management) at all levels of government.
• NIMS promotes the strategic development of new technologies and provides scientific support to enhance pre- and post-
incident operations at all levels of government.
By December 31, 2003, all Federal departments and agencies shall adopt the NIMS within their departments and agencies and
provide support and assistance to the Secretary in the development and maintenance of the NIMS. The Federal Agencies are
currently reviewing the requirements under this Presidential Directive and providing input as necessary. This process will
ultimately result in the development of a full NRP, including the NIMS, that ensures a national approach to domestic incident
management and a process that places similar emphasis on awareness, prevention, and preparedness as traditionally has been
placed on response and recovery.
Beginning in Fiscal Year 2005, Federal departments and agencies shall make adoption of the NIMS a requirement, to the extent
permitted by law, for providing Federal preparedness assistance through grants, contracts, or other activities. The Secretary of
Homeland Security will coordinate with the private and non-governmental sectors to ensure adequate planning, equipment,
training, and exercise activities and to promote partnerships to address incident management capabilities and will also develop
standards and guidelines for determining whether a State or local entity has adopted the NIMS.
Suspicious Activities
Since most campuses are open to the public, it is important to always remain alert to any suspicious activi-
ties. Follow campus security procedures whenever such an event arises. When encountering a suspicious
individual, make clear observations so you can record a physical description of the individual including any
unique identifying features. If possible, document other pertinent information including vehicle description,
license number and egress direction. Never put yourself at risk. Report the incident to either the campus
police or local law enforcement agency immediately and write down everything you witnessed immediately;
REPORT THE FOLLOWING TO LAW ENFORCEMENT AUTHORITIES:
•^Suspicious activities, vehicles, or persons;
^-Missing chemicals, equipment, or critical
•^-Break-ins
U.S EPA Headquarters Library
il corJe 3404T
Avenue NW
Washington, DC 20460
202-566-0556
vvEPA
United States
Environmental Protection
Agency New England
1 Congress Street, Suite 1100 SPP EPA901-F-03-006
Boston, MA 02114-2023 . October2003
www.epa.gov/ne/assistance/univ/index.html
-------� |