Considerations and thought on the security of tertiary institutions

Dec '99 News & Events

The Securing of a University campus is a complex and on-going process that requires clear analysis ,understanding and planning.In the case of any South african university ,there are far more complex issues and pressures of change than at most international universities.Issues such as the socio-political environment,geographical positioning and community involvement cannot be ignored.This article seeks to examine how some of these issues could influence the overall security management of the campuses and seeks to make some suggestions or create pointers for further investigation,in the following areas:management of the process;and planning design.

Management of the process

The successful management of the security plan involves a number of preliminary stages of implementing a long-term security plan. Establishing the management structure is the first step in such a plan, and it is only after the management structure and objectives are established that planning can begin.

In planning the management of a system one has to identify the following:

p Stake holders.

p Potential problems.

p Areas of responsibility in terms of:

• Day-to-day management.

• Overall management.

• Financial management.

Once all these factors have been considered, a meaningful and potentially successful management strategy can be put into place.

Stake holders

In any security solution one has to define the stake holders in the scheme, because without the buy-in of each and every one of these, it becomes almost impossible to ensure the effective management of the solution. I have attempted to list as many of these stake holders as possible and highlight some of the issues around each one.

University management

The major consideration of management is to establish a sustainable, affordable and practical long-term security solution to ensure the continued success of the university. Unfortunately, as with all organisations and more specifically educational ones, opinions of what and who constitutes ‘management’ differ widely.

Individual facilities

The needs of each ‘unit’ within the university may differ widely. Some areas require extremely strict measures of security, while others require easy access and limited restrictions (such as student counselling areas).

Academic staff

Typically, academic staff require different management to non-academic staff. By the nature of their job this collective represents a huge amount of brain power and it is imperative not to ignore the views of this group, and the views will be many and varied. The danger here is that decisions and implementation can be indefinitely delayed.

Non-academic staff

Issues here would involve ease of access, handling staff changes, getting agreement and buy-in and not targeting this group above any of the others.

Students

The co-operation of the major student bodies is essential to the success of the overall plan, but it is also difficult to get consensus from an SRC that changes on an annual basis, and at the end of the day, a student comes to university to study, so as long as the plan is not invasive and ensures that a workable campus is the result, the student bodies should agree to the overall system.

Campus security

These are the people who have to live with the bad decisions made now. Whoever they may be, private or university, they accept ultimate responsibility for the security of the campus and it is up to the university to give them the correct tools to do the job.

The local community

This is a group that is vital in the scheme of things. They have invested in the areas surrounding the university, and they are there to stay. At all costs, they require a safe campus, nobody wants to live next to a high crime area, but they also do not want to live next to a prison, and since it is a university, they feel they have a right to access in terms of walkways etc.

The wider community

To some degree the security plan has an influence and impact on the city as a whole. Disaster management and the management of common law crime needs to be co-ordinated with wider civic bodies, no matter what the level of perceived competence is.

Potential problems

Due to the wide range of stakeholders and the far reaching implications of incorrect decisions, there are a number of potential problems that require investigation and consideration.

Starting at macro level, the role of the university in combating common law crimes necessitates an interface with the SAPS. Due to the history of our country and the levels of competence within the SAPS, this is not an easy interface to manage, but policies and procedures will have to be created.

Looking at the local community and the wider community there is the issue of ‘overlap areas’. These areas are areas which have an impact on university life, but are public domain, and areas that have an influence on public life, but are university domain. An example of this is access paths through campus. An integrated structure would allow for these areas to be secured without undue threat or cost to any party.

Overall, the academic and fluid nature of a university make it difficult to secure. In a commercial venture, to stop the theft of assets one can legally introduce a method of random search. In this environment it is unacceptable. The numbers of people and irregular times make it difficult to control the flow of people. One cannot restrict any group more than another.

On a micro level, each building, department and faculty will have very clear ideas about their requirements in terms of access control and levels of security, so one clear strategy cannot be adopted. As staff change, these needs or perceived needs, change as well.

These are merely some of the potential problems, and they need to be addressed, not only prior to planning, but annually and with all the stakeholders.

Areas of responsibility

Day-to-day management – How much control does one give the micro environment on a daily basis? Does each building have its own control? These are questions that require careful consideration. Each building has a different requirement in terms of both control and information, and many will require some level of control during normal operating hours, but once the costs have been analysed, with the proposed policy of evolved finances, this may all change.

Overall management – To be of use to the university as a whole, there needs to be some form of universal management. This involves the control and information gathering aspects of the system. Without some clear macro policy, any one system could compromise any other system and the university will be compromised.

Financial management – By developing the right systems the financial management of security could fall into the university’s plan of evolved finances. Financial management could very easily become the responsibility of individual faculties and the university as a whole, with each faculty deciding on its level of financial exposure, without compromising the whole plan overall.

Risk analysis

Before any planning can be done, a comprehensive risk analysis needs to take place. This needs to define what risks there are in terms of:

p Potential for serious crime (assault, murder, armed robbery).

p Loss of university assets.

p Loss of ability to function.

p Loss of ability to provide services.

In order to determine these aspects it would be required to do extensive research in the following areas:

p Profile of students and staff.

p Analysis of daily migration and internal movements.

Next we would need to determine from where the risks came. Typically speaking, students represent as much of a risk, if not more, than any external threat, and thus simply preventing non-authorised access to large areas has little bearing on security. Immediate communities tend to offer little or no threat.

Planning and design

The planning and design of an overall security system is both ongoing and complex. One should seek for the ideal solution without thinking of the constraints of specific technologies, but rather design what you want and find the technology to match.

Means of protection

When trying to prevent loss of property or protect human life there are a number of means of protection:

Physical barriers – This means walls and fences. These come in levels from electrified, to monitored to unmonitored. In the case of a tertiary institution a number of problems would exist for the wide ranging use of physical barriers:

p The majority of the threat is internal.

p Unless monitored, fences are simply destroyed. If a fence covers a common access route for staff or students, it is a matter of days before it is permanently compromised.

p Entry to a fenced area needs to be monitored closely.

p Fencing large sections of a campus contradicts the principle of freedom, embraced by most universities.

p The local community feel excluded from the university and inconvenienced and thus become less tolerant.

This does not mean that there is no place for fences on a campus. Residences can be secured like large houses, and areas of major concern can be fenced, but the fence is not the security solution, it is an aid to it.

Control – To control the flow of people can be viewed in conjunction with fencing or it can simply mean the management of people flow into areas, and the record keeping and management of flow into specific buildings. The disadvantages of this are mainly related to convenience and speed of access when dealing with large numbers of people.

Observe – People can be watched by technology or people. This would form part of both a preventative and reactionary strategy.

Secure – This is the ‘lock and chain’ scenario. Limit access to assets or limit their movement. Once again there is a convenience factor.

Monitor and alarm – This is a reactive measure that controls exceptions and calls for reactions only when an incident arises. This causes the least level of inconvenience, but can be expensive and difficult to manage.

All of the above require some form of reaction. The levels of each type of solution would determine the reaction required and the resources needed.

Design onsiderations

After looking at all the requirements, a design brief can be constructed which will probably look like this:

p The system must be both integrated and diverse, allowing for macro and micro management.

p All systems need to be compatible but divisible.

p All systems must protect assets, but not restrict authorised access to them.

p The flow of people must be controlled but not restricted.

p There must be protection of people without intrusion.

p There must be human response, but minimal costs.

p All of this must be cost effective in a measurable sense and must be able to be implemented over a period of time.

p Any system must integrate with the community as a whole and cover the overlap areas.

The above requirements, along with many others and with the overall management policy, must then be converted to a practical conclusion. Although the requirements appear contradictory, they are achievable by the implementation of technology and human resources in the correct ratios.

Once all of the above considerations have been assessed one can start building a meaningful security plan that would be practical, sustainable, expandable and measurable.

For details contact Shaun Shelly, Managing Director of SEME Security Technologies SA on tel: (021) 706 5775, fax: (021) 706 0713 or e-mail: [email protected] or visit www.seme.co.za





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Managed security solutions for organisations of all sizes
Information Security News & Events
Cyber attackers have become significantly more sophisticated and determined, targeting businesses of all sizes. PwC’s Global Digital Trust Insights Survey 2025 Africa and South Africa highlights the urgent need for organisations to implement robust cyber risk mitigation strategies.

Read more...
From the Editor's desk: The good, the bad, and the victims
Technews Publishing News & Events
When the Internet first arrived, everyone was expecting amazing things from it, well, everyone who knew what it was and how it worked. We had the dotcom boom and bust, and it’s fair to say that if we ...

Read more...
Carrier rebranded Kidde Global Solutions
News & Events Fire & Safety
From July 2025, the former Carrier Fire & Security South Africa will operate under its new name, Kidde Fire & Security South Africa, as part of the global realignment of the commercial and residential fire and security business.

Read more...
Facilities Management Expo brings smart, secure operations to the Cape
Securex South Africa News & Events Facilities & Building Management
As organisations across South Africa navigate the challenges of ageing infrastructure and increased cyber-physical risks, integrated facilities management (FM) solutions have become critical to ensuring operational resilience.

Read more...
Specialised Exhibitions changes name to Montgomery Group Africa
News & Events
This name change reflects the consolidation of Montgomery Group’s regional divisions across Africa under one unified management structure, creating a more agile, efficient, and future-focused organisation.

Read more...
Secure data protection without hardware lock-in
Infrastructure Information Security News & Events
New Veeam Software Appliance empowers IT teams to achieve instant protection with Veeam’s fully preconfigured, software-only appliance, delivering enterprise-ready simplified deployment and operational efficiency, robust cyber resilience.

Read more...
Check Point launches open, vendor-neutral MDR services
Information Security News & Events Products & Solutions
New Check Point MDR 360° and MXDR 360° offerings deliver 24/7 managed continuous threat monitoring protection across endpoints, cloud and network environments with built-in identity threat detection and 160+ integrations across hybrid, multi-vendor environments.

Read more...
Unlock the future of security operations in Bloemfontein
DeepAlert News & Events Surveillance
Security professionals and business leaders are invited to revolutionise their offsite monitoring operations at the DeepAlert Product Road Show, taking place on 16 – 17 September 2025, at the Schoemanspark Golf Club, Bloemfontein.

Read more...
Hytera supports communication upgrade for Joburg
News & Events Infrastructure Government and Parastatal (Industry)
By equipping Johannesburg’s metro police and emergency services with multimode radios which integrate TETRA and LTE networks, Hytera is bridging coverage gaps and improving response times across the city.

Read more...
The global generative AI market surpassed $130 billion in 2024
News & Events AI & Data Analytics
According to a new research report from the IoT analyst firm, Berg Insight, the Generative AI (GenAI) market grew substantially in 2024, experiencing triple-digit growth rates in all three major segments: GenAI hardware, foundation models, and development platforms.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.