Gerald Doane: Access control policy can be a complicated
The border debate has many scratching their heads about what constitutes access control along the 2,000-mile land border with Mexico.
Opinions are all over the place about how to control access on our southern land border.
Discussions about effectiveness of walls versus technology are interesting but not very helpful in putting the issue of border access control into context. The discussions are political in nature and are seemingly about only one decision, either building or not building a wall. Political opinion is often difficult to change with reason, but here goes anyway.
Policy comes before walls and it is the most important point in our discussion about border access control. For those who are unfamiliar with the term policy, let me explain.
The term policy means nothing more than decisions made in advance. Establishing policy is probably the most important part of any planning process. It is deciding what to do about an issue, in this case, access control on a land border.
I would like to add policy into the current discussion about border access control. I have learned a great deal about access control policy in my role as corporate security risk manager for a major corporation, my long-term tenure in law enforcement, and my military service.
I am going to use an example of how access control policy is rationally made. Instead of using an international border like our southern border with Mexico, I am going to use the borders of a large industrial complex of 1,280 acres as my example. The principles are the same in either case.
The property consists of land, structures, commercial processes, and populations, all of which are called assets.
The first order of business in protecting these assets begins at the outer boundaries of the property. Management asks, do we control access onto the property, or do we leave the property open and accessible by anyone?
The second order of business in the policy making process asks the question, what are we protecting against, or, what are the risks? Three common access risks are:
Persons accessing the property can remove, damage or injure, or destroy assets.
Persons accessing the property can be harmed or make false claims of harm. They or their survivors could seek damages.
Persons accessing the property can use the property for their own purposes, such as living, working or doing business on the property without agreement or without compensation to the property owner for its use.
The third order of business asks the question, what is the likelihood that the above risks will occur? To assess this likelihood, we look at history, current status, and future projections.
The fourth order asks the question, what is the decision, open access or controlled access? If the decision is open access, no further discussion is required.
If the decision is controlled access, then the question becomes, what level of control? There are normally three levels of control.
Level one consists of natural and/or man-made barriers only, or, monitoring activities only.
Level two consists of natural and/or man-made barriers with technical access control measures or devices, or, with monitoring activities and technical access control measures or devices.
Level three consists of natural and/or man-made barriers, technical access control measures or devices, and monitoring activities.
The fifth order asks the question, is the risk high enough that we layer our protective measures and if so, where?
The reason for this question is, given time and effort most protective measures can be defeated or overcome. By layering, we increase the time and effort it takes someone to gain access.
The sixth order asks the question, what are the costs? In order to determine costs, a detailed proposal listing all items and activities, with costs associated for each item or activity, is prepared.
The seventh order asks the question, what is the budget for the proposed boundary access control? Can we afford the proposal now, must we alter it significantly, or can we program over time to fit our budget?
The eight order asks the question, given our budget decisions, when do we let the contract or begin construction on the finalized proposal?
Access control policy can be a complicated and lengthy series of decisions.
When we discuss efficacy before determining what is policy, we are out of sync. If the policy is open access, further discussion is unnecessary. If the policy is controlled access, we must first test all active and proposed measures before concluding efficiency or effectiveness.
Gerald G. Doane lives in Grass Valley.
Start a dialogue, stay on topic and be civil.
If you don't follow the rules, your comment may be deleted.