Museum security, like art, is ever-changing.  Traditional security practices like manned guarding alone are not sufficient to keep thieves at bay. Modern security technologies such as video surveillance, motions detectors, intruder alarms and other physical security devices also play an equally important role in securing museums and its art work. Regrettably, having all these security measures in place does not always guarantee safety and thieves sometimes still manage to steal art work through deceptive tactics. “The Mona Lisa” by Leonardo, “The Scream” by Edvard Munch (twice, but two different versions), “Poppy Flowers” by van Gogh (twice), “Harlequin Head” by Picasso, and “Jacob de Gheyn III” by Rembrandt (a staggering four times). What do these paintings have in common? They have all been stolen from museums.  Museum security – best practices Any museum director must strike a delicate balance between providing a sanctuary and a showplace for art works. Galleries seek both to protect and to welcome. For the legitimate visitor, museum security should be nearly invisible. For the would-be criminal, it should be apparent, but not so obvious as to make hostile reconnaissance a worthwhile practice. Spend a few hours in a selection of galleries in any major city and you’ll note that on the whole, attendants are indeed welcoming. They tend to be amiable blazered men in their 60s who are filling in time while on a pension from a former career in the police or armed forces. You would back them to prove zealous in confiscating a selfie-stick from a tourist (largely banned, though frequently still used) but might be less confident of the outcome if they had to confront a determined thief or vandal. Galleries need guards who are physically strong, observant and not beyond early middle age. (A standard gag among criminals is that staff are often of the same vintage as the exhibits they are guarding.) Michael Daley, director of ArtWatch UK, makes the pragmatic point that gallery curators should assess thoroughly the security measures at any museum that they are going to entrust with a loan item. In 1994, the Tate in London lent two paintings by Turner to a museum in Frankfurt that shares its premises with a music college and at the time had no perimeter security. The Turners were stolen by thieves working for Serbian gangsters and a ransom in excess of $4.5 million was paid by Tate from charitable monies with little attempt made at apprehending the criminals. One of the paintings was recovered from the garage of a Frankfurt mechanic who had a sideline as a Dean Martin impersonator. Yes, really. CCTV vs. human response The consensus among curators that technology has much to offer but will never replace the human response is difficult to argue with, but only if we are confident that guards will prove tobe consistently alert and conscientious. Scepticism about the merits of video surveillance prompts many museums to pay more attention to installing CCTV in their gift shops than in the exhibition halls. Traditional curators are also reluctant to allow a battery anywhere near a painting for fear that acid may be leaked. They argue that unless CCTV is scrutinised non-stop by guards (and few institutions have the manpower for this) it merely gives a record of the theft. This was the case three years ago when a Salvador Dali painting was taken from a brand-new gallery on Madison Avenue. Management had a high-resolution clip from an IP camera and little else to go on.  Use of proximity alarms The principal focus of London-based ArtWatch UK is to protect works from inappropriate restoration techniques and careless or demeaning treatment. But Michael Daley naturally keeps an eye on security issues and has some horror stories to relate that suggest proximity alarms are not being used. He says: “Only recently I was shown a photograph of a curator signing a form by placing the paper on the vertical surface of a Rembrandt.” He continues: “At a preeminent gallery in the U.S., I saw a group of teenagers having their photograph taken and being instructed to keep moving back so that they could all be in the frame. They ended up leaning against a canvas with one boy’s elbow depressing it sharply. Only when I shouted at them did either the guard or their teacher notice what was happening.” London’s National Gallery theft incident Museum parlance for somebody who enters a gallery as a visitor through the normal route and remains after hours is a “stay behind.” A bizarre theft involving a stay behind (possibly better categorised as a protest rather than a serious attempt to steal) occurred at London’s National Gallery early one morning in August 1961. As part of a campaign against the perceived injustice of low-income pensioners being charged to buy a license to watch public television broadcasts, Kempton Bunton eased his way out of a toilet window leading on to Trafalgar Square carrying a portrait bust of Napoleon by Goya under his arm. He had arrived as a regular visitor the previous day and hidden overnight. Bunton had done his research and was aware that the gallery’s infrared motion sensors were switched off while cleaners readied the building for the day. A disabled former bus driver in his 60s and weighing 240 pounds, he was an unlikely burglar. The next time you watch the Bond film Dr No (shot six months after the theft) look for Sean Connery walking past an oil painting in the villain’s underwater Jamaican headquarters. “So that’s where it went!” The painting was returned safely in 1965 when, with an anticlimactic gesture, Bunton deposited it at the left luggage lockers of a Birmingham railway station. Biggest art theft in US history Major art heists often feature audacity that defeats even thorough security protocol. An unsolved 1990 theft at Boston’s Isabella Stewart Gardner Museum involving 13 paintings valued at $500 million began when a pair of criminals presented themselves at the gallery door late at night dressed as policemen and claiming they were responding to a call amid the hoopla of St Patrick’s Day celebrations. They were buzzed in and one of the two duty guards foolishly left his desk (which featured a panic button.) Both guards soon found themselves duct-taped to pipes in the basement. The theft is the largest ever art haul and included Rembrandt’s only seascape, “The Storm on the Sea of Galilee.” This painting remains in our popular culture, being seen in films and even featuring in an episode of “The Simpsons.”  “They have cameras at McDonald’s but we weren’t allowed to install them” Ingenuity can also extend to diversionary tactics and escape methods. In December 2000, criminals brought an already busy Stockholm city centre to gridlock by abandoning a pair of cars outside major hotels and setting them afire. Meanwhile, at the National Museum, their colleagues stole a Rembrandt and two Renoirs, making their getaway along the river Norrström in a tatty second-hand speedboat they had bought a few days earlier. In a remarkably blunt and no doubt emotional press conference, Agneta Karlström of the museum said: “They have cameras at McDonald’s but we weren’t allowed to install them.” Staying in Scandinavia, art security specialists noted a depressing development in Oslo in 2004 when one of the several versions of “The Scream” painted by Edvard Munch was stolen from the Munch Museum. Thieves had been armed before but in this case they were wielding machine guns during opening hours and gave the impression they would not hesitate to use them
Major art heists often feature audacity that defeats even the most thorough security protocols
 

Museum security, like art, is ever-changing. Traditional security practices like manned guarding alone are not sufficient to keep thieves at bay. Modern security technologies such as video surveillance, motions detectors, intruder alarms and other physical security devices also play an equally important role in securing museums and its art work. Regrettably, having all these security measures in place does not always guarantee safety and thieves sometimes still manage to steal art work through deceptive tactics.

“The Mona Lisa” by Leonardo, “The Scream” by Edvard Munch (twice, but two different versions), “Poppy Flowers” by van Gogh (twice), “Harlequin Head” by Picasso, and “Jacob de Gheyn III” by Rembrandt (a staggering four times). What do these paintings have in common? They have all been stolen from museums.

Museum security – best practices

Any museum director must strike a delicate balance between providing a sanctuary and a showplace for art works. Galleries seek both to protect and to welcome. For the legitimate visitor, museum security should be nearly invisible. For the would-be criminal, it should be apparent, but not so obvious as to make hostile reconnaissance a worthwhile practice. Spend a few hours in a selection of galleries in any major city and you’ll note that on the whole, attendants are indeed welcoming. They tend to be amiable blazered men in their 60s who are filling in time while on a pension from a former career in the police or armed forces. You would back them to prove zealous in confiscating a selfie-stick from a tourist (largely banned, though frequently still used) but might be less confident of the outcome if they had to confront a determined thief or vandal.

Galleries need guards who are physically strong, observant and not beyond early middle age. (A standard gag among criminals is that staff are often of the same vintage as the exhibits they are guarding.)

Michael Daley, director of ArtWatch UK, makes the pragmatic point that gallery curators should assess thoroughly the security measures at any museum that they are going to entrust with a loan item. In 1994, the Tate in London lent two paintings by Turner to a museum in Frankfurt that shares its premises with a music college and at the time had no perimeter security. The Turners were stolen by thieves working for Serbian gangsters and a ransom in excess of $4.5 million was paid by Tate from charitable monies with little attempt made at apprehending the criminals. One of the paintings was recovered from the garage of a Frankfurt mechanic who had a sideline as a Dean Martin impersonator. Yes, really.

CCTV vs. human response

A standard gag among criminals is that staff are often of the same vintage as the exhibits they are guarding

The consensus among curators that technology has much to offer but will never replace the human response is difficult to argue with, but only if we are confident that guards will prove to be consistently alert and conscientious. Scepticism about the merits of video surveillance prompts many museums to pay more attention to installing CCTV in their gift shops than in the exhibition halls. Traditional curators are also reluctant to allow a battery anywhere near a painting for fear that acid may be leaked. They argue that unless CCTV is scrutinised non-stop by guards (and few institutions have the manpower for this) it merely gives a record of the theft. This was the case three years ago when a Salvador Dali painting was taken from a brand-new gallery on Madison Avenue. Management had a high-resolution clip from an IP camera and little else to go on.

Use of proximity alarms

The principal focus of London-based ArtWatch UK is to protect works from inappropriate restoration techniques and careless or demeaning treatment. But Michael Daley naturally keeps an eye on security issues and has some horror stories to relate that suggest proximity alarms are not being used. He says: “Only recently I was shown a photograph of a curator signing a form by placing the paper on the vertical surface of a Rembrandt.” He continues: “At a preeminent gallery in the U.S., I saw a group of teenagers having their photograph taken and being instructed to keep moving back so that they could all be in the frame. They ended up leaning against a canvas with one boy’s elbow depressing it sharply. Only when I shouted at them did either the guard or their teacher notice what was happening.”

London’s National Gallery theft incident

Museum parlance for somebody who enters a gallery as a visitor through the normal route and remains after hours is a “stay behind.” A bizarre theft involving a stay behind (possibly better categorised as a protest rather than a serious attempt to steal) occurred at London’s National Gallery early one morning in August 1961. As part of a campaign against the perceived injustice of low-income pensioners being charged to buy a license to watch public television broadcasts, Kempton Bunton eased his way out of a toilet window leading on to Trafalgar Square carrying a portrait bust of Napoleon by Goya under his arm. He had arrived as a regular visitor the previous day and hidden overnight.

Bunton had done his research and was aware that the gallery’s infrared motion sensors were switched off while cleaners readied the building for the day. A disabled former bus driver in his 60s and weighing 240 pounds, he was an unlikely burglar. The next time you watch the Bond film Dr No (shot six months after the theft) look for Sean Connery walking past an oil painting in the villain’s underwater Jamaican headquarters. “So that’s where it went!” The painting was returned safely in 1965 when, with an anticlimactic gesture, Bunton deposited it at the left luggage lockers of a Birmingham railway station.

Scepticism about the merits of
video surveillance prompts
many museums to pay more
attention to installing CCTV in
their gift shops than in the
exhibition halls

Biggest art theft in US history

Major art heists often feature audacity that defeats even thorough security protocol. An unsolved 1990 theft at Boston’s Isabella Stewart Gardner Museum involving 13 paintings valued at $500 million began when a pair of criminals presented themselves at the gallery door late at night dressed as policemen and claiming they were responding to a call amid the hoopla of St Patrick’s Day celebrations. They were buzzed in and one of the two duty guards foolishly left his desk (which featured a panic button.) Both guards soon found themselves duct-taped to pipes in the basement. The theft is the largest ever art haul and included Rembrandt’s only seascape, “The Storm on the Sea of Galilee.” This painting remains in our popular culture, being seen in films and even featuring in an episode of “The Simpsons.”

"They have cameras at McDonald’s but we weren’t allowed to install them"

Ingenuity can also extend to diversionary tactics and escape methods. In December 2000, criminals brought an already busy Stockholm city centre to gridlock by abandoning a pair of cars outside major hotels and setting them afire. Meanwhile, at the National Museum, their colleagues stole a Rembrandt and two Renoirs, making their getaway along the river Norrström in a tatty second-hand speedboat they had bought a few days earlier. In a remarkably blunt and no doubt emotional press conference, Agneta Karlström of the museum said: “They have cameras at McDonald’s but we weren’t allowed to install them.” Staying in Scandinavia, art security specialists noted a depressing development in Oslo in 2004 when one of the several versions of “The Scream” painted by Edvard Munch was stolen from the Munch Museum. Thieves had been armed before but in this case they were wielding machine guns during opening hours and gave the impression they would not hesitate to use them.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

Author profile

Jeremy Malies European Correspondent, SourceSecurity.com

Jeremy Malies is a veteran marketeer and writer specialising in the physical security sector which he has covered for 20 years. He has specific interests in video analytics, video management, perimeter intrusion and access control.

In case you missed it

How has security industry training changed in the last year?
How has security industry training changed in the last year?

In-person training sessions were mostly canceled during the worst of the COVID-19 pandemic. However, the need for training continued, and in some cases increased, as the security industry sought to adapt to the changing business climate of a global emergency. So how well did we as an industry adjust? We asked this week’s Expert Panel Roundtable: How has security industry training changed in the last year?

Physical access control: Critical steps to ensure a smarter future
Physical access control: Critical steps to ensure a smarter future

Steven Kenny, Axis Communications, looks at the benefits of physical access control systems within smart environments, and how knowledge gaps and dated methods can inhibit adoption. Physical security is becoming more dynamic and more interconnected, as it evolves. Today’s modern access control solutions are about so much more than simply opening doors, with digitalisation bringing multiple business benefits, which would simply not be possible using traditional models. Digital transformation While the digital transformation of processes and systems was already well underway, across many industries and sectors, it is the transformation of physical security from a standalone, isolated circuit, to a network-enabled, intelligent security solution that brings many benefits to the smart environment. Yet, with more organisations now looking to bring their physical security provision up to date, there are many considerations that must be addressed to maximise the potential of access control and video surveillance. Not least of which is that connecting physical security devices to a network presents risk, so it is increasingly important for IT teams to play a role in helping to facilitate the secure integration of physical and network technologies, as these two worlds increasingly converge. Improved access control in smart environments These urban constructs are capable of reducing waste, driving efficiencies and optimising resources The smart city offers significant benefits, reflected in the US$ 189 billion that is anticipated to be spent on smart city initiatives globally by 2023. These urban constructs are capable of reducing waste, driving efficiencies, optimising resources and increasing citizen engagement. Technology, which is increasingly being incorporated to protect access points within the smart environment, can take many forms. These range from simple card readers to two factor authentication systems, using video surveillance as a secondary means of identification, right through to complex networks of thermal cameras, audio speakers and sensors. Frictionless access control During the COVID-19 pandemic, frictionless access control has provided an effective ‘hands free’ means of accessing premises, using methods such as QR code readers and facial recognition as credentials to prove identity. Frictionless access control brings health and safety into the equation, as well as the security of entrances and exits, minimising the risk of infection, by removing the need to touch shared surfaces. Such systems can be customised and scaled to meet precise requirements. Yet, an increasing integration with open technologies and platforms requires collaboration between the worlds of physical security and IT, in order to be successful. Barriers to adoption Traditional suppliers and installers of physical security systems have built up a strong business model around their expertise, service and knowledge. Network connectivity and the IoT (Internet of Things) present a constantly shifting landscape, requiring the traditional physical security vendor to learn the language of IT, of open platforms, IP connectivity and software integration, in order to adapt to market changes and remain relevant. Many are now beginning to realise that connected network-enabled solutions are here to stay Those who cannot adapt, and are simply not ready for this changing market, risk being left behind, as the physical security landscape continues to shift and demand continues to increase. With end users and buyers looking for smarter, more integrated and business-focused solutions from their suppliers, it is clear that only those who are prepared will succeed in this space. Time will not stand still, and many are now beginning to realise that connected network-enabled solutions are here to stay, particularly within smart constructs which rely on such technology by their very nature. The importance of cyber hygiene Connecting any device to a network has a degree of risk, and it is, therefore, imperative that any provider not only understands modern connected technologies, but also the steps necessary to protect corporate networks. Cameras, access control systems and IP audio devices, which have been left unprotected, can potentially become backdoors into a network and used as access points by hackers. These vulnerabilities can be further compromised by the proliferation of connected devices within the Internet of Things (IoT). While the connection of devices to a network brings many advantages, there is greater potential for these devices to be used against the very business or industry they have been employed to protect when vulnerabilities are exploited. Cyber security considerations Cyber security considerations should, therefore, be a key factor in the development and deployment of new security systems. Access control technologies should be manufactured according to recognised cyber security principles, incident reporting and best practices. It is important to acknowledge that the cyber integrity of a system is only as strong as its weakest link and that any potential source of cyber exposure will ultimately impact negatively on a device’s ability to provide the necessary high levels of physical security. The future of access control There is a natural dispensation towards purchasing low-cost solutions There is a natural dispensation towards purchasing low-cost solutions that are perceived as offering the same value as their more expensive equivalents. While some have taken the decision to implement such solutions, in an attempt to unlock the required benefits, while saving their bottom line, the limited lifespan of these technologies puts a heavier cost and reputational burden onto organisations by their association. The future of access control, and of physical security as a whole, will, therefore, be dependent on the willingness of suppliers to implement new designs and new ways of thinking, based around high-quality products, and to influence the installers and others in their supply chains to embrace this new world. Cyber security key to keeping businesses safe In addition, cyber security considerations are absolutely vital for keeping businesses safe. The integration of cyber secure technologies from trusted providers will provide peace of mind around the safety or corporate networks, and integrity of the deployed technologies. As we move forward, access control systems will become data collection points and door controllers will become intelligent I/O devices. QR codes for visitor management and biometric face recognition for frictionless access control will increasingly be managed at the edge, as analytics in a camera or sensor. The future of access control presents an exciting and challenging time for those ready to accept it, to secure it and to help shape it, offering a true opportunity to innovate for a smarter, safer world.

Wire-free, mobile first and data rich? The future of access control is within almost anyone’s reach
Wire-free, mobile first and data rich? The future of access control is within almost anyone’s reach

The 2020s will be a wireless decade in access control, says Russell Wagstaff from ASSA ABLOY Opening Solutions EMEA. He examines the trends data, and looks beyond mobile keys to brand new security roles for the smartphone. The benefits of wire-free electronic access control are well rehearsed. They are also more relevant than ever. A wireless solution gives facility managers deeper, more flexible control over who should have access, where and when, because installing, operating and integrating them is easier and less expensive than wiring more doors. Battery powered locks Many procurement teams are now aware of these cost advantages, but perhaps not their scale. Research for an ASSA ABLOY Opening Solutions (AAOS) benchmarking exercise found installation stage to be the largest contributor to cost reduction. Comparing a typical installation of battery-powered Aperio locks versus wired locks at the same scale, the research projected an 80% saving in installers’ labour costs for customers who go cable-free. Battery powered locks all consume much less energy than traditional wired locks Operating costs are also lower for wireless: Battery powered locks all consume much less energy than traditional wired locks, which normally work via magnets connected permanently to electricity. Wireless locks only ‘wake up’ when presented with a credential for which they must make an access decision. AAOS estimated a 70% saving in energy use over a comparable lock’s lifetime. Find out more about wireless access control at ASSA ABLOY's upcoming 29th June webinar Deploying wireless locks In short, every time a business chooses a wireless lock rather than a wired door, they benefit from both installation and operating cost savings. A recent report from IFSEC Global, AAOS and Omdia reveals the extent to which the advantages of wireless are cutting through. Responses to a large survey of security professionals — end-users, installers, integrators and consultants serving large corporations and small- to medium-sized organisations in education, healthcare, industrial, commercial, infrastructure, retail, banking and other sectors — suggest almost four locations in ten (38%) have now deployed wireless locks as a part or the whole of their access solution. The corresponding data point from AAOS’s 2014 Report was 23%. Electronic access control Electronic access control is less dependent than ever on cabling Without doubt, electronic access control is less dependent than ever on cabling: Even after a year when many investments have been deferred or curtailed, the data reveals fast-growing adoption of wireless locks, technologies and systems. Is mobile access control — based on digital credentials or ‘virtual keys’ stored on a smartphone — an ideal security technology for this wire-free future? In fact, the same report finds mobile access is growing fast right now. Among those surveyed, 26% of end-users already offer mobile compatibility; 39% plan to roll out mobile access within two years. Before the mid-2020s, around two-thirds of access systems will employ the smartphone in some way. The smartphone is also convenient for gathering system insights Driving rapid adoption What is driving such rapid adoption? The convenience benefits for everyday users are obvious — witness the mobile boom in banking and payments, travel or event ticketing, transport, food delivery and countless more areas of modern life. Access control is a natural fit. If you have your phone, you are already carrying your keys: What could be easier? IBM forecasts that 1.87 billion people globally will be mobile workers by 2022 Less often discussed are the ways mobile management makes life easier for facility and security managers, too. Among those polled for the new Wireless Access Control Report, almost half (47%) agreed that ‘Mobile was more flexible than physical credentials, and 36% believe that mobile credentials make it easier to upgrade employee access rights at any time.’ IBM forecasts that 1.87 billion people globally will be mobile workers by 2022. Workers in every impacted sector require solutions which can get the job done from anywhere: Access management via smartphone offers this. Site management device The smartphone is also convenient for gathering system insights. For example, one new reporting and analytics tool for CLIQ key-based access control systems uses an app to collect, visualise and evaluate access data. Security system data could contribute to business success. The app’s clear, visual layout helps managers to instantly spot relevant trends, anomalies or patterns. It’s simple to export, to share insights across the business. Reinvented for learning — not just as a ‘key’ or site management device — the phone will help businesses make smarter, data-informed decisions. The smartphone will also play a major role in security — and everything else — for an exciting new generation of smart buildings. These buildings will derive their intelligence from interoperability. Over 90% of the report’s survey respondents highlighted the importance of integration across building functions including access control, CCTV, alarm and visitor management systems. Genuinely seamless integration They offer greater peace of mind than proprietary solutions which ‘lock you in’ for the long term Yet in practice, stumbling blocks remain on the road to deeper, genuinely seamless integration. More than a quarter of those polled felt held back by a lack of solutions developed to open standards. ‘Open standards are key for the momentum behind the shift towards system integration,’ notes the Report. As well as being more flexible, open solutions are better futureproofed. Shared standards ensure investments can be made today with confidence that hardware and firmware may be built on seamlessly in the future. They offer greater peace of mind than proprietary solutions which ‘lock you in’ for the long term. Open solutions and mobile management are critical to achieving the goals which end-users in every vertical are chasing: scalability, flexibility, sustainability, cost-efficiency and convenience.