From satellite imagery to street views to indoor mapping, technology has disrupted our past world. This has left us dependent upon new ways to visualise large spaces. This new world has brought many benefits and risks. But what does that mean for the security professional or facility manager today and what technologies can be used to secure buildings and improve facility operations?

A brief history of 3D technology

Starting May 5, 2007 (inception 2001), Google rolled out Google Street View to augment Google Maps and Google Earth; documenting some of the most remote places on earth using a mix of sensors (Lidar/GSP/Radar/Imagery). The mission to map the world moved indoors May 2011 with Google Business Photos mapping indoor spaces with low cost 360° cameras under the Trusted Photographer program. In the earlier days, 3D scanning required a high level of specialisation, expensive hardware and unavailable computing power

With the growth of 3D laser scanning from 2007 onwards, the professional world embraced scanning as effective method to create digitised building information modelling (BIM), growing fast since 2007. BIM from scanning brought tremendous control, time and cost savings through the design and construction process, where As-Built documentation offered an incredible way to manage large existing facilities while reducing costly site visits.

In the earlier days, 3D scanning required a high level of specialisation, expensive hardware, unavailable computing power and knowledge of architectural software. Innovation during the past 8 year, have driven ease of use and lower pricing to encourage market adoption.

Major investments in UAVs in 2014 and the commercial emergence of 360° photography began a new wave of adoption. While 3D scanners still range from $20K – $100K USD, UAVs can be purchased for under $1K USD and 360° cameras for as low as $100. UAVs and 360° cameras also offer a way to document large spaces in a fraction of the time of terrestrial laser scanners with very little technical knowledge.  Access to building plans, satellite imagery, Google Street View, indoor virtual tours and aerial drone reconnaissance prove effective tools to bad actors

The result over the past 10+ years of technology advancement has been a faster, lower cost, more accessible way to create virtual spaces. However, the technology advances carry a major risk of misuse by bad actors at the same time.

What was once reserved to military personal is now available publicly. Access to building plans, satellite imagery, Google Street View, indoor virtual tours and aerial drone reconnaissance prove effective tools to bad actors. Al Qaeda terror threats using Google Maps, 2007 UK troops hit by terrorists in Basra, 2008 Mumbai India attacks, 2016 Pakistan Pathankot airbase attacks, ISIS attacks in Syria using UAVs, well-planned US school shootings and high casualty attacks show evidence that bad actors frequently leverage these mapping technologies to plan their attacks.

The weaponization of UAVs is of particular concern to the Department of Homeland Security: "We continue to face one of the most challenging threat environments since 9/11, as foreign terrorist organisations exploit the internet to inspire, enable or direct individuals already here in the homeland to commit terrorist acts."

 Renovations, design changes and office layout changes leave facility managers with the wrong information, and even worse is that the wrong information is shared with outside consultants who plan major projects around outdated or wrong plans
Example comparison of reality capture on the left of BIM on the right. A $250 USD 360° camera was used for the capture in VisualPlan.net software

What does this mean for the security or facility manager today?

An often overlooked, but critical vulnerability to security and facility managers is relying on inaccurate drawing. Most facilities managers today work with outdated 2D plan diagrams or old blueprints which are difficult to update and share.Critical vulnerability to security and facility managers is relying on inaccurate drawing

Renovations, design changes and office layout changes leave facility managers with the wrong information, and even worse is that the wrong information is shared with outside consultants who plan major projects around outdated or wrong plans. This leads to costly mistakes and increased timelines on facility projects. 

Example benefits of BIM

There could be evidence of a suspect water value leak which using BIM could be located and then identified in the model without physical inspection; listing a part number, model, size and manufacture. Identification of vulnerabilities can dramatically help during a building emergency.

First Responders rely on facilities managers to keep them updated on building plans and they must have immediate access to important building information in the event of a critical incident. Exits and entrances, suppression equipment, access control, ventilation systems, gas and explosives, hazmat, water systems, survival equipment and many other details must be at their fingertips. In an emergency situation this can be a matter of life or death.

Example benefit of reality capture

First Responders rely on facilities managers to keep them updated on building plans A simple 360° walk-through can help first responders with incident preparedness if shared by the facility manager. Police, fire and EMS can visually walk the building, locating all critical features they will need knowledge of in an emergency without ever visiting the building. You don’t require construction accuracy for this type of visual sharing. This is a solution and service we offer as a company today.

Reality capture is rapidly becoming the benchmark for facility documentation and the basis from which a security plan can be built. Given the appropriate software, plans can be easily updated and shared.  They can be used for design and implementation of equipment, training of personnel and virtual audits of systems or security assessments by outside professionals.

Our brains process visual information thousands of times faster than text. Not only that, we are much more likely to remember it once we do see it. Reality capture can help reduce the need for physical inspections, walk-throughs and vendor site-visits but more importantly, it provides a way to visually communicate far more effectively and accurately than before. But be careful with this information. You must prevent critical information falling into the hands of bad actors.

You must watch out for bad actors attempting to use reality capture as a threat, especially photo/video/drones or digital information and plans that are posted publicly. Have a security protocol to prevent and confront individuals taking photos or video on property or flying suspect drones near your facility and report to the authorities. Require authorisation before capturing building information and understand what the information will be used for and by who.There are a number of technologies to combat nefarious use of UAVs today

Nefarious use of UAVs

There are a number of technologies to combat nefarious use of UAVs today, such as radio frequency blockers and jammers, drone guns to down UAVs, detection or monitoring systems. Other biometrics technologies like facial recognition are being employed to counter the risk from UAVs by targeting the potential operators.

UAVs are being used to spy and monitor for corporate espionage and stealing intellectual property. They are also used for monitoring security patrols for the purpose of burglary. UAVs have been used for transport and delivery of dangerous goods, delivering weapons and contraband and have the ability to be weaponised to carry a payload.Investigating reality capture to help with accurate planning and visualisation of facilities is well worth the time

The Federal Aviation Administration has prevented UAV flights over large event stadiums, prisons and coast guard bases based on the risks they could potentially pose, but waivers do exist. Be aware that it is illegal today to use most of these technologies and downing a UAV, if you are not Department of Justice or Homeland Security, could carry hefty penalties.

Facility managers must have a way to survey and monitor their buildings for threats and report suspicious UAV behaviours immediately to authorities. At the same time, it’s critical to identify various potential risks to your wider team to ensure awareness and reporting is handled effectively. Having a procedure on how identify and report is important.

Investigating reality capture to help with accurate planning and visualisation of facilities is well worth the time. It can help better secure your facilities while increasing efficiencies of building operations. Reality capture can also help collaboration with first responders and outside professionals without ever having to step a foot in the door. But secure your data and have a plan for bad actors who will try to use the same technologies for nefarious goals.

Download PDF version

Author profile

In case you missed it

The Security Event 2019: a new security event to reconnect UK commercial security industry
The Security Event 2019: a new security event to reconnect UK commercial security industry

There is a new event on the calendar for the security industry in 2019: The Security Event 2019, 9-11 April, at NEC, Birmingham. For additional details and a preview of the new trade show and conference, we spoke with Tristan Norman, Founding Partner and Event Director, The Security Event. Q: It seems recently that some trade shows have been on the decline in terms of exhibit size and attendance. Why does the physical security industry need another trade show? Norman: I think there are numerous factors that play into the decline of trade shows in general and not something that is limited to the security industry. Those events that are suffering are no longer serving their target market or have failed to adapt to the changes in the industry they serve. However, what we are seeing now is the rise of focused, more “evolved” trade events which fulfil a gap in the industry event calendar and provide something new and fresh to a disillusioned audience. Q: What will be unique about The Security Event, and what role will it serve in bringing together buyers and sellers in the market? Where (geographically) will attendees come from? What we are seeing is a rise of trade events which provide something fresh to a disillusioned audience Norman: The driving ethos behind The Security Event is that we are “designed by the industry, for the industry.” We were able to start with a blank canvas and take onboard all the feedback from stakeholders throughout the security buying chain and create an event that is sustainable and fit for purpose. We see the role of the event as a very important one – to truly reconnect the currently fragmented UK commercial security industry, back at the NEC in Birmingham. We had originally anticipated that this would be an almost-exclusively UK event in year one. However, we have seen significant interest from potential visitors from across the wider EMEA region who are keen to do business in the UK. We formed a strategic alliance with Security Essen to help facilitate and strengthen our reach in these regions through additional marketing and PR activities. Consequently, early registrations indicate that it will be approximately an 80% UK and 20% international split. Q: What conference programming is being planned to augment the trade show event? Norman: Content will be delivered across three focused theatres, serving the needs of our audience throughout the buying chain. Emphasis will be placed on the latest technology innovations impacting the industry, practical advice on the most pressing issues facing security technicians, and important industry updates and insights. All sessions are focused on delivering tangible benefits to ensure professionals are equipped to stay relevant and to grow their business and we’re excited to be working with key industry bodies, innovators and experts to deliver the programme. We look forward to announcing those in coming weeks. Exhibitors want to re-engage with the thousands of industry colleagues who no longer attend other events on offer Q: Comparisons to IFSEC are inevitable. How will The Security Event be different than the IFSEC Security and Fire shows? What are the advantages of locating at Birmingham NEC? Norman: Both The Security Event and The Fire Safety Event, based at the NEC are completely different to any other trade show in the UK. We pride ourselves in creating a business platform that puts the exhibitors’ needs first, by limiting the size of stands and total number of exhibitors as well as creating a comprehensive CPD accredited educational programme for the visitors. Q: Which big industry players are supporting the launch of The Security Event, and what feedback are you hearing in terms of why they signed up at the show's inception? If a global manufacturer has a footprint in both the US and Europe, any tradeshow will be managed locally Norman: Our founding partners are Assa Abloy, Avigilon, Anixter, Comelit, Dahua, Honeywell, TDSi, Texecom, Tyco and Videcon. The full list of exhibitors and supporting partners can be found on our website. The reasons why they have signed up are very simple. They all see the exact same gap in the industry event landscape as we do. We believe there is a need for a 3-day channel focused commercial security exhibition based at The NEC in Birmingham. Our exhibitors want to re-engage with the thousands of industry colleagues who no longer attend the other events on offer. Q: Your 2019 show will be the same week as ISC West in Las Vegas. Do you think the competitive calendar will be a factor? Norman: In terms of our both our audience and our exhibiting base there is very little overlap with ISC West. Generally, if a global manufacturer has a footprint in both the US and Europe, any tradeshow will be managed locally so we haven’t observed any issues so far. We do acknowledge that having two shows at the same time globally isn’t ideal and we have moved our dates in 2020 to the 28-30 April to mitigate this going forward. The Security Event 2020 will not clash with Las Vegas' ISC West 2020 as it will in 2019, says Norman Q: How will you measure success in the first year of the show? What measurements (show size, number of attendees, exhibitor feedback, etc.) will constitute a "successful" first year for the show?Security Event will continue to evolve year after year, but will intent to stay true to the event's original concept Norman: Great question – the most important barometer of success for me and the team next April is the general industry reaction, after all, this show was created for them. Furthermore, it is vital to us that our exhibitors feel they have achieved their objectives for the show, whether it be quality, quantity of leads or raising awareness of a new product launch. We’ll also be keen to understand how satisfied visitors are with the event, including their views of the content, access to new products/services, effectiveness of the out of hours networking, etc. We are anticipating 6,000 visitors over the 3 days and I believe if we achieve this goal, we will have a strong rebooking on site, laying a great foundation for our 2020 event. Q: How would you expect/hope the show would continue to evolve in coming years? Norman: I hope over the next few years The Security Event cements itself as the industry’s favourite trade show and that exhibitors and visitors alike look forward to every year for both the business opportunities at the event and the networking outside of it. The Security Event will continue to evolve year after year, but I am determined that we stay true to our original concept and the principles on which the show was founded. After all, it is this formula that has proved to be so popular to date.

Why aren’t the Federal Government’s Physical Access Systems compliant with HSPD-12?
Why aren’t the Federal Government’s Physical Access Systems compliant with HSPD-12?

In the wake of 9/11, the Federal Government’s secure-the-fort, big idea was to create an identity credential for all federal employees and contractors. Homeland Security Presidential Directive (HSPD)-12 set it all in motion. Today, we know the smartcard-based credential that arose from HSPD-12 as the Personal Identity Verification (PIV) card. The PIV card is meant to give employees/contractors physical access to federal facilities and logical access to federal information systems. While using a PIV card for logical access has been largely successful and compliant with HSPD-12, implementing PIV-based, physical access control systems (PACS) has been much more difficult to conquer. As a result, HSPD-12 compliance for PACS has largely eluded the Federal Government. The noncompliance reasons are many, but there is now hope for fully achieving HSPD-12’s mandates. Interoperability with any agency’s PIV Beyond Passports, PIV cards represent the only other open-standards-based, multi-vendor-supported, identity credential program on the planetAll Executive Branch employees and long-term contractors, including the entire Department of Defense, have been issued PIV cards. This has been true since 2013. Beyond Passports, PIV cards represent the only other open-standards-based, multi-vendor-supported, identity credential program on the planet. It seems so simple, where employees/contractors previously used their proximity card to open a federal facility door or go through a turnstile, they should now be able to use their PIV card. However, HSPD-12 took the PIV requirement one step further – compliant PACS must be interoperable with any agency’s PIV. This introduced an entire magnitude of additional complexity. A compliant, interoperable, PIV-based PACS should work like this: an authorised employee (or contractor) presents a PIV card (contact or contactless) to a card reader to enter whichever federal agency building they have reason to be. Over the last 14 years, in all but a very few cases, the lack of PACS’ HSPD-12 compliance has prevented this from happening. Secure credential policy Today, less than 1% of the Federal Government’s PACS are HSPD-12-compliant. At most federal facilities, especially those outside the National Capitol Region, a noncompliant PACS works like this: an authorised employee (or contractor) presents a proximity (‘prox’) badge to a proximity card reader to enter his or her agency’s facility. At the fraction of federal facilities with upgraded PACS that work with PIV cards, virtually all such PACS fail to properly use a minimum number of PIV security features before granting access – let alone interoperate with a PIV card from any other agency. Active government solicitations are issued for new, non-compliant, proximity-based systems that perpetuate the delay to HSPD-12 complianceNew federal initiatives frequently suffer from having no policy to enforce their roll-out. That isn’t the case with PACS compliance. Policies have been in place for so long that newer policies like Office of Management and Budget (OMB) M-11-11 (February 3, 2011) remind everyone what the policies said in 2004 and 2006. This year, OMB publicised its proposed OMB M-18-XX (Draft), which will replace M-11-11. OMB M-18-XX’s (Draft) main PACS thrust is, once again, to ensure that everyone understands what the Federal Government’s secure credential policy is. It hasn’t changed since 2004. It would be tempting to say that PACS technology isn’t mature, but that isn’t the case. In 2013, the Federal Government revamped the PACS portion of the FIPS 201 Evaluation Program and, since that time, all PACS on the General Services Administration’s (GSA) Approved Products List are 100% compliant and interoperable. Yet, on any given day, active government solicitations are issued for new, non-compliant, proximity-based systems that perpetuate the delay to HSPD-12 compliance. The usual suspects, policy and technology, are not the culprits for this epic delay. An authorised employee presents a PIV card to a card reader to enter whichever federal agency building they have reason to be Difficulties in adopting HPSP-12 compliance for PACS Standards – The Federal Government’s approach to standards is to avoid a great deal of specificity. It’s an unspoken tenet that federal standards must be flexible, promote innovation and avoid disadvantaging any participating market segment. The opposite is true if your goal is interoperability: nearly every detail must be specified. Consider the standards-based success story of chip-based credit cards. When was the last time you used a credit card and it didn’t work? Interoperability failures are nearly unheard of. If you look at the hundreds of volumes of technical specifications that cover minute aspects of every component in credit cards and payment terminals, you quickly realise why it works so well. Nothing is left to chance, nothing is a variable, and there is no optionality. The Good News: Work to increase viability through deep scrutiny has progressed in recent years. The GSA APL PACS Testing Lab, set up in 2013, annually tests credentials from all PIV issuers against all GSA-approved PACS. This testing has significantly reduced interoperability failures at federal facilities. Collaboration – In the past, physical access practitioners from federal agencies rarely collaborated, unlike their logical access counterparts. This is also true for PACS procurement decision-makers across agencies and facilities. The Good News: In 2018, an agency trend has emerged where finally physical access, physical security and IT practitioners have begun sitting down to discuss their shared responsibilities. We have already begun to see coordinated budget requests between IT and Security with enterprise architectures positioning PACS as an enterprise service on the network. Scale – The Federal Government owns so many buildings that they can’t be counted. Google doesn’t know how many there are and neither does any one government official. Variability – A significant percentage of facilities have unique aspects making a one-size-fits-all approach infeasible. The Good News: Mature consulting services can now help agencies marry federal requirements with their unique environments to develop robust PACS enterprise architectures. As we see this occurring more and more frequently, a repeatable, achievable, systems-based upgrade of all PACS may be on the horizon. The GSA APL PACS Testing Lab annually tests credentials from all PIV issuers against all GSA-approved PACS Provenance – In many cases, different groups own different parts of a single facility, not all of whom might be subject to, or wish to interoperate with, a high-assurance compliant PACS. For example, GSA manages facilities for Legislative and Judicial tenants who aren’t subject to HSPD-12. Policy dictates that GSA manage the PACS for the front doors of these facilities should be HSPD-12-compliant, despite the fact that these tenants likely don’t have credentials that work with this technology. Sure, these tenants could commercially obtain a PIV-I credential, but almost none have. Economics – It’s difficult for agencies to create their annual security budget requests when HPSD-12 PACS upgrades are in scope, because so many unknowns exist at each facility. To assess the cost, the time to complete, and the facility’s existing equipment inventory, it would be logical for an agency to hire a contractor with PACS expertise to perform a site assessment. Having to do capital planning for an assessment phase in advance of making the annual budget request for the PACS upgrade creates a never-ending cycle of delay. Especially at agencies with multi-year capital planning requirements. Many agencies, trying to avoid this delay cycle, have fallen prey to doing site assessments themselves. This results in their integrators doing their walk-throughs after the contract is awarded. This is the leading cause of PACS upgrade cost overruns. Dependence on the agency’s IT department – Historically, PACS have been deployed on dedicated networks and are rarely ever connected to the enterprise, let alone the Internet. High-assurance PACS that validate credentials from other agencies must now communicate with many different systems on an enterprise network and over the Internet – so much so that the Federal Government reclassified PACS as IT systems. The Good News: With collaboration increasing between Physical Security Officers (PSOs) and Chief Information Officer (CIOs), we expect this to improve in due course. Resistance to change – This is a classic human factors challenge, and it’s a big one. PSOs have spent decades achieving their positions. PIV-based PACS could not be more different from the technologies that proceeded it, and such radical change is often resisted. When the value proposition is clear, change is adopted more readily. But security value isn’t easily measured or observed. It is often said that the best performance review for a PSO is to note that nothing happened. And when something does happen, it is necessarily kept quiet so the risk can be remediated without calling attention to the vulnerability in the interim. To date, the value proposition of moving to PIV-based PACS has been entirely based on policy (without corresponding funding in most cases) and through the shock value of white hat hackers, showing how easily most proximity badges can be cloned. This is not the stuff of change agents.   PIV-based PACS could not be more different from the technologies that proceeded it, and such radical change is often resisted Are these challenges a unique situation? No, these PACS challenges are not unique. Cybersecurity initially faced many of the same challenges that federal PACS face today. By 2000, the Federal Government recognised its urgent need to improve cybersecurity practices across its computing infrastructure and issued many policies that required agencies to improve. Improvement was sparse and inconsistent. GSA Schedules were set up to help agencies buy approved products and services to assist them, but this too produced lacklustre results. The Federal Government found that the best cybersecurity results occurred when enforced at the time an agency commissioned a system Congress enacted the Federal Information Security Management Act of 2002 (FISMA) (now amended by the Federal Information Security Modernization Action of 2014). FISMA mandates an Authority To Operate (ATO) accreditation process for all information systems. The Federal Government found that the best cybersecurity results occurred when enforced at the time an agency commissioned (vs. purchased) a system. FISMA and ATO accreditation has been highly successful when implementing new systems. These cybersecurity requirements are the closest thing that the Federal Government has to the ‘PIV Police’ today. However, the PIV requirements in FISMA and ATOs currently apply to only logical access for information systems. The proposed OMB M-18-XX (Draft) mentions that a FISMA PACS overlay to NIST SP 800-53 is forthcoming. The intent of the PACS overlay is to use the army of ATO accrediting officials in the Federal Government and enable them to assess implemented PACS as fit for purpose. This is the first time an enforcement approach has been brought forward that could reasonably succeed. How long for HSPD-12 compliance? We know that it won’t take another 14 years to achieve HSPD-12 compliance. Pockets of compliance are popping up. Compliant procurements do exist, and the state of PACS across the Federal Government is better in 2018 than in any previous year. Progress to date has been at a constant rate. The question is: what would take for progress to occur at an exponential rate instead? A major attack or compromise involving PACS would certainly hasten upgrades, but let’s hope that’s not the solution. The energy distribution sector has been riding a wave of security upgrade demands to retrofit their facilities across the U.S. The energy distribution sector, under nearly constant Advanced Persistent Threat attacks, has been riding a wave of security upgrade demands to retrofit their facilities across the U.S. The potential threat exists for Federal Government facilities as well. Looking into the federal PACS-compliance crystal ball, we’re beginning to see the faint outline of a multi-faceted campaign of education, budgetary oversight and accreditation of PACS that will ultimately see us past the tipping point. Consider though, at the current rate of PACS enablement, a 50% compliance rate is still far in the future. When that day arrives, the PIV card form factor may no longer be the key that fits that future lock. (Are you already using a mobile device’s Bluetooth interface to open the door to your office building?) Taking decades to perform a technology upgrade is the aging elephant in the room no one talks about. By the time critical mass is achieved with an upgrade facing these many challenges, there are typically compelling reasons to start over again with the next generation of technology. That cycle may well prove to be the Federal Government’s biggest PACS challenge of all.

How leveraging new technologies in the workplace will enhance its security
How leveraging new technologies in the workplace will enhance its security

As the world continues to become more connected, it’s becoming increasingly important to adjust security and safety procedures in the workplace. But today’s ever-evolving office environment can present unique safety and preparedness challenges. No two businesses are exactly alike, with some located in numerous buildings or spread out across campuses, while others have employees that frequently journey from different locations, work remotely or travel internationally. With this shifting environment, Rave Mobile Safety’s recent Workplace Safety and Preparedness survey asked over 500 full-time employees in various industries across the United States about their views on safety at work and emergency preparedness. Preferred safety measures Only 57 percent of respondents indicated that their workplace currently had preparedness drills in place for critical situationsThe survey looked at how employees and companies respond to various workplace emergencies: workplace violence, active shooter, medical emergency, fire, hazmat incidents, weather events and cyberattacks/system outages. Respondents provided insight on the current state of safety in their workplace, as well as how they want to be contacted when an emergency occurs. Though opinions on the preferred safety measures differed between generations and also between on-site and offsite workers, one fact remains consistent: there is much to be done to instil a better sense of safety in the workplace. While the findings show that employees feel safe in their workplace, only 57 percent of respondents indicated that their workplace currently had preparedness drills in place for critical situations. Quick thinking Of the plans currently in place, excluding fire, 57 percent of the other major emergency plans were rarely or never tested. With so few drills in place, employees are left not knowing the best ways to respond to emergencies like weather events or hazmat incidents or if their employer recommends a certain response to situations like medical emergencies. Testing these plans is essential so that all employees, whether they are new to the company or not Even if plans are in place to begin with, not ensuring your employees understand and are comfortable with how to react to certain situations, can put the organisation in harm’s way. Testing these plans is essential so that all employees, whether they are new to the company or not, have the appropriate response top of mind and their actions become second nature during a situation that will likely require quick thinking. Workplace violence Instilling regular practices will only further ensure that responses will happen seamlessly, regardless of the emergency. Beyond the general awareness of drills and practices, most surprising in the responses was the fact that 34 percent of female respondents were unaware of workplace violence emergency plans. This is particularly shocking because workplace violence is the second leading cause of death for women in the workplace, according to the U.S. Bureau of Labour Statistics. This shows an obvious lack of preparedness from organisations. It’s immensely important that employees to understand the relevant dangers of the workplace, especially when alternative could have a fatal result. The differences between baby boomers and millennials in the workplace is a common barometer showing how the workplace is continuing to change. Emergency plans Workplace violence is the second leading cause of death for women in the workplace, according to the U.S. Bureau of Labour StatisticsWhat may have worked for previous generations must be reworked and adjusted so every generation is made aware of and understands the plans and procedures in place. These changes can help make workplace safety plans fresh and continuously relevant. With that in mind, millennials currently represent the largest segment of employees unaware of emergency plans for major workplace emergencies. 38 percent of this age group are unaware of existing emergency plans, compared to just a 28 percent average of employees over the age of 35. This could be associated with the fact that some organisations are not communicating plans with newer employees or even that organisations that employ a significant number of millennials might not have plans in place at all. Affecting everyday work If the newest generation is unaware of these plans, then it is only a matter of time before Generation Z enters the workforce and is in even worse position when it comes to emergency awareness. The survey results showed that on average, workplaces use two methods of communication for emergencies Feeling safe and secure at work should not be something that workers need to focus on, however more than a quarter of respondents that work remotely said that worrying about safety is exactly what is affecting their everyday work. With that in mind, it’s even more concerning to see that there seems to be a clear divide between current methods and preferred methods of communication during an emergency. The survey results showed that on average, workplaces use two methods of communication for emergencies, with the top two being intercom system announcement/building alarm (27 percent) and email (22 percent). Mass text messages At first, these methods seem to cover both remote and in-office employees, but survey results actually showed that both groups preferred and would be better reached during other methods. While email is the second most common emergency method currently in place by organisations, it actually ranks as the fourth most preferred method at a mere 11 percent. Even with a clear preference towards communication via mass text messages by respondents (39 percent of remote workers prefer this method), less than 20 percent of companies actually take advantage of this technology. This clear disconnect shows that organisations must find what works best for their employees instead of using methods that were previously established or that are just currently being used. Preparedness plans What remains important for organisations, regardless of size or industry, is to keep emergency preparedness plans ever evolving Communication can not only be essential to alert employees to everyday situations, like office closures, but it is also imperative in preventing emergencies to escalate when they do occur. Although this survey discusses the current state of safety in the workplace, it’s that the disconnect between employee perceptions and employer polices that’s the most concerning. Companies need to take steps to understand how their employees would like to be reached during an emergency, as well as how employees would also like to reach out to management to report their own concerns. What remains important for organisations, regardless of size or industry, is to keep emergency preparedness plans ever evolving and well communicated, so your employees are confident in the emergency plans in place. By proactively planning and practicing for emergency events through table top exercises and drills, employers can demonstrate their commitment to employee safety and preparedness and build employee confidence.