SECURITY REVIEW: Retail Entrance/Exit Alarm Gates
Most of us have been to a retail store of some kind and encountered someone setting off the obnoxious alarm of security gates that line the doors while exiting or entering the building. Such security systems have become increasingly common in businesses of all sorts as a way to protect their most valuable assets. While a somewhat useful feature as security, this system can also prove to be annoying to both customers and employees alike.
The basic idea of this system is that you have gates that will detect and react (usually with a loud beeping) if one of a set of smaller electronic devices that have not been deactivated passes through them. These smaller electronic devices are discretely packaged in to particularly valuable pieces of merchandise or assets, so that when these assets pass through the gates without being cleared by employees (and thus deactivated), the electronic device implanted on the asset will set off the alarm, alerting those around that an unauthorized asset has passed through the gates (assumedly leaving the building). There is of course also another aspect of the system that must be in place, and that is employees of the company (or some other person who can do something about a theft) must be within hearing/reacting distance from the gates/doors at the time that the alarms are set off. Otherwise the alarm going off would serve no purpose to protect the assets of the company.
There are many security goals to be considered here. The main and most obvious of these of course is that if a valuable asset if being carried out the door, the business would in some way be alerted of this event, and would be given the opportunity to react to the theft, and thus protect their assets. This security goal of course can only be realized if the asset in question indeed has an electronic security device on it, and that the staff indeed is alerted by the system (such as if an employee is close enough to the door to hear the alarm). Another very important, but less obvious security goal is to deter people from attempting to steal anything in the first place. Usually when these alarms go off, they are quite loud, and can be heard by the customers in the building. The customers can also observe that these security gates are in place easily when they first enter the building. It is also difficult to determine which pieces of merchandise are specifically protected by the system (have an electronic device on them). These three facts act as general deterrents for people to even try to steal in the first place, thereby creating some measure of security without even necessarily apprehending an attacker.
Of the many possible attackers, the most common and obvious are probably the customers that frequent these stores, and the employees that work there. Customers that are in the store obviously must be interested in the assets contained in the store, otherwise they wouldn’t be there, and thus must have a motivation to obtain the assets. If the customer could obtain these assets without paying, this would be all the more beneficial for them. There are also the employees of the company, who usually have some interest in the product or assets of the company that they work for. The employees are also in the store with the assets, as well as coming and going quite often. Not to mention the fact that the employees are usually a vital component of this system (they are usually the ones actually being alerted by and reacting to the alarm). Thus they are also in a good position to be an effective attacker of this system.
One main weakness of the system is that the gates to some extent can only detect the electronic device if it takes certain paths on it’s way out the door, mainly in between the two gates. Although it would perhaps be less subtle and more noticeable if someone were to leave the store while lifting what they were carrying above or around the gates in some way, it is still feasible that there could be some path by which the asset could be carried past the gates such that the gates would not actually detect the electronic security device located on the asset. Another weakness is the dependence on people or employees around the store for the system to work. In order for the system to be worth anything, employees must be not only reachable by the alarm, but also in a position to react in such a way as to prevent the theft. Thus it could be the case that the alarm isn’t heard, and thus does nothing to protect the assets, or even if heard, employees might be too far away from the doors to be able to react to the alarm in a helpful way.
A way to strengthen the defense against the first of the weaknesses would be to make the gates detect an electronic device that passes even near it within as much distance as it would take to span the entire doorway. This way the electronic device on the asset wouldn’t need to actually pass through the gates themselves, but would set the alarm off if it even gets close enough to the gates to get through the doors at all. And a defense against the second issue would simply be to have an employee whose job is to sit by the door, within hearing distance of the gates, and with a course of action by which they are able to react to any and all alarms set off.
While this system is great as a general model of security that can be both well known and somewhat affective as a security precaution, as well as a deterrent against even attempts at theft. As with all security systems, the actual effectiveness of this system depends largely on it’s specific implementation, and can never be made to be completely invulnerable. Also, this system is only applicable to businesses that need to protect material goods that usually are smaller in size. So this system is only useful to a very specific subset of business types. If set up with diligence and properly maintained however, this system can provide valuable protection of the assets of many companies.