Specialist Services

We provide specialist services to schools, hospitals and stadiums. Other critical infrastructure work will be considered if it falls within our expertise.

Schools

In the past few years, a couple of schools have failed OFSTED assessments with the safeguarding element being cited as a particular concern. These schools were both found to have breached the rather vague guidance around a secure environment and the penality is to immediately be placed into special measures. One school was failed for a lack of perimeter fencing, which had not been an issue before. Of course, after this, the government issued the following clarification:

Above: excerpt from government “clarification”.

This appears to be about as vague as possible in order that inspectors have a significant amount of freedom to take the situation in context. This makes compliance somewhat difficult and there is a substantial penalty for failure.

Fixing these issues sometimes inevitably results in high costs for fencing, and there is no getting around this. Inspectors have been walking the fences to find weak spots and looking for insecure doors, etc. The problem here is we simply do not know where the inspection teams will take the non-specific wording of the requirements next.

Add to this potential parental concerns about security and pressure around problems / concerns in the community.

How can we help?

At Styx Security, we can offer a few services which can help schools with security related issues. The below are some of the services we provide, but each school has different needs and we create a bespoke package based on your needs.

Security Awareness Engagement – we put an appropriately DBS checked operative in the school and wait for your staff to challenge them. We also test your visitor policies with a clearly illegitimate reason for being on the premises. This delivers experiential learning to your staff with positive reinforcement. The opportunity for reflection on a real world event positions them better to deal with real unauthorised persons on the school premises. We can adjust the scope as you see fit. More information here.

Standard Penetration Test – we test whether we can gain entry under false pretences with no intention of getting caught. This might include latch slipping or other basic methods of entry which fit within the threat model and scope of work we have agreed. We can use this to audit visitor policies, test whether doors are properly secured and so forth.

Security Assessments – your students are already at the University of Youtube. Your school might well be secure from external threats, but are the locks on your chemistry store featured on a YouTube video? We keep appraised of the locks and other security devices which have weaknesses that are becoming well published. We have also picked up on other, more left-field issues, such as teachers using radios not properly configured, on a public frequency, and receivable by anyone with a cheap handset. Where we find problems, we are intent on finding solutions.

The benefits of the above services, aside from improving security, might include:

Demonstrating to OFSTED inspection teams that you take safeguarding and security seriously.
Keeping ahead of often vague and changing requirements from OFSTED.
Reassuring parents, students and governors after an incident or where there is a concern in the community.
Combining security training, drills, policy audit and evaluation in one service.

An example of a company getting caught out using products to secure important hardware which are all over social media:

Hospitals

We have an operative with significant clinical experience. This includes nearly two decades of working with patients, ionising radiation, drugs (including CDs), radiopharmaceuticals, etc. He is ILS trained, has enhanced DBS and is able to be dropped into a clinical environment (pending any mandatory corporate induction) with the purpose of testing the security. This allows us the capability to test for several different threats which might be difficult for many organisations.

Many of the assets which need to be secured are those which require significant training to even be around and are simply out of scope for most security professionals. We can test whether unauthorised persons can access radiation controlled areas, drug cabinets, patient records, etc. This might not be an external threat, so we can simulate a rogue member of staff trying to access controlled drugs, etc.

We can look to see if your security infrastructure has fallen victim to maintenance induced vulnerabilities which might be like a red rag to a bull for a bored teenager with access to YouTube. We can ensure your wards are not readily accessible or that people are challenged where they should be. We can see if your staff will open doors for us or whether we can tail-gait into a secure area without a valid ID card. Testing could be as simple as safeguarding your patients and ensuring a confused “patient” wandering into a radiation controlled area is challenged.

Picking fault isn’t usually helpful. There may be the occasional issue which needs to be taken up with an individual, but mostly in a large organisation, the issues are systemic. We help identify areas for training or processes which may need improving.

Lastly, your department may be well aware that security is not as well funded as it needs to be and you may not wish to await an event to convince the powers-that-be that improvements need to happen. Security does not always fit into a “business case” until something happens. We can send our operative in to test for the lowest successful level of threat (e.g. can we just walk in, do we need to lie, do we need to slip a latch) and produce a report to help you secure the funding you need.

If you are looking to change your security culture, it may be that a Security Awareness Engagement is more suited to your needs. We can mix and match services and design something to your requirements and the specific goals you need to accomplish.

Stadiums

Soon to be covered under Martyn’s Law and a target for terrorist attacks, stadiums have the issue of being large transitional spaces (meaning a bad actor can easily blend in and approach without being noticed, only becoming identifiable as hostile once they begin their activities).

Use of external security companies does not guarantee quality of service and you may feel the need to audit their performance to ensure compliance with the contract as well as their efficacy.

There are often outside broadcast companies who are in and out of various secured areas all the time, with different faces and understandable frustration at security checks.

Awareness needs to extend outside the boundary, looking for hostile surveillance taking photographs of passes or uniforms.

The volume of people means threats can simply slip through the net.

We can test your security arrangements to see if and how threats can slip through the net, whether someone out of place is detected and whether hostile surveillance is detected. We promise we’ll stay off the pitch.

Combining this with a Security Awareness Engagement can help foster improved security culture at a venue. The downside to this approach is that you are training people who may not be part of your organisation and the individuals may change event by event. But, when word gets out that your venue is doing high profile testing of their security, it will cause all involved to up their game.

We designed our testing to work with the (now former) CPNI 5Es framework. The CPNI may now have been replaced, but this framework is as valid as ever. Martyn’s Law is going to have significant implications down the line and we’re relieved to see a greater emphasis being placed on venue security.