Let’s get smarter about hotel security: Moving on from Mali

November 24, 2015 - By Mac Segal

Tags: , , ,

In the wake of the deadly attack on Bamako, it is tempting to point fingers at those responsible for hotel security. Let us be clear:  There is no blame to be placed on anyone but on the cowardly perpetrators of the unspeakable act of terror that we witnessed in Mali. It is unreasonable and unrealistic to expect any hotel security officer to effectively engage and neutralize an attack that begins with a vehicle bearing diplomatic plates pulling up to the hotel vehicle entrance point and gunmen indiscriminately opening fire with assault rifles.

Does this mean that short of turning hotels into fortresses, we are doomed to suffer additional such attacks?  The answer is an unequivocal no.

However, there are measures that can and must be taken to mitigate the risk of such incidents and minimize their damage. And yes, hotel security can be improved without negatively effecting the guest experience. Here, in broad brush strokes, are two key security concepts that all hotels should consider. We will first look at detection, then turn our focus to containment and control.

The importance of layers for hotel security

The concept of layers is central to any effective security apparatus. This is true for hotel security as well as close protection and event management.

Hotel security layers can be broken down into periphery, outer perimeter, inner perimeter, exterior and interior.  Each of these layers, or rings, is susceptible to a variety of threats and risks; intelligent security programs address them all proactively to mitigate risk and ensure the safety of the guests and staff.

In an ideal world, intelligence gathering at the outermost layer, the periphery, can be seen as an umbrella that detects imminent threats and communicates them to all potential targets. However, we do not live in an ideal world and periphery security is often neglected. Surveillance detection is a good place to start in order to change this.

Surveillance detection at the periphery

The foremost threat encountered at the periphery is hostile surveillance.

Hostile acts rarely take place without prior intelligence gathering. Attackers monitor and evaluate various potential targets, identify their relative strengths and weaknesses, and then select the most attractive one with the highest chance for success. Surveillance may take the form of two people sitting in a vehicle across the road from the hotel, taking pictures; or it could be a person walking around the adjacent streets noting entrances, cameras and security officers.

This is the optimal stage to shut down a potential attack. Think of a hostile act as a snowball perched on top of a mountain. Once it begins rolling it gains speed and momentum with every foot it travels, becoming exponentially more destructive and harder to stop the further plans progress. The safest way to avoid being caught in the avalanche is to break down the snowball before it even starts rolling. Or, in security speak: we must stop the threat as early and far away from the target as possible.

Surveillance detection is a specialist discipline that is too complex to address sufficiently in this blog. Suffice it to say that security personnel should receive training in surveillance detection. This will enable them to identify hostile surveillance at an early stage, and to initiate appropriate steps to deter the attack before it becomes a reality.

Watch out for test runs & intelligence gathering

Another tactic employed by hostiles before an attack is to carry out a test run at the target location. This may take the form of persons trying to gain entry to the hotel, for example by driving up to the entry point and trying to talk their way in. Or the hostiles might present a legitimate reason for entering, such as a restaurant reservation or a meeting. By conducting an apparently innocent test run, the hostiles can determine exactly which security measures are in place, and get answers to critical questions such as: Are there metal detectors or bag scanners? How many guards are there? Are they armed? How effective is access control?…

They may go a step further, and have an operative actually check into the hotel in order to gather intelligence about the security inside, the hotel layout and additional entrances and exits. They have also gone as so far as getting their people employed at the target hotel, who then furnish them with inside information regarding every aspect of the hotel or facility.

There are no hard and fast rules as to how to identify this kind of probe. However, here again training is of paramount importance. Understanding suspicious indicators and how to identify them is the best tool to combat this kind of intelligence gathering. If the visitor or guest does not “feel right” or fit the image of your typical hotel guest, the security manager should be alerted. There are additional cues such as paying cash, the lack of luggage or spending the whole day “hanging out” at the hotel. Of course, job candidates must be carefully screened and their references checked.

It is at the security manager’s discretion to decide to how to best handle someone who has been flagged by the hotel or security staff. While it is important not to overreact,  it is also essential not to “under-react”:  The failure to communicate available information to the relevant people is the number one reason that preventable attacks are not foiled. Indicators must not be ignored. If a visitor or guest is flagged, the information has to be discretely disseminated to all relevant personnel..

Contain and control

Once a hostile act has begun, staff must immediately transition into “emergency mode”. The logic is simple: neutralize the attackers.

Neutralize does not mean eliminate. The first aim of containment and control is to create a situation where the attackers are no longer a threat. If the attackers are locked alone in a room, they have been effectively neutralized. If guests are evacuated before the attacker reaches them, the attack has been neutralized.

Of course, if the attacker is disabled or eliminated, this too means they are neutralized. Keep in mind, however, that in many countries hotel security personnel are not armed. Their ability to engage and eliminate armed hostiles is thus greatly reduced, and the best course of action is to create time and distance between the hostiles and their potential victims.

Creating barriers of time and distance through people, procedures and technology

An essential element of controlling and containing a hostile attack is creating time and distance between attackers and their potential victims.  The longer it takes the attackers to reach their victims, the greater the chance that law enforcement or other first responders can reach the site and neutralize the threat, or that people can be evacuated to safety. In the event that hotel security personnel are armed, this time gives them an opportunity to regain the tactical advantage over the attackers.

Barriers of time and distance can be established by appropriate physical measures such as gates, fences and doors. These need not be ugly or threatening to be secure and difficult to penetrate.

The lockdown procedure is critical for creating time and distance between hostiles and victims. If staff inside the hotel hear gunfire or an explosion outside, they must lock down the entrance in a matter of seconds to deny hostiles access to the hotel interior. Even if the attackers can break their way through doors, this will take them time. Every delay of contact with potential victims exponentially increases the chances of escape and survival. There are many lockdown options, and it is advisable to consult with a professional to determine the most effective means without compromising hospitality goals.

Emergency procedures & training

In an emergency, training is the single most important aspect of security.

There is no camera that can disarm a gunman. No lock will keep hostiles out indefinitely. No fire escape can call out directions to guests and guide them to the safest exit. Only personnel who are properly trained to implement correctly written emergency procedures can provide an effective response to critical threats.

Too many security guards know how to detect a firearm or explosive, but have little idea what to do should they happen to find one. In the event of a hostile attack, every single staff member in the hotel, be they security officers or maintenance personnel, must know what to do and how to act.

Emergency procedures must not be stuck in some long-forgotten file room. They must be easily accessible, well known and understood by the security manager and general management team, and internalized by all hotel staff through effective, ongoing training. Correct training involves much more than a 30-minute lecture in a conference room. Care should be taken to ensure that the hotel staff not only understand their roles, but are capable of performing them in real time.

In the event of a hostile attack, one staff member who is properly trained can evacuate 20 guests from a pool area before the gunmen get there, and thus save 20 lives.  It is not reasonable to expect people to react correctly in a high-stress, life-threatening situation unless they have received the proper training.

Of course, it takes much more than a blog like this to protect hotels from violent attacks; the conversations required a far more complex. But as recent incidents so amply demonstrate, there is an urgent need for a shift in the hotel security paradigm.

We need to move away from “security window dressing” that makes people feel safe, and engage in intelligent, real world security solutions that ensure that guests and staff stay safe, happy and productive.


Portions of this blog have been previously published in an article by Jeff Weinstein on HotelsMag.com  http://www.hotelsmag.com/Industry/News/Details/62762?allowguest=true

Mac Segal

Vice President, Business Development and Consulting, EMEA

With over 25 years of operational, training and consulting experience in the security industry, specializing in mitigating and responding to terror and criminal threats, Mac brings real-world knowledge and expertise to all facets of his job.

As a hospitality and fixed asset SME, Mac conducts security assessments, training and designs security master plans for hotels, business facilities, event & conference centers, and critical infrastructure the world over. Working extensively with owners and operators in the private and government sectors worldwide he possesses an in-depth understanding of the challenges facing businesses and infrastructure in today’s world. Mac has published many articles on hotel and general security and is a regular speaker at security conferences the world over as well as SME to major television and print news outlets.

Mac leads training programs in security awareness & suspicious indicator identification, event security, emergency response procedures, counter-terrorism, covert close protection, and surveillance detection. Mac has taught security professionals, hotel and event facility guards and employees, government units and C-suite executives, working together with them to customize the training to their specific requirements.

Merging his operational, training and consulting skills, and partnering with our clients, Mac carries out Operational Audits of government and private facilities and protective units to constructively identify, assess and rectify real-world vulnerabilities.

Born in South Africa, Mac has served in two militaries and government service, living in Europe and the Middle East whilst operating around the globe. This facilitates him with an excellent multi-cultural understanding which allows him to provide tailor-made, relevant and practical security and safety solutions.