Coastal Pacific states are currently battling raging wildfires. These western states are no stranger to fire, but the losses don’t always have to be catastrophic. Protecting cannabis dispensaries, pharmacies, growers, producers, and secure transporters from natural disasters is possible; it just takes planning.
Records Protection
Most states have laws requiring the digital tracking of product from seed to sale. Many states also require customer databases be kept & maintained to abide by quantity limits. This data is pertinent to stay within compliance and safeguards must be in place to protect this data. It’s also important to select servers that protect against fire AND water. A unit should be able to withstand the fire and the efforts to put out the fire.
The ioSafe protects data from fire and water. It can withstand temperatures up to 1550°F for 30 minutes, and water submersion at 10 ft for up to 72 hours. The internal capacity maxes out at 16TB, and it it’s compact in size: 12 inches high and weighs less than 30lbs.
Businesses, no matter how tech savvy they may be, will always need to store some hardcopies. For this reason, a traditional fire-safe file cabinet should be procured.
FireKing manufactures the best fireproof filing options available. Other brand names only offer half the fire safe protection. These cabinets are available in legal or letter size and multiple drawer options.
Chemical Storage
The cannabis industry is highly regulated. Growers & producers must abide by traditional guidelines for the safe storage of insecticides, pesticides, and other chemicals as well as cannabis specific regulations just to stay in compliance.
Fire or other natural disasters can cause hazardous chemicals to turn deadly. If not stored properly, fire could cause ignition and explosion. The acquisition of proper storage can prevent against additional damage.
The AG400 is the best choice for the storage & safe handling of chemicals. This unit is rated to meet OSHA requirements and withstand up to 4 hours of fire.
Product Storage
Cannabis regulators are primarily concerned with safeguarding citizens against the proliferation of marijuana on the black market. For this reason, many businesses will implement security provisions that prevent surreptitious entry but may not prevent against mother nature.
There are various safes and vaults that can be manufactured to tailor to the specific needs of your business. Protect product from natural forces as well as theft.
Vault doors protect cash and product from diversion as well as natural disasters. Fallen trees could compromise the integrity of a traditional locked door thus enticing those that may wish to profit from your misfortune.
For smaller quantities of product, a high security safe may suffice. This featured safe is manufactured with narcotic storage in mind – sure to pass compliance inspections. It’s also fire tested to 1850°.
No matter the scale or size of your operation…
KL Security can help facilitate compliance and protection. We’ve helped numerous cannabis facilities nationwide assemble license applications, maintain compliance standards, protect against diversion, and drive revenue. Our consultants are knowledgeable, experienced, and ready to assist.
Information has been gathered from sources deemed reliable but not guaranteed and is subject to change without notice. The information contained in this site is provided for informational purposes only.
SCIFs, when not occupied, must be protected by Intrusion Detection Systems (IDS). This includes walls that are not at the SCI level. The AO will ultimately determine what security programs will be needed to protect these areas of a SCIF from unauthorized entry and movement. Doors that don’t have access control systems and/or not under visual surveillance must be monitored by the IDS. In the event of a power failure or other event that makes the IDS inoperable, SCI-indoctrinated personnel must occupy areas of the SCIF until the IDS system resumes normal operation. The SCIF emergency plan will address IDS failures.
All system plans must be approved by the AO. As a part of the SCIF accreditation package, a final system acceptance testing will be conducted.
IDS System Requirements
All IDS installation of monitoring stations and related components must comply with:
Underwriters Laboratories (UL) Standard for National Industrial Security Systems for the Protection of Classified Materials, UL 2050
Installation must comply with Extent 3 installation noted in UL 2050. This includes systems developed and used by the USG. These systems don’t need UL certification but should comply with Extent 3 installation.
Areas, as mentioned above, that do not need protection at the SCI level will be protected by IDS that includes UL 639 listed motion sensors and UL 634 listed High Security Switches (HSS) that meet UL Level II requirements and/or other AO-approved sensors. New SCIF accreditations must use UL Level II HSS. Until IDS modifications and upgrades are made, existing UL Level I HSS are authorized.
All cabling that extends beyond the SCIF perimeter must use Encrypted Line Security or be installed in a closed sealed metal conveyance (pipe, tube, or something constructed of Electrical Metallic Tubing (EMT), pipe conduit or rigid sheet metal ducting). All joints and connections on the closed metal conveyance must be permanently sealed around all surfaced by welding, epoxy, fusion, etc. Set screws cannot be used to seal the surface. This seal will provide a continuous bond between all components of the conveyance. If a service or pull box must be used, it must be approved with GSA approved combination padlock or an AO approved key lock.
SCIFs that share a common perimeter or have an established Co-Use Agreement (CUA) and support the same IC Element, may have the PCU (Premise Control Unit) programmed into multiple units or partitions. This allows each SCIF to function as individual control units for the IDS installed in several different areas or rooms that are independent of one another. Compliance conditions apply to the PCU, IDS, and partitions of the PCU equally. However, the PCU must be independent of IDS safeguarding non-UL 2050 certified areas.
For a monitoring station that is in charge of more than one IDS, there must be both audible and visible annunciation for each IDS. Fire, smoke, radon, water, and other systems must be independent of the IDS. If IDS incorporates an access control system (ACS), the ACS notifications must be subordinate in priority to IDS alarms. Without the application of specific countermeasures and the approval of the AO, systems cannot include audio or video monitoring. If monitoring systems contain auto-reset features, those features must be disabled.
All system key items and passwords must be protected and restricted to U.S. SCI-indoctrinated personnel. Alarm activations must be displayed locally until cleared by an authorized SCI-cleared individual. Determined by the AO, all IDS technical drawings, installation instructions, specifications, etc. will be restricted and documented in the CSP.
IDS False Alarms
An IDS false alarm is defined as any alarm signal transmitted in the absence of a confirmed intrusion that is caused by changes in the environment, equipment malfunction, or electrical disturbances. If false alarms exceed this requirement, a technical evaluation of the system must be conducted to determine the cause. Once evaluation is complete and the system is repaired or resolved, it must be documented. False alarms cannot exceed one alarm per 30-day period per IDS partition.
System Components
Sensors
All system sensors must be located within the SCIF
Exception:The AO can approve external sensors on the SCIF perimeter so long as they are installed in a closed sealed metal conveyance (pipe, tube, or something constructed of Electrical Metallic Tubing (EMT), pipe conduit or rigid sheet metal ducting). All joints and connections on the closed metal conveyance must be permanently sealed around all surfaced by welding, epoxy, fusion, etc. Set screws cannot be used to seal the surface. If a service or pull box must be used, it must be approved with GSA approved combination padlock or an AO approved key lock.
SCIF perimeter doors must be protected by an HSS and a motion detection sensor
Emergency exit doors will be alarmed and monitored 24 hours per day
When primary entrance door has a delay to allow changing the system mode of access, this delay must not exceed 30 seconds
Dual technology sensors are authorized when each technology transmits alarm conditions that are independent of the other technology.
Areas not protected at the SCI level will have a sufficient number of motion detection sensors or be approved by the AO. Sensors will consist of UL 639 listed motion sensors and UL 634 listed HSS that meet UL Level II requirements and/or other AO-approved equivalent sensors.
Note: For facilities outside the U.S. and in Category I and II countries, motion detection sensors above false ceilings or below false floors may be required by the AO.
Failed sensors will cause immediate and continuous alarm activation until this failure is investigated and corrected following procedures documented in the SCIF SOP/Emergency Action Plan.
Premise Control Units (PCUs)
Premise control Units (PCUs) must be located within a SCIF and access modes can only be started by SCIF personnel only. The access/secure switch will be restricted by a device or procedure that confirms authorized use. Within the SCIF, the cabling between sensors and the PCU must be dedicated to the system and comply with both national and local electrical codes and Committee for National Security Systems (CNSS) standards. However if the wiring can’t be contained within the SCIF, the wiring must meet the requirements in the External Transmissions Line Security section below.
At the PCU and/or monitoring station, alarm status must be continuously displayed with an alphanumeric display. Every effort must be made to install the alarm-monitoring panel in a location that prevents observation by unauthorized personnel. The PCU/monitoring station must identify and display all activated sensors. A change in power status (AC or backup) will also be indicated locally and at the monitoring station/PCU. All auto-alarm reset features of the IDS must be disabled.
Alarm notifications must be immediate and continuous for the following situations:
Intrusion Detection
Failed Sensor
Tamper Detection
Maintenance Mode
IDS Sensor Points masked or shunted during maintenance mode
In the events noted above, only SCI-indoctrinated personnel can reset the PCU and only after inspection and determination for the cause of the alarm. IDS transmission lines going from the SCIF to the monitoring station must meet the National Institute of Standards and Technology, Federal Information Processing Standards (FIPS) for certified encrypted lines. The FIPS standards employed must be noted in the UL 2050/CRZH Certificate or other certificate. PCUs that are certified under UL 1610 have to meet FIPS 197 or FIPS 140-2 encryption certification and method.
For PCUs certified under UL1076, only FIPS 140-2 will be the accepted encryption certification and method. The AO can approve alternative methods but must be noted in the IDS Certificate. IDS Admin that are SCI cleared must maintain and change all default profiles, PINs, or passcodes to a unique PIN/passcode.
More IDS specifications will be explored in the next installment: Part 8.2.
Does your facility require a SCIF? KL Security offers SCIF Container Solutions with panelized modular systems for scalable modular, portable, & mobile requirements. We assist in the acquisition of modular facilities for DoD & Government Access Control and ICD705 SCIFs or SAPF facilities. We also assist with special access control planning and commercial business security.
Call 866-867-0306 or email [email protected] to see how the experts at KL Security can assist your facility in security needs.
Information has been gathered from sources deemed reliable but not guaranteed and is subject to change without notice. The information contained in this site is provided for informational purposes only.
Modular SCIFs include ground-based temporary SCIFs (T-SCIFs) and include those on mobile platforms such as trucks and trailers/containers, and SCIFs aboard aircrafts and on surface/subsurface vessels. Modular SCIFs are the most durable and cost effective SCIF in both design and manufacturing. These versatile SCIFs require less construction time than a regular SCIF and can be permanent or relocatable depending on your needs.
Modular SCIFs are constructed off-site and arrive at their destination wired and ready for use. Container SCIFs can be entirely customizable from height to interior details to meet your specialized needs. There’s no limit on size! The interior customization can include pre-wired workstations, conference areas, and secure server rooms.
T-SCIFs, depending on its design, can also be adjusted for future expansion to increase the longevity of your SCIF. For construction, modular SCIFs must adhere to the Fixed Facility checklist outlined in ICD 705. This includes acoustic, visual, and concealed entry protection. Cables and wires, as with all SCIFs, must be protected. Ground-based structures must be secured with GSA-approved locking devices and tamper-evident seals.
Depending on your needs, TEMPEST countermeasures, Intrusion Detection System (IDS), and Access Control System (ACS) are optional features that can be included in T-SCIFs. It is ultimately up to the CTTA to decide if TEMPEST countermeasures are needed with your T-SCIF. The AO and CTTA will collaborate to provide red/black separation and protected distribution guidance for field installation in accordance with NSTISSAM TEMPEST 2/95 and 2/95A, and CNSSI 7003.
Storage and Site Security
Like other SCIFs, T-SCIFs have specific requirements for overall security and storage of materials. Aircrafts and surface/subsurface vessels require more security measures than ground-based T-SCIFs. Secure materials used inside a container SCIF must be limited to what is needed for operation. These materials must be stored in GSA-approved containers. The AO may approve exceptions to the storage of secure material in GSA-approved containers for a period of time.
When this secure material is no longer needed, it must be destroyed by a means approved by the AO. Once a T-SCIF is no longer in use, a SCI security official will inspect the facility to ensure all secure material has been removed.
It’s the AO’s responsibility to evaluate and assess operational risks associated with the location of the T-SCIF, specifically if it’s located in an area that is not U.S.-controlled. The AO will determine what area offers the greatest degree of protection against forced entry.
The T-SCIF will have only one entrance that will be controlled and monitored during the T-SCIF’s hours of operation by SCI-indoctrinated persons via access roster. When in operation, the perimeter will be guarded by guards with a U.S. SECRET clearance. Hardened T-SCIFs with no open storage of secure material can be monitored by a U.S. SECRET-cleared individual.
Does your facility require a SCIF? KL Security offers SCIF Container Solutions with panelized modular systems for scalable modular, portable, & mobile requirements. We assist in the acquisition of modular facilities for DoD & Government Access Control and ICD705 SCIFs or SAPF facilities. We also assist with special access control planning and commercial business security.
Call 866-867-0306 or email [email protected] to see how the experts at KL Security can assist your facility in security needs.
Information has been gathered from sources deemed reliable but not guaranteed and is subject to change without notice. The information contained in this site is provided for informational purposes only.
Vents and ducts construction for a fixed facility SCIF have a short list of specifications that must be adhered to during construction.
All vents and ducts have to be protected to meet the acoustic and security requirements of the SCIF. The walls that surround the duct penetrations have to be finished to eliminate any opening between the duct(s) and the wall(s).
If vent or duct openings penetrate the SCIF perimeter walls and exceed 96 square inches, the vents/ducts must be protected with permanently attached bars or grills. Listed below are the detailed requirements for bars and grills.
Bars or grills are not required if one dimension of penetration measures less than six inches
If metal sound baffles or wave forms are permanently installed and set no farther apart than six inches in one dimension, then bars or grills are not required
If bars are used:
Bars must be a minimum of ½ inch diameter steel, welded vertically and horizontally six inches o.c.
Deviation of ½ inch in vertical and/or horizontal spacing is permissible
If grills are used, they must be made of:
¾ inch-mesh, #9 (10 gauge), case-hardened, expanded metal; OR
Expanded metal diamond mesh, 1 ½ inch #10 (1 ⅜ inch by 3 inch openings, 0.093 inch thickness, with at least 80% open design) tamperproof; OR
If bars, grills, or metal baffles/waveforms are required for your SCIF, an access port will have to be installed inside the secure SCIF perimeter. This access port will allow visual inspection of all the bars, grills, or metal baffles/waveforms for signs of security risks.
If the area outside the SCIF is controlled (SECRET or equivalent space), the access port can be installed outside the perimeter. However, the port must be secured with an AO-approved high-security lock and must be noted in the FFC.
Does your facility require a SCIF? KL Security offers SCIF Container Solutions with panelized modular systems for scalable modular, portable, & mobile requirements. We assist in the acquisition of modular facilities for DoD & Government Access Control and ICD705 SCIFs or SAPF facilities. We also assist with special access control planning and commercial business security.
Call 866-867-0306 or email [email protected] to see how the experts at KL Security can assist your facility in security needs.
Information has been gathered from sources deemed reliable but not guaranteed and is subject to change without notice. The information contained in this site is provided for informational purposes only.
Wall C is suggested to be used for Plywood. The list below and accompanying diagram list all construction specifications for Wall C.
Three layers of Gypsum Wall Board (GWB) ⅝ inch-thick
Two layers on the uncontrolled side
Sound group 4
One layer over min. ½” plywood on the controlled side
CTTA recommended countermeasures: (foil backed GWB or a layer of approved Ultra Radiant R-Foil) must be put up for RF shielding. In accordance with IAW, the foil will be located between the layer of plywood and GWB
½” Plywood attached 8’ vertical by 4’ horizontal to 16 gauge studs using glue and #10 steel tapping screws at 12 o.c.
Gypsum Wall Board must be mounted to the Plywood with screws and avoiding contact with studs to ease any acoustic flanking path
16 gauge continuous track (top and bottom) with anchors at 32” on center max.)
Bed will be in a continuous bead of acoustical sealant
Fire safe non-shrink grout, or acoustic sealant in all voids above/below track on both sides of the wall
Entire wall shall be finished and painted from true floor to ceiling
Does your facility require a SCIF? KL Security offers SCIF Container Solutions with panelized modular systems for scalable modular, portable, & mobile requirements. We assist in the acquisition of modular facilities for DoD & Government Access Control and ICD705 SCIFs or SAPF facilities. We also assist with special access control planning and commercial business security.
Call 866-867-0306 or email [email protected] to see how the experts at KL Security can assist your facility in security needs.
Information has been gathered from sources deemed reliable but not guaranteed and is subject to change without notice. The information contained in this site is provided for informational purposes only.
Wall B is suggested to be used for a Fixed Facility SCIF that is Open Storage without SID. The list below and accompanying diagram list all construction specifications for Wall B.
Three layers of Gypsum Wall Board (GWB) ⅝ inch-thick
One layer on the uncontrolled side
Two layers on the controlled side
Acoustic protection: Sound Class 3
Wallboard must be attached to 3 ⅝ inch-wide 16 gauge metals studs or wooden 2×4 studs placed no less than 16” on center
16 gauge continuous track (top and bottom) with anchors at 32” on center maximum in continuous bead of acoustical sealant
For Expanded Metal:
Three-quarter inch mesh, #9 (10 gauge) expanded metal must be affixed to the interview side of all SCIF perimeter wall studs
Expanded metal must be spot-welded to the studs every six inches along each vertical stud at the ceiling and floor
Hardened screws with one inch washers or hardened clips should be used in lieu of welding to fasten metal to the studs
Screws must be applied every six inches along each vertical stud at the ceiling and floor
Fastening method must be noted in the FFC
Entire wall must be finished and painted from floor to ceiling
Does your facility require a SCIF? KL Security offers SCIF Container Solutions with panelized modular systems for scalable modular, portable, & mobile requirements. We assist in the acquisition of modular facilities for DoD & Government Access Control and ICD705 SCIFs or SAPF facilities. We also assist with special access control planning and commercial business security.
Call 866-867-0306 or email [email protected] to see how the experts at KL Security can assist your facility in security needs.
Information has been gathered from sources deemed reliable but not guaranteed and is subject to change without notice. The information contained in this site is provided for informational purposes only.
