U.S. Geological Survey Manual
CHAPTER 6. LOCKS AND KEYS
1. Locking Hardware. Locks are the most widely employed security devices. They are found on anything to which access must be controlled, such as vehicles, storage containers, doors, gates, and windows. The security of any property or facility relies heavily upon locking devices. Locks merely deter or delay entry and should be supplemented with other protection devices when a proper balance of physical security is needed. An assessment of all hardware, including doorframes and jambs, should be included in any physical security survey. Locking devices vary greatly in appearance as well as function and application.
2. Types of Locks. Locks can be divided into three very general classes: (1) those that operate on purely mechanical principles; (2) those that are electro-mechanical and combine electrical energy with mechanical operations; and (3) electronic locks, which add to electro-mechanical lock devices various logic operations associated with integrated circuits.
3. Mechanical Locks.
A. Key locks. Key locks are the most common mechanical locks. They include warded, lever, and pin tumbler locks. Although most key locks can be opened by a determined individual in a few minutes, they are used primarily to delay, discourage, or deter theft or unauthorized access.
(1) Warded Lock. The mechanical lock longest in use and first developed is the warded lock. The lock is exemplified by the open, see-through keyway and the long, barrel-like key. Still found in older facilities, the warded lock is a very simple device. A modern locking program does not include warded locks. In any installation where warded locks are already present, phased replacement or augmentation with other locks is recommended.
(2) Lever Lock. A significant lock improvement after the warded lock came in the eighteenth century with the perfection of the lever principle. The lever lock finds continued application today in such varying situations as desk, cabinet, and locker installations. The lever lock offers more security than the warded lock, but is inherently susceptible to picking.
(3) Pin Tumbler Lock. The pin tumbler is probably the most widely used lock for applications such as exterior and interior building doors. A number of very useful refinements have been added to the basic pin tumbler in recent years, so that now a very high level of lock security can be achieved with many models. A pin tumbler lock with at least 6 pins is considered a high-security lock according to the FPS.
B. Combination Locks. A manipulation-resistant combination lock provides a high degree of protection. It is used primarily for safeguarding classified or sensitive material. Its technical design is to prevent the opening lever from coming in contact with the tumblers until the combination has been dialed.
(1) Built-in Combination Locks. When a security container or vault door is used to safeguard classified information, it must be equipped with a changeable 3-position, dial-type combination lock that has been approved by GSA. These locks can be purchased from companies listed on the GSA FSS. (See Chapter 7, Paragraph 7, for a description of combination locks.)
(2) Combination Padlocks. Combination padlocks are locks designed for attachment to a mounted hasp. They are not approved for the protection of classified National Security Information and are not rated for resistance to physical attack. Combination padlocks can be used either as a removable padlock in conjunction with bar-lock cabinets and other conventional hasp-type locks, or by fastening the security cover of the padlock to the surface of a container. It can be used on desks, storage cabinets, filing cabinets, sliding door cabinets, and virtually any type of container through the use of an eyelet or loop designed to fit the tolerances of the opening of the padlock.
(3) Protecting and Recording Combinations. The procedures for changing combinations, protecting combinations, and recording combinations are established in Chapter 7, Paragraph 7.
(4) Electro-Mechanical Locks. Electro-mechanical door locks are primarily used to control entry into an area. Rather than using a key, they open by pushing a series of numbered buttons. The locks can be either electrically or mechanically activated. Some of the advantages of using these locks are low cost, easy installation, easy combination changing, and simple operation. These devices are used for access control and do not provide a high degree of security when used alone. Some models have "time penalty" and error alarm features and can be tied to an existing alarm system. When used in a controlled or restricted area, as described in Chapter 5, Paragraph 2, that is not continually manned, these locks should be supplemented by a built-in combination lock described in Chapter 7, Paragraph 7. The combination or code used to activate an electro-mechanical door lock should be changed at least annually and when any person having knowledge of the combination no longer requires access to the area.
4. Electronic Locks.
A. An electronic lock system uses a card key programmed with a particular code, which is read by a card reader that communicates with an automated central or local processor for access control. An electronic lock is considered a high-security lock according to the FPS. The card reader obtains data from the card by reading punched holes, magnetic strips or spots, imbedded wires, or any of several other methods. To open a door or activate a turnstile or lock, the card is typically inserted into a slot or groove and the coded area is read by the reader. If the code is an authorized one, the processor will direct the lock to open. Key cards should be voided in the system when lost, stolen, or when access is no longer required and the card recovered.
B. Card readers fall into two basic categories: on-line and intelligent.
(1) On-line readers must communicate with a central processor that makes the entry/exit decision.
(2) The intelligent card reader compares the data on the card with preprogrammed data, and entry or exit is granted or denied by the card reader itself at the reader location. Intelligent readers are also called stand-alone or off-line readers.
C. Multiple card readers can be used to control access to numerous buildings and rooms from one central processor. Most processors are capable of discriminating between time zones and levels of status for multiple readers and recording the time, date, location, and frequency of transactions. Many have additional features and capabilities such as monitoring alarms, keeping time and attendance records, and communicating with emergency or security personnel.
5. Biometric Systems. Other locking systems are available that use neither keys nor combinations. These include locks which open by using one of six primary categories of biometrics technology: fingerprints, hand geometry, retinal scan, signature dynamics, voice verification, or keystroke dynamics. These biometric systems are considered high-security locks and are designed primarily to control access to extremely sensitive, special-use areas where positive personal identification is an operational necessity.
6. Keys. Keys to locks are often the first and only level of physical security control for many organizational assets. Consequently, key control or the lack of it can mean the difference between a relatively secure activity and extraordinary loss. Almost all organizations utilize some type of key access in everyday operations. Each day offers an opportunity of key mismanagement, which can lead to mild annoyances such as the replacement and cost for lost keys, or to more serious losses, such as theft or personal injury. A good key control system will maintain a strict accountability for keys and limit both key duplication and distribution.
A. Types of Keys.
(1) Operating or "change" keys are keys that are used to open locks.
(2) Duplicate keys are copies of operating keys and are usually stored for use in an emergency or to replace a lost key. Duplicate keys must be kept to a minimum and be protected to avoid proliferation and loss of accountability.
(3) Master keys are designed to open all locks of a particular series. Key systems can have one grandmaster key for the overall system and several sub-master keys for each subsystem. Master keys can be used as a convenience, e.g., carrying one key instead of numerous keys, but must be carefully controlled.
(4) Construction keys open removable lock cylinders installed on the doors during construction of a facility. These cylinders are replaced at the end of construction with cylinders using the facility's key system.
(5) Control keys are used to remove the cylinder of locks for changing keys. These keys are used only in interchangeable cylinder systems.
B. Accountability Procedures.
(1) The integrity of a key system is important to safeguarding property and
controlling access. Lost keys minimize a lock's effectiveness. The security
officer should ensure that responsible individuals maintain control over the
facility's key system by storing, issuing, and accounting for all keys under
the facility's control. Issuance of keys must be kept to a minimum. Keys should
be issued only to persons who have an official need. Accurate accountability
records must be kept and should contain the information listed below. Keys not
issued should be destroyed if no longer needed or stored in a locked container.
(a) Number assigned to each key and lock;
(b) Location of each lock (room number);
(c) Person to whom keys have been issued;
(d) Date of issuance; and
(e) Recipient's signature for keys issued.
(2) When a key to a designated controlled or restricted area is lost, the locks to the area must be changed.
(3) Access lists for persons authorized to use master keys should be maintained.
(4) The key storage container should be kept locked and checked at least monthly.
(5) All keys should be inventoried at least annually.
(6) Requests for issuance of new, duplicate, or replacement keys should be approved or monitored by the security officer.
C. Protection of Keys.
(1) Do not place identifying key tags on rings; if lost, it's an open invitation for misuse.
(2) Ensure keys are not left on desks, in unlocked drawers, or where they can be easily taken and copied. Remind employees to keep official keys on their person or securely locked in a desk or cabinet, and that they are not to lend them to individuals not specifically authorized.
(3) Ensure employees promptly return official keys checked out on a temporary basis.
(4) Ensure lost keys are immediately reported to the appropriate official. Locks should be rekeyed immediately and new keys issued when keys are lost or stolen.