The State of School Security

That reinforces what I have believed for years. Schools should not chase products just because they are new or flashy. They should focus on what actually improves readiness, daily operations, emergency response, and recovery. That is why I keep coming back to ULSS — Unified Life Safety Systems. When I use that term, I am talking about bringing together people, policy, procedures, communications, access control, detection, life-safety systems, and digital infrastructure into one coordinated operating environment. PASS Version 7 is moving in that same direction through its five-layer model and through its stronger treatment of visitor entry, panic alarms, door hardware, and digital infrastructure.

My overall takeaway is simple: the future of school safety is not a pile of disconnected gadgets. It is better integration, better coordination, and better alignment between people, process, and technology.

LL: What was discussed at the PASS meeting at ISC West and can you please provide an update on the meeting and PASS?

Grace: At the PASS School Security Town Hall at ISC West, the focus was a state-of-school-security update, news on PASS efforts to improve school safety and security, and what is new in the latest PASS Guidelines. One of my biggest takeaways from that conversation was that, for all the new technology in the market, PASS keeps bringing the field back to fundamentals — doors, access control, communication, layered planning, and the ability to take immediate protective action.

One theme I took from that PASS ISC conversation was the importance of the locked classroom door as a life-safety barrier. That point is reinforced very clearly by the Texas School Safety Center, which says a locked classroom door is the most powerful time barrier in an active assailant event and cites the Sandy Hook Advisory Commission’s finding that there had never been an event in which an active shooter breached a locked classroom door. To me, that absolutely belongs in the larger PASS conversation, because it reinforces why the basics of door security and immediate lockdown capability still matter so much.

The broader PASS update is very positive in my view. PASS released Version 7 on July 30, 2025, and that update mattered. It added the new Digital Infrastructure layer, unified earlier perimeter concepts into a Campus Perimeter layer, expanded visitor-entry guidance, added more content on physical hardening, expanded panic-alarm guidance, and gave deeper treatment to door locks and door devices. That tells me PASS is continuing to evolve in the right direction — more integrated, more practical, and more reflective of the way schools really operate.

One reason I stay energized about PASS is that it gives the field a practical framework instead of just a collection of opinions. PASS says the Guidelines are a road map for school administrators, school boards, and public safety and security professionals to implement a layered and tiered approach and prioritize needs. I continue to believe that is one of the most important contributions in the country right now.

LL: I see that PASS is now providing a digital security checklist. Can you talk about the significance of this?

Grace: Yes — I think this is a very important step for PASS and for schools. The significance is not just that the checklist is now digital. The real significance is that PASS is recognizing what schools are living every day; digital infrastructure is now woven into nearly everything a school does. PASS now offers both printable and digital checklist options, and Version 7 formally added Digital Infrastructure as one of its five security layers.

What makes this so important is that almost every human action, protocol, or emergency procedure in a modern school now has some tie to digital infrastructure. It supports teaching and learning, daily operations, communications, visitor management, access control, video, emergency notification, accountability, threat assessment, weather monitoring, threat detection, and incident command. PASS’s Version 7 materials support that broader view by describing the digital layer as a converged approach to security and by placing communication, access control, video surveillance, detection and alarms, and people and training inside the same layered framework.

I also see the digital checklist as important because it helps schools move from theory to action. PASS says the checklist is for assessing a school’s progress with security, and PRISM says the digitized checklists help school leaders evaluate current conditions, identify gaps, and prioritize improvements across district-wide security, building and classroom safety, visitor management and access control, emergency communication and response systems, and digital infrastructure and cybersecurity.

And this ties directly into cybersecurity. The U.S. Department of Education says school districts are experiencing an average of five cyber incidents per week and connects that reality to emergency operations planning. That is why I do not see cybersecurity as a side issue anymore. It is part of school security, part of continuity, and part of life safety.

LL: What do you see as the top challenges for schools today when it comes to implementing a comprehensive school security plan and how can they overcome those?

Grace: I see several major challenges. First, too many schools still operate in silos. Facilities, IT, security, administration, mental health, special education, transportation, and public safety may all be doing good work, but not always in a coordinated way. Second, many districts struggle with prioritization. They know they need to improve, but they are not always sure what to do first, what matters most, or how to phase improvements over time. PASS is useful here because it gives schools a layered and tiered structure for identifying needs and setting priorities.

Another major challenge is funding, and I think that point has to be made clearly. Funding is not just about buying equipment. It touches every facet of a comprehensive school security plan — assessments, planning, training, staffing, maintenance, cybersecurity, communications, door hardware, access control, visitor management, detection technologies, emergency operations, and long-term sustainment. PASS has explicitly framed its guidance as a way to help schools identify critical needs, cost-effective solutions, and stronger grant proposal direction, and I believe schools get into trouble when they fund pieces of safety but not the full operational capability behind them.

I also believe the human factor remains one of the biggest issues. A district can buy good technology and still be vulnerable if doors are propped, visitor procedures are weak, roles are unclear, or staff are not trained to use the systems the right way. PASS’s own framework emphasizes policies and procedures and people, including roles and training, alongside the hardware and systems.

That is why I believe schools overcome these challenges by starting with the right team and the right assessment: bring together security, facilities, IT, administrators, mental health professionals, transportation leaders, school resource officers or law-enforcement partners, and others who play a role; use a framework like PASS to identify gaps and set priorities; then align governance, funding, people, process, and technology into one comprehensive plan instead of treating safety as a collection of unrelated purchases.

LL: Where do you see school security going in terms of securing doors, and what are the latest recommendations for the classroom door and other key areas such as the main entrance?

Grace: I believe school security is moving toward a clearer recognition that access control is not just another system — it is a foundational component that makes almost everything else work. PASS has said directly that access control systems are the backbone of a school or district’s physical security system, and that effective access control helps unify other technologies like video, alarms, and fire. That is one of the central reasons I keep emphasizing ULSS. If you cannot control the opening, you cannot fully control entry, delay intrusion, support lockdown, manage visitors, coordinate responder access, or make duress, panic alarms, mass notification, communication, and the rest of the life-safety environment function the way schools need it to.

For the classroom door, the direction is very clear in my view. Classroom doors need to support immediate protective action from inside the room. PASS Version 7 says properly locking doors is an essential component in a school and specifically highlights in-depth coverage of door locks and door devices. The Texas School Safety Center makes the real-world case for why this matters by saying that a locked classroom door is the most powerful time barrier in an active assailant event. It cites the Sandy Hook Advisory Commission’s finding that there had never been an event in which an active shooter breached a locked classroom door, and it notes only two unusual historical cases in which a person behind a locked classroom door was physically harmed.

That is exactly why I keep stressing that staff should not have to step into the hallway to secure a classroom. The opening itself needs to support the protective action. The Texas guidance also says time barriers delay movement through a facility, allow trained persons to take further protective action, and give first responders more time to arrive.

At the main entrance, I continue to believe schools should move toward a true secure visitor-entry approach, not just a locked front door. PASS says visitor entry is the most critical area for a school to secure and describes a workable, comprehensive approach built around controlled access, visitor management, and traffic flow.

This is also where access control becomes the platform for everything else. Duress and panic systems become more meaningful when activation can support predefined actions. Communications and mass notification become more useful when they are integrated into a unified communication platform. Responder access becomes more workable when authorized personnel can move quickly without undermining occupant protection. That is why I keep coming back to ULSS — Unified Life Safety Systems — because that is where all of these pieces start to work together as one coordinated operating environment.

I would add one more point: good hardware and good access-control design empower staff — and, in age-appropriate ways, students — every day. It is not just about the worst day. It is about safer routines, more predictable operations, and more confident action when something goes wrong.

LL: How can schools leverage all this new technology and products today to help them with their overall security and life safety?

Grace: Schools should leverage new technology by making sure it supports a fully integrated approach, not a collection of separate purchases. In my view, the value of technology is not in the individual device. The value is in how all the pieces work together — people, policy, procedures, communications, access control, life-safety systems, digital infrastructure, threat assessment, detection, accountability, and emergency response. That is exactly why I keep coming back to ULSS — Unified Life Safety Systems. PASS’s layered model itself puts policies and procedures, people, communication, access control, video surveillance, and detection and alarms inside the same structure, which is very much the direction I am talking about.

This is also where I believe the idea of detect, deter, and deny matters so much. It should not be applied to just one category. It applies across the entire school safety framework. We should be working to detect risk earlier through awareness, reporting, threat assessment, monitoring, communication, and information sharing. We should be working to deter harm through school climate, visible readiness, strong procedures, trained staff, stakeholder ownership, and systems that make it clear the school is prepared. And we should be working to deny opportunities for harm through secure openings, access control, communications, response protocols, protective actions, and coordinated life-safety systems. To me, that is a much more complete and meaningful view of school safety than simply asking what product to buy. PASS’s broader framework supports this kind of layered, comprehensive thinking rather than single-device solutions.

So when I think about how schools should leverage technology, the answer is this: use technology to strengthen the whole environment. Use it to support earlier detection, stronger deterrence, and more effective denial of harm. Use it to improve how staff communicate, how buildings operate, how threats are recognized, how protective actions occur, how responders are supported, and how continuity is maintained. When schools do that well, technology becomes part of a real life-safety strategy instead of just another disconnected system.

LL: How important is cybersecurity in schools today as that is a new pillar in the latest guidelines?

Grace: Cybersecurity is extremely important, but I look at it as something even broader than cybersecurity alone. In my view, this is really about the full digital infrastructure environment of a school — the networks, devices, systems, data, access privileges, monitoring, remote connections, communications pathways, and all the people and processes that depend on them. PASS Version 7 made that point clearly by adding Digital Infrastructure as one of its five major layers and by saying that layer recognizes the importance of cybersecurity and attentive management of digital systems and data through a converged approach to security.

To me, that means schools have to think much bigger than “Is our network protected?” They need to think about infrastructure, human roles, accountability, training, response protocols, vendor access, permissions, system maintenance, backup plans, and how all of their technology actually functions together under stress. PASS’s framework supports that broader view because it places people, roles and training, policies and procedures, communication, access control, video, and detection inside the same layered model instead of treating digital risk as a stand-alone technical issue.

I also think schools have to view this through a student and staff harm lens, not just an infrastructure lens. SchoolSafety.gov specifically treats bullying and cyberbullying as school-safety issues and points schools to online-safety resources for students, staff, and families. In other words, the internet is not just a place where systems can be attacked. It is also a place where students and staff can be harmed through harassment, bullying, threats, and other disruptive behavior.

And then there is the direct operational threat. The U.S. Department of Education says school districts are experiencing an average of five cyber incidents per week, and it explicitly connects cybersecurity to emergency operations planning because schools rely so heavily on technology and internet connectivity for day-to-day operations and educational delivery.

So my view is that this pillar is not just about protecting computers. It is about protecting the entire digital backbone of the school, the people who operate it, the processes that depend on it, and the students and staff who can be harmed through it. In today’s environment, digital infrastructure affects learning, safety, privacy, communication, trust, and continuity. That is why I believe schools need to treat it as a major life-safety and operational issue, not just an IT issue.

LL: Anything else you would like to add?

Grace: Yes. One of the most important things I would add is that everyone has to work together. No one discipline can do this alone. Educators, facilities, IT, security, administrators, mental health professionals, transportation, school resource officers, law enforcement, fire, and community partners all have a role. That is one reason PASS matters so much to me. PASS gives schools a practical, layered, tiered framework for improving safety and security, and it continues to provide some of the most comprehensive K-12 facility-safety guidance available.

I also want to mention another organization that some people may not know yet, and that is NCSSD — the National Council of School Safety Directors. NCSSD is the nation’s largest professional organization dedicated specifically to school safety and security professionals. It exists to support the people doing this work every day — school safety directors, coordinators, administrators, and others responsible for protecting schools. NCSSD says its programs are designed to equip, connect, and empower security professionals nationwide, and its site says it serves more than 1,000 members.

What I like about NCSSD is that it does not take anything away from PASS. To me, it complements PASS. PASS helps schools understand what good looks like through guidance, best practices, and a strong framework. NCSSD helps build the profession itself by giving school safety leaders a community, a voice, leadership development, and practical programs like the Foundations of School Security Leadership Certificate, which NCSSD describes as an essential course for anyone responsible for school safety and security.

That is a big reason I get so energized about both of them. PASS gives the field a roadmap. NCSSD gives the field a professional home. Together, they reflect what I believe school safety is supposed to be — collaborative, multidisciplinary, practical, and always improving.

And finally, I would say this: the future of school security is not more noise, more fear, or more disconnected gadgets. It is better integration, better teamwork, better leadership, and better alignment between people, process, and technology. That is why I keep coming back to ULSS. It is the best way I know to describe the kind of coordinated life-safety environment schools really need.

[Sidebar]

8 School Security Recommendations

Statistics shared at the PASS Town Hall session March 28 at ISC West validate the importance of classroom door locks.

In a preview of an upcoming Secured Doors, Safer Schools report, Joe Eleuterio from the ALERT Center, Texas State University analyzed 54 active shooter events and presented two key takeaways:

Lock the doors. Most shooters entered through unlocked or propped doors. When shooters came from outside the school, locked exterior and office doors are vital. But if potential shooters are students or staff, they already have access to the hallways. This is where the ability to lock down classroom doors from the inside is vital.

Glass alone is not safe. Glass is often the main vulnerability, especially in elementary schools where outsiders are much more likely to be potential shooters. Updated glazing is recommended.

Eleuterio outlined eight recommendations for school security upgrades, which will be covered in more detail when the full report is released:

1.      Functional interior locks on classroom doors that can be locked from the inside

2.      Securely locked exterior doors, including a single entry point and controlled access

3.      Update glazing on glass

4.      Build a culture of compliance so people know and follow rules (for example, no propping doors open)

5.      Invest in rapid lockdown technology. Every classroom door should be able to be locked down in 10 seconds

6.      Fit levels of security to the differing needs of elementary, middle and high schools

7.      No magnetic strip credentials

8.      Collect and analyze more data in post-incident documentation