Articles

European Registrars Conference 2014: Security Matters

Leave a comment

Älä laita kaikkia munia samaan koriin.

All eggs should not be put in one basket
(Finnish proverb)

After the opening introductions and first session „But is it art?“ by Daniel Birnbaum there were parallel sessions: Security Matters and Couriering 101. As we seldom courier in my museum, I chose security.

Maybe the most impressive presentation was given by Tygve Lauritzen, Head of Security and Operations at the Munchmuseet in Norway. His presentation included practical hands-on security advice for transportation as well as a few general warnings.

What impressed most of us deeply was a map showing attacks on trucks in Europe (green lowest, red highest):

Tygve Lauritzen on the risk of road transportation

Tygve Lauritzen on the risk of road transportation (picture via twitter @ERC2014)

In fact, art that is transported on the road is 1000 times more at risk than art that is delivered by airfreight – which is somehow logical but also frightening. One of the thoughts Tygve gave was to reconsider sending couriers on these roads. In his view the risk you impose on your most valuable good – the life of your colleague – is much higher than the benefit. What can the courier do if the truck is on fire? What can he/she do when the truck is held up and hijacked by false police?

Transporting art on the road is a risk in itself that can only be reduced, but not avoided by good organization. Some of the recommendations were:

  • planning the drive ahead, including breaks, safe parking possibilities and alternative routes
  • providing the drivers with all the phone numbers and directions what to do and whom to call in which occurring situation
  • providing the drivers with printed out cards saying „I’m not allowed to open the window, please call name/number and escort me to the next police station“ (in all languages of countries the truck has to pass). Many cases of trucks hijacked by criminals dressed as police are known and drivers should not open the windows for their safety. Real police has no problem with escorting a truck to the next police station.
  • number locks that only show the same number if they were not opened during the transport is a good way to check if something went wrong on the trip

Considering the risk that something might happen on the road it is only logical to define a value limit for art transported on one truck. This is easy on paper but the key is to enforce this policy under all circumstances in the practice.

Tygve stressed out that it’s important to go into „future crime mode“ as registrars. Art is nowadays used as a form of payment in organized crime and we shouldn’t underestimate the risk. We should be prepared that insider information is very valuable to the criminals and that they are very actively trying to get it. Seemingly harmless questions like „Can you give me a telephone list of your institution?“ are not harmless at all. In fact, if you hand it out it’s like you opened a backdoor for the criminals. They will start to do researches on these people to find a weak point, and they will find it. Someone in urgent need of money, someone with an alcohol illness, someone with personal problems…

Thinking in „future crime mode“ also applies to document security. We are often not aware that information we send per email or carry around on our phones or tablets are also documents. Some of Tygve’s recommendations:

  • Password protect every document before you email it. Be aware that normal, unprotected email is something like a postcard – the content can be easily spied out. Never ever send documents open.
  • Give the password to people who need to read the documents per phone, not per email.
  • Dropbox is not a safe place for documents with sensitive information.

In the next session Simon Mears, Consultant for Security Risks and High Value Asset Protection in Denmark, introduced GRASP, the Global Risk Art Survey Program. It is a system invented by insurers as a reaction to certain incidents that involved art, like thefts or fires. It is a holistic approach to make a risk assessment in all fields of possible risks for a collection, including not only thefts and catastrophes, but also damages due to climate issues.

Pascal Matthey speaking on risk aggregation

Pascal Matthey speaking on risk aggregation (picture via twitter @ERC2014)

The last speaker was Pascal Matthey, Head of Speciality Risk Engineering, XL Group, Switzerland. He talked about Holistic Risk Management for Museums. Some of the key thoughts I still remember:

  • In holistic risk management, you have to look at the Maximum Foreseeable Loss (MFL) in one incident. It’s Murphy’s Law in practice: a fire starts, the sprinklers don’t work, fire brigade is late… how high is the maximum foreseeable loss?
  • Be aware that insurance has nothing to do with risk management in the first place – the money doesn’t bring back the lost art and it doesn’t bring back your reputation after a theft.
  • A good approach to do holistic risk management is risk aggregation, to define the risks for different parts of the museum instead of defining the MFL for the entire loss of the collection, which is very unlikely to happen. This will also help to keep insurance rates at a reasonable height.
  • Example: The highest risk for your galleries might be theft and fire, so here you try to reduce risks through organizational measures (i.e. do everything that a thieve has to invest much time into stealing and leaving the building, so police has a chance to catch him when he’s still in the building) and insure the MFL in case of fire and theft. If the galleries are not on the ground floor, damage done by high water might be low. If your storage is in the cellar, here the risk of fire might be low, but you will insure the MFL in regards to high water.

As you can imagine, we had enough food for thought and talk for the following lunch break…

This post is also available in Italian, translated by Silvia Telmon.

Facebooktwitterredditpinterestlinkedintumblrmail

Leave a Reply

Your email address will not be published. Required fields are marked *