A substantial focus of the security industry is on the selection and installation of security systems, and there is no doubt that this is a critical element of the process.

However, in order to ensure that security systems such as access control, video surveillance, intrusion detection and panic alarms deliver on ‘game day’, an equal if not greater emphasis has to be put on the actions that are taken after the installers have closed the doors on the truck and driven away.

This article covers some important issues that were covered at the 2019 International Association of Professional Security Consultants (IAPSC) annual conference in Miami, Florida, where Frank Pisciotta, CSC, Business Protection Specialists, Inc. and Michael Silva, CPP, Silva Consultants, facilitated a discussion among security professionals on the topic.

Backwards compatibility in access control solutions

David Barnard of RS2 security highlighted the importance of backwards compatibility in access control solutions

David Barnard of RS2 Technologies LLC highlighted the importance of backwards compatibility in access control software solutions. Reputable manufacturers are constantly evolving software products and it is critical that software continues to work with all installed hardware or owners will find themselves purchasing equipment a second time, which is never good news.

An example, a case study with a client where the video management software upgrades were not backwards compatible through the mobile app and a small manufacturing site was looking at a US$ 75,000 price tag to upgrade cameras to make them compatible with the ‘updated software’.

Risks of failures in door hardware products

Jim Primovic from ASSA ABLOY cautioned about the risks of failures in door hardware products resulting in a failure to attention to detail in the selection and, in particular, the installation process. He explained the importance of using certified installers to avoid operation problems.

In light of constantly evolving software revisions, how often does one see any additional training provided to end users when software updates are released? Charles Johnson of Open Options raised this important point and it is an excellent one. As organisations think about structuring maintenance agreements, it might be wise to consider ongoing training to cover software updates and ensure that end users can continue to optimise the features and benefits of software revisions.

Software Support

Kim Kornmaier of Honeywell mentioned another element of security system lifecycle consideration, which is ‘Software Support’. Maintenance agreements are available and will likely be offered from every installer and come in a variety of flavours.

However, care needs to be exercised to ensure that whatever services and support are included, in the scope of a maintenance agreement, have a clear correlation between service and software upgrades versus the fee charged.

Software upgrades and system testing

Maintenance agreements should be avoided that simply guarantee the free replacement of parts (which may or may not ever get used, even after you pay for it). Services that should be considered include software upgrades, system testing and replacement of consumable parts, like back up batteries.

Another key issue ties directly to periodically measuring and ensuring the risk reduction results of security systems, for example, with an access control system, there are several actions recommended for system owners, including:

  • Conduct periodic door and alarm testing - This presumes users have installed all of the necessary parts to enable alarm monitoring). These tests should include the mechanical testing of doors and confirming door-held-open-too-long and forced-door alarms are properly reporting to the alarm client.

Importance of harnessing door alarming capacity

Excessive door alarms are an indication of either a user or system problem

Excessive door alarms are an indication of either a user or system problem or all alarms should be investigated to determine root cause and corrective action needed. Organisations who fail to harness door alarming capability are giving away up to 50 percent of the system's potential benefit.

Ensuring the integrity of the access control database is of prime importance. The failure to manage this can lead to unauthorised access and serious security incidents.

This can be achieved in a variety of ways, but in the majority of risk assessments they have conducted over the years, it is common to find separated employees and contractor records with active credentials in the database. Ways to mitigate this risk include:

  • Integrating your access control database with active directory (works for employees, not so well for contractors);
  • Utilising expiration dates on contractor credentials;
  • Periodically manually auditing contractor and employee active badge reports for anomalies, which may indicate process weaknesses in the change management process;
  • Utilising the ‘use it or lose it’ feature in many software programs that automatically disable a credential after a set period of non-use (e.g., 90 days); and
  • Establishing processes to limit the removal of certain badges from the site (e.g., those issued to contractors or temporary employees).

‘First Card Unlock’ feature

Irregular schedules, holidays and natural disasters can result in access vulnerability. For instance, if access-controlled doors at a site are programmed to open on a timer and something prevents persons from arriving at work (e.g., snowstorm), a site may be left exposed.

A mitigation technique against this type of risk would be to employ a concept called ‘First Card Unlock’. Under this feature, a lobby entrance to an office, for instance, would not enter into an unlocked state, until the first authorised employee presented a card and entered the workplace.

Changing holiday programming in security systems

Holiday programming in some systems needs to be changed on an annual basis

Holiday programming in some systems needs to be changed on an annual basis. Managing holidays in an access control system results in doors staying secure which would otherwise be unlocked on a normal business day.

Similarly, intrusion detection, duress devices and video surveillance systems can let users down without the proper care and feeding.

Examples would include:

  • A panic device fails to communicate an emergency situation because it was not properly reset or the wiring has been damaged due to poor installation. Panic devices should be regularly tested and ideally the activation during testing should be by a person who would be required to use the device in an actual incident. The objective here is to build competency in the persons who may need to activate a device discretely. Similarly, intrusion detection systems should be carefully tested to ensure that all devices are properly reporting to the panel and that the panel is communicating properly to the central station. If there are redundant communications channels, each should be verified.
  • In the same way someone would conduct audits of active credentials in an access control system, it is strongly recommended that users perform a similar review with PIN codes, which have been assigned and would allow for an unauthorised person to disarm a system.
  • Utilising the failure-to-close feature to ensure that through collusion or negligence, if the last person out of a restricted area fails to arm the panel, the central station will notify a responsible party about the omission. Further, reviewing opening and closing reports might well detect inappropriate entries by authorised personnel which are indicative of suspicious or illegal activity. These features and reports will likely be at an additional cost, but they are important insurance to protect against insider threat.
  • It is not uncommon to hear about an incident happening and during the investigation, the owner of the system discovers that the needed camera was not recording. Where video is not under routine observation, it is recommended to determine if your video management system can send an alarm in the event of video loss. This would allow for rapid remediation before the video loss is discovered in the course of an investigation.

Avoiding degraded video quality over time

In almost every case, degraded video quality is directly related to resource saturation

With respect to video surveillance, as systems grow and evolve over the life of the system, organisations may experience degradation. Darren Giacomini of BCDVideo has studied this issue extensively and concludes that in many cases, installers or others are simply putting too many devices on a VLAN, which results in latency and other conflicts.

Degraded video quality has a finite number of potential root causes. In almost every case, degraded video quality is directly related to resource saturation. The resources on a surveillance network consist of IP cameras, network switches, network uplinks, viewing stations, database management and archives.

Resource depletions

According to Giacomini, each of the resource shares a common thread. And, at the basic level, each of those items is nothing more than a purpose-built computer with limited CPU, memory and network capacity.

When any of these resources exceed their capacity, the quality of service delivered will degrade. The following are common resource depletions that can degrade video quality and require a much deeper dive, but are included here as a starting point:

  • IP camera CPU utilisation is in excess of 85 percent;
  • CPU elevation in the decoder or workstation decoding the video; and
  • Network congestion or CPU elevation in the network switch.

Maintaining the integrity of archived video data

Giacomini indicated that the majority of the time degraded video is associated with resource depletion

Giacomini indicated that the majority of the time degraded video is associated with resource depletion in one of these key components. Investigation of the potential causes can save time and effort, and prevent a video management software application from unduly being blamed for poor performance during its lifecycle.

Also, on the topic of video, John Kampfhenkel, Director of Technical Sales at Veracity discussed the challenges that organisations face when video management system storage is undersized and the need to carefully plan for video retention of existing recorded data when the video system has to be expanded.

This can be a problem organisations face and when they do, it is best to involve a video storage expert to determine options, costs and potential legal requirements for maintaining the integrity of archived video data.

Selecting the right security technology

Dependent on the level and type of integration between various systems, another challenge may be to preserve the integration between the two systems. System owners will need to coordinate carefully with installer(s) to ensure that a software revision to one system will not result in a disruption to a software level integration. This type of integration may require a delay in being able to upgrade one or the other application software versions until the integration can again be certified.

Selecting the right security technology is an important element of an organisation's security risk management. However, experts would argue that in terms of getting measurable results from technology, there needs to be a keen focus on sustaining activities after the installer closes the doors and drives away. By adhering to the consultant and manufacturers' guidance in this article, organisations can substantially reduce the risk to people, assets and information, and prevent criminal and terrorist incidents in the workplace.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

In case you missed it

Historic Spanish building upgrades security with ASSA ABLOY's SMARTair® wireless access control
Historic Spanish building upgrades security with ASSA ABLOY's SMARTair® wireless access control

Schools present unique challenges for security and access control. But what about a school that is also a heritage site of exceptional value? The Colegio Diocesano Santo Domingo in Orihuela, Spain, is more than just a school. Its historic buildings date to the 1500s, a heritage site as well as a place of learning — with a museum that requires the protection of the same access system. The college buildings are a Resource of Cultural Interest and on Spain’s heritage registry: They must not be damaged. Wire-free electronic locks were the obvious answer.   A wireless solution SMARTair® wireless locking devices now control access through 300 doors around the school. Electronic escutcheons, knob cylinders, and wall readers (including lifts) are connected to intuitive SMARTair software by a network of 38 HUBs. The school chose SMARTair Wireless Online management for their new keyless access system. This powerful management option enables real-time control of access to and around the site, even if the school’s data network is down. Automated emails inform security staff of any incidents, keeping students, teachers, equipment, and precious heritage safe. Real-time key management “The main benefit is the ease of real-time key management — from any place and at any time — via the wireless online management system,” says the school’s IT Manager, Francisco Fernández Soriano. “This increases security for children and for staff because no unauthorised people can enter the school.” In addition to the main entrances and classrooms, access to private spaces is constantly monitored “In addition to the main entrances and classrooms, access to private spaces such as lifts, offices, staff rooms, the church, the museum, the library, and the IT room is constantly monitored.” Scalable modular system Installation of the school’s SMARTair system required minimal work. Some doors date to the 16th century, so major alterations were not possible. “The system was installed without a hitch and also without any disruption to classes,” he adds. Because SMARTair is a modular system, scalability is built in. They can extend or fine-tune their access system when they choose. Indeed, the school’s “SMARTair Phase II” is already under discussion.

Hanwha Techwin America’s Wisenet Q series 4MP cameras safeguard Anaheim Union High School District (AUHSD)
Hanwha Techwin America’s Wisenet Q series 4MP cameras safeguard Anaheim Union High School District (AUHSD)

Hanwha Techwin America, a global supplier of IP and analogue video surveillance solutions, announced that Anaheim Union High School District (AUHSD), one of the largest school districts in California, has strengthened its security infrastructure with a district-wide solution that includes 1,250 Hanwha Techwin Q series cameras across 20 different locations. Anaheim Union High School District Located just outside of Los Angeles, AUHSD is a public-school district serving portions of the Orange County cities of Anaheim, Buena Park, Cypress, La Palma and Stanton and has an estimated 2,900 employees in 20 different facilities. In total, it serves approximately 29,000 students from grades 7 to 12. Despite its size and expanse, the district was lacking a robust security camera system that could allow administrators to monitor or document incidents on campus. “Other than a few sites with some DVR-based systems, we did not have any security cameras,” explained Erik Greenwood, Chief Technology Officer for AUHSD. IP security cameras installed AUHSD decided to strengthen its security infrastructure with a district-wide solution Additionally, as the district continued to grow, so did the seriousness of some of its security issues. After several security incidents and school shootings at other campuses across the U.S., the district faced mounting concerns from the community. AUHSD decided to strengthen its security infrastructure with a district-wide solution that would include IP security cameras at its centre. AUHSD officials collaborated with school principals, administrative staff, and local police departments to identify key areas where cameras should be placed, such as gathering points for students and the buildings’ main entrances and exits, as well as what specifications the system should have to produce viable footage for law enforcement. Wisenet Q series 4MP cameras The district brought on CA-based integrator, HCI Systems Inc., which recommended Hanwha Techwin’s QNV-7080R 4MP Network IR Vandal-Resistant Cameras. The Wisenet Q series 4MP cameras enable high-resolution monitoring with clear images, and the innovative hallway view feature maximises the area of surveillance in narrow locations, such as school corridors. In addition, these Q series cameras are equipped with IR function, enabling clear, sharp images in dimly lit environments and during the night. Robust set of technical specifications According to Greenwood, the Hanwha cameras were chosen as the key part of the system for several reasons. He said, “We had a very robust set of technical specifications in our RFP, and the image quality, frame rate and light specifications of the Hanwha cameras matched our requirements.” In addition to their rich feature set, the Hanwha camera configuration presented a streamlined solution. Greenwood further stated, “We didn't have a large quantity of different camera models which meant we didn’t need to keep stock of all sorts of lenses and other accessories. The committee liked that approach from a troubleshooting and ongoing maintenance standpoint.” Vandal resistance  The vandal-resistant features of the Hanwha cameras were also a big factor in their decision process The vandal-resistant features of the Hanwha cameras were also a big factor in their decision process since the camera domes can easily be cleaned or swapped without having to replace the entire camera. The Hanwha cameras were installed throughout the district in entrances, exits, exterior restroom doors, staff work areas and in general meeting areas. They are helping the district keep eyes on campus vandalism, graffiti, any other potential threats and, in some cases, even monitoring certain personnel issues, such as inappropriate use of school equipment. Campus surveillance When an incident is reported, administrators can quickly access and review the security footage to see what happened. In all, Greenwood said, “It's been a great project that involved everyone and the new cameras have some great qualities.” Now that the installation is complete, AUHSD is taking a closer look to see where there may still be some blind spots and exploring where they might benefit from potential expansion.

Wire-free, mobile first and data rich? The future of access control is within almost anyone’s reach
Wire-free, mobile first and data rich? The future of access control is within almost anyone’s reach

The 2020s will be a wireless decade in access control, says Russell Wagstaff from ASSA ABLOY Opening Solutions EMEA. He examines the trends data, and looks beyond mobile keys to brand new security roles for the smartphone. The benefits of wire-free electronic access control are well rehearsed. They are also more relevant than ever. A wireless solution gives facility managers deeper, more flexible control over who should have access, where and when, because installing, operating and integrating them is easier and less expensive than wiring more doors. Battery powered locks Many procurement teams are now aware of these cost advantages, but perhaps not their scale. Research for an ASSA ABLOY Opening Solutions (AAOS) benchmarking exercise found installation stage to be the largest contributor to cost reduction. Comparing a typical installation of battery-powered Aperio locks versus wired locks at the same scale, the research projected an 80% saving in installers’ labour costs for customers who go cable-free. Battery powered locks all consume much less energy than traditional wired locks Operating costs are also lower for wireless: Battery powered locks all consume much less energy than traditional wired locks, which normally work via magnets connected permanently to electricity. Wireless locks only ‘wake up’ when presented with a credential for which they must make an access decision. AAOS estimated a 70% saving in energy use over a comparable lock’s lifetime. Find out more about wireless access control at ASSA ABLOY's upcoming 29th June webinar Deploying wireless locks In short, every time a business chooses a wireless lock rather than a wired door, they benefit from both installation and operating cost savings. A recent report from IFSEC Global, AAOS and Omdia reveals the extent to which the advantages of wireless are cutting through. Responses to a large survey of security professionals — end-users, installers, integrators and consultants serving large corporations and small- to medium-sized organisations in education, healthcare, industrial, commercial, infrastructure, retail, banking and other sectors — suggest almost four locations in ten (38%) have now deployed wireless locks as a part or the whole of their access solution. The corresponding data point from AAOS’s 2014 Report was 23%. Electronic access control Electronic access control is less dependent than ever on cabling Without doubt, electronic access control is less dependent than ever on cabling: Even after a year when many investments have been deferred or curtailed, the data reveals fast-growing adoption of wireless locks, technologies and systems. Is mobile access control — based on digital credentials or ‘virtual keys’ stored on a smartphone — an ideal security technology for this wire-free future? In fact, the same report finds mobile access is growing fast right now. Among those surveyed, 26% of end-users already offer mobile compatibility; 39% plan to roll out mobile access within two years. Before the mid-2020s, around two-thirds of access systems will employ the smartphone in some way. The smartphone is also convenient for gathering system insights Driving rapid adoption What is driving such rapid adoption? The convenience benefits for everyday users are obvious — witness the mobile boom in banking and payments, travel or event ticketing, transport, food delivery and countless more areas of modern life. Access control is a natural fit. If you have your phone, you are already carrying your keys: What could be easier? IBM forecasts that 1.87 billion people globally will be mobile workers by 2022 Less often discussed are the ways mobile management makes life easier for facility and security managers, too. Among those polled for the new Wireless Access Control Report, almost half (47%) agreed that ‘Mobile was more flexible than physical credentials, and 36% believe that mobile credentials make it easier to upgrade employee access rights at any time.’ IBM forecasts that 1.87 billion people globally will be mobile workers by 2022. Workers in every impacted sector require solutions which can get the job done from anywhere: Access management via smartphone offers this. Site management device The smartphone is also convenient for gathering system insights. For example, one new reporting and analytics tool for CLIQ key-based access control systems uses an app to collect, visualise and evaluate access data. Security system data could contribute to business success. The app’s clear, visual layout helps managers to instantly spot relevant trends, anomalies or patterns. It’s simple to export, to share insights across the business. Reinvented for learning — not just as a ‘key’ or site management device — the phone will help businesses make smarter, data-informed decisions. The smartphone will also play a major role in security — and everything else — for an exciting new generation of smart buildings. These buildings will derive their intelligence from interoperability. Over 90% of the report’s survey respondents highlighted the importance of integration across building functions including access control, CCTV, alarm and visitor management systems. Genuinely seamless integration They offer greater peace of mind than proprietary solutions which ‘lock you in’ for the long term Yet in practice, stumbling blocks remain on the road to deeper, genuinely seamless integration. More than a quarter of those polled felt held back by a lack of solutions developed to open standards. ‘Open standards are key for the momentum behind the shift towards system integration,’ notes the Report. As well as being more flexible, open solutions are better futureproofed. Shared standards ensure investments can be made today with confidence that hardware and firmware may be built on seamlessly in the future. They offer greater peace of mind than proprietary solutions which ‘lock you in’ for the long term. Open solutions and mobile management are critical to achieving the goals which end-users in every vertical are chasing: scalability, flexibility, sustainability, cost-efficiency and convenience.