How to scale access projects
Editor / Provider: Tevin Wang, a&s International | Updated: 1/18/2013 | Article type: Tech Corner
Access control is customization-intensive. The scale of a project is not only measured by the number of doors to be secured, but also the level of integration and customization required. a&s explores what role project scale plays when it comes to access integration and management.
In access control, project scale is often measured by a variety of variables, according to Harry Mai, Assistant VP of Hundure Technology. “The number of readers, the number of locations, the complexity of multilayered security, and how many subsystems are to be integrated are just some of the key factors.”
Scale can also be measured in terms of integration and customization required, echoed Oonagh Fearon, Marketing Communications Manager, CEM Systems (a Tyco International company). “A project with a small to medium number of doors may have additional requirements, such as integrations or customization, that will make it a much larger project.” Another way to define project scale is how the system is used. “When looking at small or midsized implementations, the vast majority are being utilized forensically, specifically running reports on information after the fact and searching for video,” said Eric Joseph, Solutions Engineering Manager, S2 Security. “In larger implementations, the user is usually monitoring the system in real time, and reacting accordingly to situations as they arise. The advanced integrations used by different system users are usually dictated by their application. For example, infant abduction and patient wandering integrations are very common in health care; and in the federal government space, integrating with government watch lists is usually required.”
Projects in this category tend to be single buildings, such as SMB/Es, residential complexes, retail outlets and elementary schools. With access control at the core, security management can include subsystems such as time and attendance/HR, logical access, intercoms, parking lots, elevator controls, intrusion alarms, visitor management and surveillance.
Ease of installation and usage is essential; cost-effectiveness is another important factor, said John Davies, MD of Time and Data Systems International (TDSi). Web-based software is an important prerequisite as well, as customers access the majority of their other business systems through the Internet, such as email, CRM and HR systems.
Low TCO is another popular requirement, said Holger Maier, PM for Security Systems, Bosch Security Systems.
“When using a fully integrated access and video system, video can be easily searched by selecting the cardholder and searching for all instances of video containing that cardholder,” Joseph said. “Most of these types of users are not very familiar with security management, so making a system easy to understand and operate is paramount,” Joseph said.
Events such as a door forced open can be attached to the associated video for quick playback, while images and associated audio from cameras are recorded and stored, said Steven Lewis, Senior PM at Tyco Security Products. Such integration provides the benefits of operational efficiency and simplicity, and removes the need for multiple servers as well as the need for separate management applications.
Delays — as a result of paper- or email-based interactions between the IT and physical security teams — are eliminated, said Ajay Jain, CEO and President, Quantum Secure. Human errors are minimized and the manual effort for assigning condition-based access is automated.
Midsized projects can include several buildings on a single campus, site or complex, such as K-12 school districts, municipal governments, libraries, museums, cultural centers, factories, small hospitals, data centers and banks, encompassing systems for time and attendance/HR, logical access, intercoms, parking lots, elevator controls, intrusion alarms, visitor management, surveillance, cashless payment, library management and mass notification.
Required features for integrated access control typically include customizations, system interoperability and scalability (with basic building automation), and future-proof yet cost-effective high security. “When the operator sits down at their workstation, they expect to view access control, intrusion and video information through one single user interface,” Joseph said. “The focus of the management is information from a variety of different sources, all tied into a single application, ideally providing a central repository for running reports on all of the stored data.”
Operational efficiency, enhanced security and convenience are obvious benefits. A comprehensive platform should reduce the cost of physical security operations by offloading the process of access requisition to end users, while increasing end-user satisfaction with physical security services by providing visibility into the status of their requests, Jain said.
Large-scale projects cover a significant area and have the highest security needs, such as federal agencies, utility companies, oil and gas, airports and transportation, universities and research institutions, and large MNCs with multiple sites (hospitals and banks). Key features can span across time and attendance/HR, logical access (active directory and lightweight directory access protocol ), intercoms, parking lots, elevator controls, intrusion alarms, visitor management, surveillance, cashless payment, library and data management, mass notification, real-time locations, asset management, additional building management, and other vertical-specific requirements.
End users need scalable subsystems that can grow as their organization grows, as well as a well-integrated system that can be easily managed as it grows. Ease of customization, management and integration of business and building systems is a top priority for many. “Many operate on multiple sites, and their primary goal is to have all sites act autonomously, without a single point of failure,” Joseph said.
The focus of the management platform is visibility into each of the sites and locations displayed on a single application. Another priority is the overall security of the building and maximum utilization of the card, said Wei Jin Lee, Sales Director for ASEAN, HID Global (an Assa Abloy company).
“Open to third-party systems, highly customizable, reliable and robust 24/7/365 operation are common demands as well,” Maier said.
The benefits of a single solution connecting multiple sites include enhanced security, central management (SCADA, ERP and PSIM), data tracking and backup. Other advantages include multiple applications on a single card, cost and manpower reduction, operational efficiency and the avoidance of single points of failure, eliminating the manual effort involved in collecting and reporting on compliance-related data, Jain said.
The number of devices connected to the Internet passed the 5-billion mark in 2010 and is expected to reach 22 billion by 2020, according to IMS Research (an IHS company). With the proliferation of IP-enabled smartphones, tablets, cameras, sensors and other devices, impact on physical security and IT departments in terms of network design, bandwidth optimization, and most important of all, the safety and security of an organization can be significant.
IP connectivity speeds the migration of legacy sensors and appliances to networks, highlighting the importance of physical and logical security integration. “As long as organizations treat their physical and cyber domains as separate, there is little hope of securing either one,” said Scott Borg, Director of the US Cyber Consequences Unit. "The convergence of cyber and physical security has already occurred at the technical level. It is long overdue at the organizational level."
Identity management requires modifying identity in both the physical and virtual worlds. “Synchronization of an identity between the access control management system and the logical system, whether that be AD, LDAP or some other system, is the most important aspect of the integration,” Joseph said. “It allows for the capability to limit a user's ability to log on to a system based on their physical presence and activity.”
Utilization of a single credential for both physical access into a facility as well as logical access at a workstation is usually requested, Lewis said. Integration with other business systems, such HR, student enrollment or network printers, is common as well. “For instance, the addition of access card readers on network printers allows the user-requested print job to be accessed and printed when physically at the printer. This prevents wasteful use of ink and paper and also eliminates unauthorized viewing of any document.”
Stay tuned for more development!