Finding the perfect solution for a project entails careful planning and understanding client requirements. Points such as the correct management software and choosing between analog and IP devices should be taken into careful consideration.
Many challenges need to be taken into consideration when installing a secure, integrated access system. “One must decide the level of integration to provide, such as basic or full integration,” said Philip Verner, Sales and Marketing Manager for CEM Systems (a Tyco International company). “Basic integration simply allows for a one-way interface of third-party alarms or events into the security system, whereas a full or deep integration enables the monitoring and control of a subsystem both ways at the same time.”
To begin, it is important to evaluate the different parts of a building “It is important when choosing a system, that security levels and mechanisms are considered,” said Alistair Enser, MD of Security Products for the U.K., Siemens Building Technologies. “The fundamentals of designing and installing an access control system are finding out the objectives and rationale for the system, additional fringe benefits by integrating with other systems and how to minimize the impact of the system on the daily working life so that the objectives can be achieved without it having a detrimental impact on the business.”
Management Software Software always depends on customer requirements. “If the customer only requires standard and straightforward management software, which has many limitations and no room for customizations, then the free software provided by the manufacturer can be used,” said Vincentius Liong, a veteran security system consultant. “This free software generally does not include any technical support or allow for specific requirements, which are strongly needed in such integrated building systems. This is why, most of the time, it is best to purchase a management software license, even though it could cost from several hundreds up to several thousands of dollars.”
However, management software provided by manufacturers can also be advantageous. “Management software that comes with the hardware is preferred for continuity and subsequent maintenance,” said Daniel Ong, VP of Certis Technology International, Certis CISCO Security. “Since the software and hardware come from the same manufacturer, one can expect future new releases of the software with better and improved functionality.”
Analog versus IP
The integration of an analog system and an IP system is done with several limitations. “It will generally run on two different sets of management software in the background and the challenge is figuring out how to integrate and export one database to the other on the software level,” Liong said. “Having the same database format would make this much easier — there have been new developments addressing these integration problems, from standardizing the database in one format, to having an open standard using one of the standard protocols, such as Modbus, BACnet, LonWorks or OPCUA.”
Interoperability and scalability should be the main consideration when implementing a system of value. “A common mistake is that many people will fit a system based on their requirements for today, particularly if driven by a competitive bid process,” Verner said. “Installers and integrators may err on the side of putting in the most cost-effective solution to meet the minimum requirements of the system today, which may not be the best solution for the customer in the long term if they wish to extend their building wings or link to other buildings and/ or technologies at a later stage. Also, while system capacity is not an issue with most systems, expanding the software at a later date to enable more features is not always easy, although having a system that can seamlessly expand over time and provide fully integrated solutions, with third-party systems such as video and intrusion, is vital.”
Standards will definitely have a positive impact on the dynamics of security systems in the long run, said Johan Lembre, CEO of Pacom Systems. “The obvious outcome will be greater price competition on the hardware components, but standardization will also create common APIs that enable different subsystems to talk to one another, including access control systems. The latter is a huge advantage for larger clients with many sites, possibly even spread over many geographical territories; standards enable them to centrally manage access rights and administer the system in a simpler manner, without the need for specialist knowledge and training on multiple platforms.”
Not all clients will see the advantages of a system that is possibly a little expensive initially, but is more cost-effective long term. “A prospective client generally focuses on what they know. A lot of our time is spent on educating clients to enable them to start considering new and exciting possibilities,” said David Rees, Regional Manager for APAC, Salto Systems.
There are data-cloning devices currently available on the market for the theft of information from both cards and access devices. “These devices can be wirelessly handheld or physically inserted into the access control device itself, and are capable of copying most RFID cards on the market,” Verner said. “To prevent information from being compromised, it is recommended to use smart cards with industry-approved authentication and encryption, and to use readers capable of two- or threefactor authentication such as card, pin and/or biometrics. There are also RFID safe pouches available to protect cards, and video integration can be used to assist with visual verification and tracking.”
Reader-to-door-controller signals can be copied by recording or “sniffing” the pulses between the reader and the controller. The recorded pulses are then played back to fool the system into thinking an authorized card was present. The Wiegand protocol, which is an industry standard, is most easily intercepted, copied and replayed to gain access. “To avoid risks, it is best to use integrated readers with a combined reader or read head and keypad units to discourage communication between the reader and door controller,” Verner said. “As a minimum, specify RS485 communication and avoid Wiegand communication. Tamper detection features can also be fitted onto an access control solution.”
If not integrated and applied properly, lost cards can cause a big breach in security, especially when powerful applications are run on the same card and backup mechanisms are not in place. “The individual applications and the management processes around the cards must be designed for such cases. In some instances, this may require the user to alert security managers of the loss so they can notify the system,” said Urs Lampe, VP of Product Marketing and New Business, Legic Identsystems. “As an added security measure and common good practice, applications classified on a higher security level typically use multiple authentication factors, such as a specific PIN code that matches the card, to prevent unintended use of a card and applications.”
Today and Beyond
Remote, managed services or cloud technologies are fast becoming more than a hype. “This is a market space that is still relatively undeveloped but holds big potential. For most customers, physical security is not a part of their core business, and as a consequence, investments and technology decisions become difficult,” Lembre said. “System integrators that can offer electronic security as a service will help their customers overcome this challenge. These services may include remotely managing access control systems, video verification of alarms and extensive feedback, which enable their clients to operate more efficiently. The service provider will also be able to maintain the system centrally, leading to a drastically reduced number of site visits which can lower operating costs for all involved.”
Customers would also like to be informed at all times of any security breach. “A common feature now is the ability to support notifications with a customizable format to suit the chosen delivery method of either e-mail or SMS, with applicable images attached,” Ong said. “This alleviates some of the hassles for users as there is no requirement to attach USB devices to the command center's server, which is often prohibited by IT or MIS departments.” Users may customize filters to only receive the necessary notifications and be made aware of any irregularities anywhere, anytime.
Every client and project differs in their needs and concerns. A perfect system can be reached by tailoring solutions to customer budgets and requirements.