Centralization involves pros and cons

Jan 1, 1997 12:00 PM, By G.F. BRYANT JR.

Offering answers to questions relating to security systems integration, the column draws on the expertise of the World Institute for Security Enhancement, Greensboro, N.C., a non-profit organization offering education and consultation to private industry and government agencies.

Areas of concentration include safety, security, investigations and loss prevention. This month's column is authored by G.F. Bryant Jr., executive director of the World Institute and president/CEO of Bryant and Associates, Greensboro, N.C.

Q My company has multiple access control systems installed at locations worldwide. We are currently reviewing an ultra-modern, state-of-the-art system design for a new facility under construction. What would be the advantages and disadvantages of integrating all our systems into a central location?

Frank Santangelo Director of Security and Safety Swiss Bank, N.A.

A There are many benefits and drawbacks to centralizing corporation-wide security system resources.

* The benefits. Monitoring multiple sites from a central command and control communications center offers attractive advantages to corporate executives. The potential to reduce company liability in the event of a crisis at a remote facility is the most obvious. Centralization allows corporate decision makers to maintain greater control over time-critical scenarios. Individual facilities may have separate access control systems and different types of identification card with several communications protocols. The ability to isolate special access categories at each facility would be valuable. This process can be made more efficient by integrating the remote systems into one. But how do you overcome the proprietary nature of each manufacturer's system?

In the past, manufacturers were less willing to design systems that could be easily integrated. With stand-alone multiplexed systems, it was often difficult for products manufactured by different vendors to work together. The new microprocessor-based, computer-controlled systems permit greater versatility from various platforms. Most can be seamlessly integrated into a single system. Those that are less capable of being integrated can be interfaced at a lower communications level, i.e., they can talk to one another but cannot control or respond to commands. Every location should at least allow intrusion detection, CCTV and access control subsystems to interface.

Today's security systems administrator is expected to be as knowledgeable as a computer systems technician. This has raised the salary level for such security positions. Maintaining a centralized systems administrator at a headquarters location dramatically reduces cost. After hours, remote sites can function with reduced manpower, and on non-standard work days, all systems can be monitored from the central control center. Importing and exporting specialized information and customized reports also offers advantages.

* The drawbacks. Retrofitting is modifying an existing facility or system by replacing or enhancing substantial parts. Occasionally, an entire system is replaced. How can you cost-effectively integrate systems from five manufacturers? And what about the inconvenience to end-users? Incompatible card technologies and vendor-specific control equipment are great challenges to systems integrators. Also, personnel may be accustomed to the systems at their sites and resist change. Gradually phasing in controllers that communicate effectively with existing field devices will eventually allow total integration. This approach can be initiated independently at each location until it becomes centralized, or a central location can interface only with remote sites without command and control capabilities.

Q Can an access control/security system ride on the same communications path as a corporate information systems Local Area Network? How secure would the protection services division system be? What precautions should be taken? Peter Reichert Security Systems Manager Protection Services Division National Gallery of Canada

A Consider a typical corporate information system's Local Area Network (if there is such a thing!). Each node or address in the LAN might reside on an Ethernet backbone. What if the IS department allocated protection services an address dedicated to the in-house security system? Actually, one address might not be enough. A separate address might be required for each controller in the field. These controllers could be located in telecommunications closets which usually contain access to the Ethernet. This approach requires considerable forethought, but the cost and security advantages might be worthwhile. IS departments traditionally earmark enormous resources for maintaining the integrity of their networks. Resources are not so readily budgeted to most security departments. So, why build a road when you can hitch a ride on a super highway? Imagine the savings, speed and versatility of piggy-backing on the LAN.

In the past, IS and security departments have had little in common. Physical security was often overlooked by IS, and telecommunications integrity was seldom the responsibility of the security department. In the security industry, software and communications integrity have traditionally been the responsibility of equipment manufacturers. The primary focus has been on the manufactured hardware product. Software is often outsourced or written by a small, in-house group. The encryption designed into systems from security industry providers is often proprietary, offering few revisions. Computer industry suppliers specialize in hardware and software, and international standards ensure compatibility. This offers end-users more choices. Even IBM realized it could not do it all.

What is a security manager to do? Because security industry standards have not yet caught up with the international standards recognized by the computer industry, a compromise is in order. Integrating LAN-compatible security products into the IS LAN will maintain autonomy if separate software packages and protocols are utilized. This will allow protection services to control security inside their facility and to ride the LAN to other corporate locations.

Want to use this article? Click here for options!
© 2012 Penton Media Inc.

This month in Access Control

• Targeting The Customer
• Electronic Pedigrees
• One Hero Among Many
• Who? What? When? Where? Why?
• More from September's issue