Telecom New Zealand

Jun 1, 1997 12:00 PM, By AMANDA McVITTY

The latest restructuring of the telecommunications behemoth has provided the chance to establish one security operation based on a Cardax system from PEC Ltd.

The deregulation of New Zealand's telecommunications market had many results, including the arrival of new international players and fierce competition. But it also had an important impact in less apparent areas - among them the security strategy of the market's dominant player, Telecom New Zealand.

Initially, deregulation saw the old Telecom behemoth split into five different regional operating companies (ROCs) and a new head office - a business structure that was designed to allow the company to be more flexible and react quickly to new competitive pressures. However, over the past four years, Telecom has restructured again, getting rid of the ROCs and re-forming as one centralized organization.

For security access operations manager Stewart Guy, the latest restructuring has provided the chance to establish one overall security operation based around a Cardax system from PEC Ltd., New Zealand. From his center of operations in Palmerston North, New Zealand, Guy's team uses Cardax to manage security access and alarms at nearly 600 Telecom buildings around the country, with fire and smoke detection systems monitored on-line for more than 1,700 other buildings.

Migrating to one system Guy says it has been a long process getting Telecom onto one security system, but it has been worth it. When I got involved with card access back in 1988, Telecom was running a number of different systems, he relates. There were at least eight different systems in the five ROCs around the country. Initially, I set up the old Telecom Central ROC and standardized on Cardax. We networked that system, and two years later we standardized Telecom South (another large ROC) and networked that. While all this was going on, two of the other three ROC's networked their system back to their own control points. The fifth ROC adopted another security profile from a different supplier.

In 1992, Telecom began dismantling the ROCs and moving back to a centralized business model. Guy was given the task of rationalizing the company's risk management systems, which incorporated fire and smoke detection systems and security alarms. We recognized then that it would not be sensible to do the alarms in isolation, and convinced the company to standardize and centralize all the access systems, says Guy. At this point we began the program to migrate the various control points back to the present central operation, and by 1995 we had standardized the software, hardware, firmware, processes and procedures, plus the design and installation specifications for access operations across the country.

The last part of the project, which is under way, is to move the remaining 48 sites in Wellington over to Cardax. It is now the biggest system of this kind in New Zealand and probably in the southern hemisphere, Guy notes. And it is the biggest integrated Cardax system in the world.

A new security philosophy Telecom's security policies and philosophy have changed since the telecommunications industry was first deregulated. Disaffected employees were initially perceived as the major security threat, Guy says, but now the major threat is perceived to be external. In response, Telecom operates using the defense in depth theory, whereby assets are protected by concentric rings of security - access-controlled perimeter fences, buildings with alarm detection and secured access, cameras and motion-sensing alarms within buildings. Access is on a need to go basis; only employees with a requirement to be in a specific building or part of a building have access. The Cardax equipment and software provide the platform to manage the operation, says Guy. The external gates can be controlled by a swipe card and PIN number. One card is used for all access points, and in some sites a swipe card is needed to get out as well as in.

According to Guy, the fundamental basis of an access system is the ability to report on occurrences at points where equipment has been installed. Is a door locked or not? Is the person accessing the door legitimately? If the system is able to answer these questions, says Guy, you can look to expand the system to operate and manage all security equipment, such as cameras and motion detectors. Management tool

For Telecom, the system is not just for simple access control. The company uses the access system as a management tool and encourages managers to know what is going on at their individual sites, according to Guy. This system allows you to connect and manage any on-off device. For example, you could integrate lighting with infrared motion sensors, and have the system automatically turn off office lights after-hours if there is no movement after 20 minutes. It is not just a security system; it is also a cost-effective building management system, says Guy.

Centralized management Telecom's nationwide system is wholly run from an operations center in Palmerston North, with day-to-day management overseen by senior security controller Betty Stow and four operators. An alarm monitoring team of 13 people around the country acts on incidents and alarms reported by the system, but they have no ability to alter it. Operations are split over three Pentium-based servers, each of which can display up to 21 different color-coded windows showing the status of monitored points around the country. A warm site in Christchurch provides backup in the case of a major system failure. The system has also been set up so that any individual site can be cut off from the central operation and continue to function on a stand-alone basis. Dial-up access to the system is only available to three staff members, including Stow. Myself and two other operators are on call 24 hours a day, seven days a week, Stow explains. If we get a call at home, we can dial into the system and usually fix the problem from home, so that has been a big achievement.

The operations unit also handles access card production and distribution for Telecom staff. We issue all cards nationally - around 1,000 per month - and these also incorporate a photo ID, Stow says. We pledge a 24-hour turnaround for cards, which is quite unusual. Turnover on the system averages three million events per month, and about 180,000 alarms per month are dealt with. With so many events being reported each day, an important part of Stow's job is to prioritize alarms. These run from low - someone cannot get through a door - to critical, which may be life-threatening. We also ensure every alarm has a PPAR [pre-programmed alarm response] attached to it, so when it comes up on screen, the operator hits a key and gets immediate instructions on what to do, who to contact and so on, says Stow.

Reports keep management informed The best thing about the system, says Stow, is the speed of the system nationally. I can click on an icon here in Palmerston North and authorize a card, and that card will work on a site at the other end of the country within one or two seconds. Likewise, if someone loses a card in the street, we can de-authorize it or place card-trace on it and it will raise an alarm immediately when someone tries to use it, anywhere in the country.

Around 4,000 reports are generated each month for Telecom managers around the country. We frequently have requests from managers and from people in our risk management area to supply reports, because something has been stolen or there has been an equipment failure. The reports can show them exactly what has gone on at the site at the time of the incident.

Reporting is one aspect of the system that has improved over the 12 years Stow has worked with it. Having the product's developers, PEC, nearby has helped, as Telecom has been able to be involved closely with ongoing research and development. We've seen a huge modernization of the software over the years, and PEC is always looking at how things can be done better, says Stow. The manufacturer is 25 minutes away by car from my operation, and it is common to have a PEC software engineer working in our operations room under my direction, adds Guy. That was a critical factor in our decision to choose Cardax when we began to expand into access operations. We are a beta test site for PEC, and while they have written generic software that is not specific to Telecom, they were prepared to consult us on development back in the early days. That partnership is hard to beat; it gives us a lot of comfort.

At the end of the day, though, the biggest comfort is in knowing the system is protecting not just Telecom's physical assets - its buildings and communications networks - but its staff. I see my job as protecting the Telecom network and the people behind Telecom's doors, says Stow. We have a lot of people working through the wee hours, people like national toll operators who are part of a 24-hour-a-day operation. It's nice to know they are safe behind a door, and only someone who is authorized can go through it. That's a good feeling.

Want to use this article? Click here for options!
© 2012 Penton Media Inc.

This month in Access Control

• Targeting The Customer
• Electronic Pedigrees
• One Hero Among Many
• Who? What? When? Where? Why?
• More from September's issue