For a business or major institution, security systems integration is a top priority.
Through the integration of security systems, the facility or office benefit from efficiencies that did not exist when the systems “stand alone” and had no reliance on one another for notification. These systems include access control, video management, intrusion detection and emergency communications (mass notification).
Although recent technological advances in the security technology marketplace have made integration technically easier to achieve, the process of implementation is still a complex field of landmines that are financial, political and technical in nature. These three steps to successful workplace security integration will help navigate this complex process.
The Oxford Dictionary defines integration as “the action or process of integrating”. The key word is “process”. This article focuses on the separate steps of developing a process for the integration of security systems. From defining integration to selection of the right contractor, each step is of paramount importance to insuring that the security professional is implementing an integration plan that is practical, budget friendly, and meets the needs of their organization.
Step 1 – Defining Integration
First and foremost, the most important step is defining the integration that is beneficial to the organization. But to do this, the Security Professional must establish a team of individuals from the organization that can properly identify integration possibilities and vet those possibilities, not only from a technical perspective but also from an operational perspective (i.e. facilities, human resources, IT and security).
From this group of individuals an “Integration Champion” must be chosen. The Integration Champion should be someone with a technical background that has an understanding of the security systems and how they work, along with a working knowledge of other systems within the organization that can be logically paired with the security element. The Champion is responsible for guiding the Integration Team to identify internal processes that can be either eliminated by or sustained through the use of security technology.
The Integration Champion and the Integration Team are responsible for vetting the ideas and identifying those that are reasonable and those that are not. Whether this be for budgetary or technical reasons – the Integration Champion should be the person that understands the business and ultimately what you are trying to achieve through integration. The most successful individuals in this role are generally from the IT Department since in many instances they are responsible for maintaining these different systems on a daily basis.
After the Integration Champion and the Integration Team has been identified their first task is to define the current internal processes that can be either condensed or eliminated through the integration process. For example; when an employee leaves an organization the first step is for Human Resources to close that individuals file of employment. This is generally performed through the Human Resources software program. If this individual has a credential issued that allows them to enter the campus or particular building or space, they are to turn in their credential the last day they are employed.
However, this isn’t always the case. There are many instances where the credential is not turned over on the last day of employment. Now the HR representative must either send an email, call or walk over to the security department to get their credential removed from the security system so the person cannot enter the premises. This can take a few minutes up to a few days to perform. All the while that person still has access to the facility.
Through integration of the Access Control System and HR software system this process can be eliminated. When that person’s employment status changes the HR system would immediately notify the Access Control System to render that person’s credential inactive. This example is a scenario that is very common in the real world and demonstrates where integration of the Access Control System with an HR system can eliminate a tedious process and add a layer of security that may not have been available to the client with their previous systems. The critical success factor for the Integration Team is to review the processes, like the example listed above, in place and find logical solutions that can be implemented through deployment of security system integration.
Once the Integration Team has identified the internal processes that may be either eliminated or refined through the security systems integration, the Integration Champion must list these processes and vet them from a technical, budgetary and practical basis. This can be done by consulting the manufacturers of the systems and in some cases the installation or service and maintenance company. And while there usually is a budget that has been identified for the integration project, this step can be used to refine or establish the budget in cases where it has not been identified.
Step 2 – Implementing Integration
Now that the scope of the integration has been identified, including system types, technical requirements and the budget established, we move into the most challenging phase, which is implementation. A critical component of the implementation phase of the project is communication
to the organization. This is especially important when the integration spans multiple systems utilized by multiple departments. In cases where the integrated systems are utilized by multiple departments, the Integration Champion should be communicating the benefits of the integration to those folks that will be most affected. This demonstrates to the end-users that a process was in place when the decision was made to integrate and that this will be the norm going forward.
Most organizations require that any project over a certain monetary threshold must be competitively bid. Successfully communicating the integration requirements to bidding contractors requires the development of performance specifications that provide very clear and specific direction to the Contractor about the functionality of the integration. Identification of the specific systems, including model numbers, part numbers and software versions for existing equipment should be provided. The key to success is translating the ideas that were developed during the Integration Teams brainstorming sessions into technical documents focused on those requirements. Even in cases where the Owner decides to sole-source the project, documents should be developed detailing the type of integration required. Never assume that an outside entity understands your integration requirements. This is the biggest mistake that is made during these types of projects!
Documentation that tells the bidding contractor specifically what you are requesting is extremely important. It sets the expectations from both parties on what is to be provided and what is to be received. It eliminates any disputes as to the functionality of the final deliverable. Integration is two subsystems cooperating to provide a specific functional outcome which is more difficult to ascertain then purchasing an out of the box technical component.
Once the Contractor has been selected and the project has been kicked-off it is especially important to coordinate the work taking place with the end-users. Setting expectations for deliverables and successfully rolling-out the integration is important to the credibility of the project. Making sure the Contractor has realistic goals as it relates to timing, functionality and training is a responsibility of the Integration Champion. Changes in process are usually heavily scrutinized by employees in any organization. An organized, methodical approach to the execution of the project, testing and re-testing of the functionality before going live can establish a level of success and minimize failure in the eyes of those affected.
Step 3 – Managing Integration
Once the project has been completed and the integration has been successfully implemented there is a need for day-to-day management. The Integration Champion should develop a testing plan that is utilized on a weekly basis. This is especially important when the integration spans multiple departments. Implementing an automated authentication of the integration during the implementation phase is an excellent way of verifying that the functionality of the integration stays intact. If there isn’t a method of automating the process, then a manual testing plan should be implemented that will identify to the end user that the integration is functioning. In most cases the IT Department will test the functionality in the same manner they execute back-ups to mission critical systems. This ensures that the integration is vetted in a consistent and timely manner.
Integration between security systems such as Access Control and Video Management are used on a daily basis making it very obvious when the functionality is no longer working. Additionally, most connections between security systems require some sort of authentication that will notify the end user when it is no longer functioning.
Policies and Procedures effected by the integration should be modified to reflect the connection of the systems. Training should be implemented on a regular basis so end users are educated on the integrations functionality. Using the example given at the beginning of the article, if the HR person did not understand that the HR System automatically notifies the Access Control System and renders the credential inactive they may utilize the process of manually informing security of the employment status change thus minimizing the success of the integration.
Because of ever-changing technology, the security system marketplace is constantly moving toward a more open-architecture environment. While this is an advantage and certainly makes the technical feasibility of integration more possible, the process of integration is still complex. From selection of an Integration Champion through long-term management, integration of the security systems can be extremely challenging without a detailed, organized approach. Documentation and communication are of paramount importance and cannot be understated. Technical projects can live and die by the perception of staff. Successfully implementing security integration utilizing the elements discussed can show all end-users that the process was thoughtfully planned, as well as providing a lasting effect on the security of your organization, it’s employees and its assets.
Need additional guidance with your business best interest in mind? PlanNet can help.