The New Systems Integration Scenario

July 9th, 2010 | Security Articles & Tips

“Technology has taken strides to improve operator efficiency, communications distribution, and information integrity”

Since we are the “Research Triangle Park” chapter of ASIS, I’m going to address a slightly more technical aspect of security here than usual.

More and more these days we see electronic security systems claiming that they are “Open Standards” based, which will allow them to inter-operate among various 3rd party vendors. While I’m glad to see a departure from the once proprietary nature of electronic security systems, I disagree that things have really progressed to the point of being truly “open”. After all, by definition, even Microsoft Windows NT is really a “proprietary” operating system (for those of you who don’t believe me, try asking Bill Gates for the source code to NT). The only non-proprietary systems out there are ones that are owned by the public domain, with the “guts” or source code of the software freely available to all. Linux is a good example. Security vendors claiming their Windows NT based system is “open source” clearly don’t represent the true spirit of that term. Ubiquitousness is not a synonym for open standards. Instead, what Microsoft and others have done is provide “hooks” into their software to allow other systems to communicate and share data with them via some “standard” interface. ODBC, which stands for Open Database Connectivity, was developed by Microsoft as a standard database interface to accomplish just that goal.

What this all translates to is a new method of making different security systems inter-operate. The old days of having relay boards, dry contact switches, and protocol converters to integrate 3rd party systems are largely unnecessary these days. Today’s security program is changing. It’s not about relays, bells, lighted panels or dialers anymore; it’s about computers, databases, local area networks, cellular packet data, and graphical user interfaces.

Don’t get me wrong, Systems Integration is not a new term. The concept of making alarm monitoring, card access, CCTV, fire alarm, and energy management systems all talk to each other in perfect harmony has been around ever since these systems existed. After all, wouldn’t it be better to have one computer monitor rather than five? However, no single company could ever manufacture a system that could do it well, and 3rd party integration efforts were kludgy at best, and difficult to maintain.

So, just exactly how do security gadgets intercommunicate these days, and why is that important to me? Well, luckily, the security industry has finally begun catching up with the technology industry. And some of the gadgets and technologies used there can directly translate to the security industry. Technology has taken strides to improve operator efficiency, communications distribution, and information integrity, at the same reducing headcount, operating expenses, and tariffs. The final result being more effective event management.

1. A lone security officer is making his rounds in a large warehouse facility. An intrusion alarm occurs in the far site of the warehouse. The alarm event is received by the card access system, logged in the database, and sent to the PC screen. Obviously, the alarm is not seen or acknowledged because the officer is elsewhere in the building. So, the system, after 90 seconds, forwards the alarm event and building graphic to the security officer’s wireless Palm Pilot, showing him the alarm text and where it is occurring. As the officer responds to the alarm, he is attacked by two masked assailants. He presses a wireless duress button, also on his person. This immediately sends an alarm message, which is sent to a remote central monitoring station, and also sends an alphanumeric page to the security company’s account roving vehicle response patrol. All the while, CCTV cameras have captured the entire series of events and stored them digitally over the company’s network to a digital video archiving system, which can later be used as evidence.

2. Jim Jones is hired by XYZ Corporation as a new employee on Monday. He reports to Human Resources with his application and insurance forms filled out, which are entered into their People Soft HR database. Shortly thereafter, he reports to the HR ID department, which takes his picture at an electronic photo-imaging PC workstation. The photo-ID badge is printed, encoded, and issued to the employee at that time. At the same time, all of his relevant information (name, social security number, home address, department, phone numbers, license plate number, photograph, card number, etc) are exported from the HR database down to the Security Department’s card access server. Here the record is imported into the card access system, given limited privileges and activated in the system. The employee now has an active card access badge which works on the front doors from 8 to 5. His supervisor needs to give him additional access to the file room, so he logs in via a web browser, connects to his department section of the database, an adds the file room door to Jim’s privileges. Two weeks later, HR discovers that Jim has a past criminal history record of armed robbery and aggravated assault. The HR database “terminates” Jim in the database, which downloads the updated information immediately to the card access system, deactivating Jim’s badge in the system.

All of the technology to create the scenarios exists today. In fact, some companies actually do use a variant of both of these scenarios. So what does it take to create these interfaces and make these systems work together in my security operation?

  • Coordination between your Human Resources, Security, and IT/Network departments.
  • Modern electronic security systems, which use enterprise level technologies with “standards”, based interfaces.
  • Skilled, knowledgeable employees, contractors and consultants.
  • Conviction to stay current with technology trends.
  • Careful planning of the system interfaces, backup plans, and operations procedures.
  • Financial commitment to fund “custom” solutions to non-standard problems.

If used properly, true integrated systems can make a security department’s operate smoothly and efficiently, with reduced staff and need for manual procedures. But the commitment required to automate these interfaces can not be taken lightly.

If you would like more information, please contact Security Management Consulting or visit our website.