Moving Enterprise Access Control Systems Into the Future
Taking enterprise clients from yesterday to today while keeping a close eye on tomorrow.
In Star Trek, the Starship Enterprise is tasked with the mission to “boldly go where no man has gone before.” And while space may be the final frontier, for the integrator, designing for a large enterprise-level access control system is a bit like being on that aptly named starship. You have to understand the past, present and what to expect down the road in order to steer your client’s enterprise towards the future.
Historically access control users and security in general have been conservative when it comes to change.
“We are very conservative and I am not sure why we are not on the cutting edge,” says Sam Shalaby, president and chief executive officer (CEO), Future Security Controls, a member of SecurityNet, Ontario, Canada. “We should be. In my opinion we should be putting in the latest and greatest.”
But as anyone in this industry knows, it is almost never that simple.
“Enterprise customers tend to grow and spread out,” says John Smith, senior channel marketing manager, Honeywell Security, Melville, N.Y. “Every time they add another location or standardize operations, there is a lot of cost involved. How can they get their per site costs down? How can they reduce operational management costs? Those are the challenges they have every day.”
For the integrator, knowing what is available today and coming up tomorrow are the keys to helping clients solve the challenges they have now and stay on top of technology they need to prepare for in the future, says integrator Sean Brown, general manager, Datawatch Systems, Bethesda, Md. “They need a system that can handle the legacy from yesterday, run the systems of today and expand for the systems of tomorrow.”
There are many enterprise-level access control systems already installed and growing piecemeal. One of the things clients are looking at with keen interest is what else they can do with the technology they already have and how they can expand it without too much cost.
“A lot of our conversations seem to be less about technology and more about business applications,” says integrator Tim Ferrian, director of sales and marketing, Pro-Tec Design Inc., Minneapolis. “The big thing for integrators like us is to think outside the security bubble and more about the process. Most people have a basic need for securing a facility with card readers. After that need is initially met they start to look at what else they can do with that big investment. Enterprise customers are all so busy trying to get their own business done that they rely on us more and more for help in guiding them. Customers aren’t pushing us into new things. Rather we are being pulled more into their business operations to think about how security fits into the overall environment. People are saying ‘Can’t we use this for…?’”
One way to accomplish this is through third-party integration with the systems that are already in place, allowing users to do more with the system.
“I am seeing more access control companies in general trying to offer more open or more robust API’s or SDK’s to connect to their systems,” says integrator Mark Schweitzer, manager of project engineering, G4S Technology, Omaha, Neb.
AMAG Technology, Torrance, Calif., is one such company, says Regional Sales Manager Bill Kotwicki. “We have within the last year dedicated a department to integrating with third-party products and have already signed on 30-40 companies. We ask the third party to write the integration then give it our approval. A lot of these are niche products where it doesn’t make sense for us to write the integration, but the third-party company is happy to do it.”
ASSA ABLOY, New Haven, Conn., is another manufacturer focusing on the “what-else-can-it-do?” mentality, with a push for sustainability.
“A lot of folks are looking to manage energy consumption these days and the only system in their facility that knows where the people are is the access control system,” says Peter Boriskin, director of product management for the commercial EAC Systems, ASSA ABLOY.
Current technologies include better reporting solutions such as access control analytics that look for characteristics and trends that provide insight into things like occupancy loads, describes Steven Lewis, senior product manager, Tyco Security Products, Westford, Mass. “‘Are we making the correct number of lunches in the lunchroom based on occupancy? Can we bring in logical and physical to disable remote access when physically in the building?’ We are working on all of those solutions, and at the same time looking for different integrations to make our products more powerful through partnerships with complementary products.”
What these developments mean for integrators is the ability to go out there and push the relationships they already have with new opportunities. “When integrators get in front of them they now have something new to talk about,” Kotwicki says. “They can figure out where their heartburn is and think outside the box. At the end of the day, access control systems all do about 85 percent of the same things. It makes sense to talk about the other products that can work to make lives easier and solve some of their problems.”
Another way manufacturers and integrators are making inroads to enterprise customers today is through the increasing use of wireless access control technology to add doors at a lower price point.
“We are seeing a significant adoption of Wi Fi,” says Ron Oetjen, CPP, president, Intelligent Access Systems, Garner, N.C. “We are starting to see wireless locks adopted by enterprise clients, particularly on secondary doors.”
Rick White, vice president and product business leader, electronics, Ingersoll Rand Security Technologies, Carmel, Ind., agrees. “Wireless has really turned the corner. As recently as five years ago wireless was considered interesting but viewed with a critical eye. Now we see it exploding in the market in terms of a more cost effective way to get to a lot more openings.”
The wireless “taboo” has definitely been lifted, says Richard Goldsobel, vice president of Continental Access, Napco Security Technologies Inc., Amityville, N.Y. “Systems have shown themselves to provide enough encryption and the cost of installation for wireless pushes the dealers and integrators to offer that more and more as a solution.”
For enterprise clients especially, they are almost certainly already employing a secure wireless network, so being able to jump on that network with an inexpensive Wi-Fi-based lock that has zero infrastructure costs is a big benefit, Boriskin adds.
“The area we are putting significant effort into is allowing wireless doors and devices to connect through our integration,” adds Frank Gasztonyi, CTO, Mercury Security, Long Beach, Calif. “We believe this type of connectivity will allow the end user to have flexibility to choose the most appropriate technology for their doors and cover more points than would have been practical with only rigid hardwired solutions.”
For many enterprise-level end users, whether they are starting from scratch (a rare event) or adding on to a system that has grown up organically over time and acquisitions, the technologies out there now that may impact them the most in the near term are the buzzwords of the Internet: open standards and the cloud.
“I don’t know if you can ever completely ‘future-proof’ the enterprise, but the days of proprietary systems are over,” Shalaby says. “I don’t think anyone will do well if their system is very proprietary. Yet our industry comes from that background. I believe this trend is changing slowly and the reason is because of the tools that are available these days. No want wants a system that is tailored just for them anymore.”
White agrees. “If you look at the security industry, we differ from a lot of the other technology industries in that we don’t have standards in how devices talk to each other. Other industries have built standards around how things communicate. That time is upon us now. I would say that the centerpiece to ‘future-proofing’ is migrating to open standards and protocols because those will create the most opportunities for future technology adoption.”
The cloud is a concept that has been around for a while by a different name, managed services. This is a type of security service that has not historically interested large enterprise clients. However, the storage and communication solutions employed by the cloud do have implications for the enterprise market in the form of private clouds managed in-house, or even by the integrator.
The cloud is already here for small- to medium -sized applications but there are still some kinks to be worked out at the enterprise level, Lewis says.
“Cloud technologies are growing. The government is moving toward cloud technology. But the types of solutions for access control that work in that environment have to be specially built for cloud solutions. There are downtimes and breaks in communications. There is still some work that has to be done in the solutions to work them toward the cloud.”
G4S is one integrator trying to interest enterprise clients in the cloud.
“We are trying to work with a couple of different manufacturers to create a cloud product to offer enterprise clients so they don’t have to manage the back-end infrastructures,” Schweitzer says.
The cloud is seriously being looked at by some enterprise applications, adds Honeywell’s Smith. “Most enterprises will deploy their own cloud, but there will be some economies of scale where it doesn’t make sense to manage a large cloud. You may find a hybrid solution where there will be some applications in the cloud for management but the larger management is being done by the enterprise, while long-term data storage is being farmed out to third-party cloud storage providers.”
The buzz of the industry in the past year has and continues to be near field communications (NFC), a technology that isn’t quite here yet and has some hurdles to overcome, but has the potential to be a huge game changer.
Oejten says, “Everybody is talking about [NFC], but there is not a lot of implementation. I do selectively think the enterprise world will be interested in NFC down the road. But there is still value in an ID card.”
The big question is not whether NFC will be used in the enterprise world but how? In the enterprise space right now smart cards are generally acknowledged as the current path forward for almost any application. How will NFC fit into that migration path?
“I believe it will be a combination of technologies,” Shalaby says. “We will never do away with a card, but it may be in the wallet and you will use your phone most of the time. There is also a certain requirement for cards for ID. You will end up having both: a cell for the data and information and a card for ID.”
If NFC lives up to its potential, a smart phone could end up doing as much or more than a smart card, leaving that ongoing migration open to question.
G4S’s Schweitzer sees NFC as a direct competitor to smart cards. “You don’t have to maintain the cost of printing out a smart card. For some of the smart card upgrades, that is the biggest difference.”
Kotwicki agrees. “NFC will certainly hurt smart cards. For whatever reason there has been a reticence [here in the United States] about them. We have been hearing about them for 10 years or more and maybe 10 percent of my clients are using them. If NFC does indeed come along it may leapfrog smart cards.”
Holly Tsourides, CEO, Matrix Systems, Miamisburg, Ohio, adds: “NFC has a lot of potential to be the most exciting thing the industry is getting ready to adopt.”
Still, she thinks it will be a slower adoption and a side-by-side evolution with smart cards.
“We don’t see a lot of leapfrogging in access control technology. I still think users prefer to take their technology migrations in baby steps. We still have a lot of users that have mag stripe. I don’t see them going to NFC. But I could see an integrated reader with prox and NFC. There will still be a hybrid step between NFC and smart cards.”
Dennis Geiszler, vice president of international sales and marketing, Keri Systems, San Jose, Calif., also says ‘not so fast.’
“NFC for corporate users is going nowhere at the moment. They are talking about using it, but what if the phone is dead or you forget your phone? What about photo ID? I don’t see anything imminent for NFC.”
One of the biggest questions will be provisioning. If NFC-enabled phones become so ubiquitous that everyone has them, then there could be a BYOD (bring your own device) type of model where everyone provisions themselves, Boriskin says.
With all these questions, how can an integrator prepare for the unknown?
In any migration, the key is backwards compatibility, and that is what manufacturers are preparing for at the moment, with readers that can read anything from mag stripe, to smart cards, to NFC.
“If you have multi-tech readers, it gives you the flexibility,” IR’s White says. “What is the reader population and are they NFC ready? That is the roadmap question and thought process. You have to be able to go backwards and forwards at the same time.”
And that is the crux of the issue, whether you are looking near-term or far for the enterprise client.
“With all their product combinations, integrators should look for components that work on being interactive and support integration with other types of systems and carry forward a generally open philosophy,” Gasztonyi advises. “That has been the most difficult thing to overcome for enterprise class clients because they were locked in, historically (see “A Case for More Openness,” on page 90).
Schweitzer adds: “We are helping our customers make decisions on what hardware they are going to use and what access control software and fitting pieces together so they are ready for whatever the future holds.”
A Case for More Openness?
If any recent development in the industry has illustrated how things are changing from proprietary systems to more open and interactive, it is what will happen to the Picture Perfect customers. While no one knows how things will ultimately shake out, UTC’s decision not to support Picture Perfect products going forward has thrown the industry into a frenzy of activity with manufacturers scrambling to come up with workable bridges to the old proprietary system and integrators realizing the potential opportunity to get in front of customers that were once locked in to someone else.
“I think the last 12 months were about talk and what is going to happen,” says Ron Oetjen, CPP, president of Intelligent Access Systems. Now manufacturers are putting solutions out there and going to these customers with them. We are dead center of the issue. None of the decisions or only a few have ultimately been made. Customers right now are analyzing what is available.”
From AMAG to Mercury to Lenel/UTC, Honeywell and Tyco (among others), manufacturers are stepping up to the plate with potential solutions. It will be up to the industry to ultimately sort things out. But the lesson is clear.
“Picture Perfect was hardware and software centric,” says Sam Shalaby, president and CEO, Future Security Controls. “Basically, the hardware only worked with their software and if you wanted to change it there was a problem. Now there is definitely a lot of opportunity out there and a lot of manufacturers are coming out with bridges to allow them to keep their hardware. But I don’t know if this is the right solution or not. I personally believe it may be time to change the system. If you are going to move a client to a new system you might as well use the greatest and most recent technology.”
Most people don’t have huge budgets to make wholesale changes in their security budgets, however, says Rick White, vice president and product business leader, electronics, Ingersoll Rand Security Technologies. “As you make changes to any system, you have to take a second look to make sure you see where things are going to go vs. just like-for-like replacement.
“One of the missing components in most security discussions, especially really big ones, is what is the end user really getting for having that system operate and be completely interoperable? As technology evolves and architecture opens up more and more, what is the difference between installing software like that or just starting over? That I don’t know.”
Frank Gasztonyi, CTO, Mercury Security, sees lessons to be learned from the Picture Perfect situation. “This is one of the strongest reinforcements of our open message. If they had had an open product, those customers would be able to move onto a different software platform more easily.”