Slowly but surely, the security industry is becoming comfortable with managed services and the benefits they provide. If you’ve yet to experiment with cloud solutions, managed access control may be a good place to start, with 2021 SDM Industry Forecast respondents rating it as the most popular managed service (64 percent currently offer managed access, while 43 percent said they are planning to offer the service in the next 12 months).

Managed access is fundamentally different from traditional access control in that there is no on-premise software, says Tim Brooks, vice president of sales and vendor management at PSA Security Network, Westminster, Colo. “The database and user interface are both in the cloud, and the user interface is typically managed via a web browser. Also, rather than an upfront cost for the proprietary software pieces and an annual support agreement for traditional access, managed access is built around a monthly fee to have access to the cloud platform. And, the cloud platform is updated on a regular basis as part of that monthly fee.”

PSA has been pushing the adoption of cloud services such as managed access to its integrator members for years, and the reasons are obvious. As Brooks points out, managed access is often easier to deploy, bill, support and make a consistent profit off of.

Jeff Ross, director of global marketing at Feenics, Ottawa, Ontariosays that one of the main differences between managed access and traditional access is that the end user doesn’t have to do as much heavy lifting.

“The system backend is typically managed by the software manufacturer, although in some cases a systems integrator will take on this role,” Ross explains. “The managed access model places far less demand on the customer’s IT department, as there are no servers to manage; no operating systems or databases to install, patch and support; and no backup or redundancy functionality to oversee. Even access control software updates are automatically applied without customer involvement or system downtime.”

Another difference Ross points to is that managed access control systems offer subscription-based licensing, which requires far less upfront capital investment. You pay as you go, and only for those products or options you use, making scaling your system a more seamless experience, he says.

All of this time saved frees up the integrator so they have more bandwidth to offer an extended array of managed services, such as credentialing services, system configuration or report management — all of which bring new revenue opportunities.

“With managed access solutions, integrators can play a more active role in the ongoing administration, changes and updates to their customers’ access systems, whereas traditional on-premise solutions were often managed by an onsite administrator employed by the customer,” says Brad Mushovic, chief marketing officer at RemoteLock, Denver. “Today, integrators can perform all system administration functions from anywhere — something that traditional on-premise solutions simply cannot offer.”

The cloud is really where the action is in managed access, Mushovic says, because it further expands on these capabilities with the added benefits of real-time system updates, better data security, reliable system uptime and more.

“Managed access control gives integrators solid avenues to building recurring revenue in their business,” Mushovic continues. “With cloud-based access control, integrators can manage access for their customers regardless of geographic location 24 hours a day. That means they can build value-add service packages that suit each customer’s needs without adding additional maintenance staff and travel overhead.”

Beyond the RMR potential, managed access solutions help integrators build deeper, stickier customer relationships. “Most solutions give integrators access to reports that can help them understand the unique use cases each customer has so they can build a customized service and support program for them,” Mushovic says. “Managed access enables integrators to build those kinds of customer partnerships.”

Sean Foley, senior vice president of Interface Security Systems, Earth City, Mo., says that with managed access control, businesses can take control and minimize the overhead of managing door access using traditional locks and keys.

“It gives an organization a range of options such as badges, fobs, biometrics or even smartphone apps to present their credentials at access points,” Foley says. “It’s also easy to set up multi-factor authentication access using a combination of methods. Unique business rules can further define access to a location based on shift hours, days of the week or locations — security managers can receive alerts and administer the system from any location.”

And while managed access can bring benefits to a variety of applications, it’s most popular among small- to medium-sized businesses, according to Kim Loy, chief product officer at ACRE, Dallas, Texas.

“SMBs stand to gain the most from the use of this type of access control model, as these organizations typically do not possess the resources necessary to house a comprehensive security solution (such as a robust IT department that has the ability to oversee an on-premise solution),” she says.


The Impact of COVID-19

With the many challenges COVID-19 presented to businesses, managed access control became a sort of Swiss Army Knife.

“The primary change over the past year and how COVID-19 has affected the market is the increased appreciation for business continuity and the need for the existing systems being used to help support that need,” says Lee Odess of Group 337. “Prior to COVID-19, some of the attributes of a system that could be managed, such as cloud architectures or data visualization, were seen as a nice-to-have versus a need-to-have. When everyone was unable to go to the office or the building that had the access control system physically or if the system administrator was tied up with other parts of the business, the needs turned to wants as the true benefits were finally highlighted.”

Jeff Ross of Feenics agrees that the pandemic brought to light the many advantages a managed access system offers.

“From automatic updates that do not require rolling a technician or service truck on-site, to automatic backups and cloud-based redundancy options that do not require customer interventions… the past year has underlined the importance for the ability to fully manage your day-to-day security operations from a remote location,” Ross says.

With cloud-based managed services, he adds that many companies were able to smoothly transition to a work-from-home environment without having to re-deploy licenses, install new client software or even be required to come back on site for server maintenance.

RemoteLock’s Brad Mushovic says he has seen the acceptance of cloud-based solutions growing steadily over the last few years, but COVID-19 really pushed the trend into overdrive. “The way that businesses shut down so quickly left many companies that had on-premise access control systems in a real bind,” he says. “They were accustomed to having one, maybe two system administrators on-site to manage access to their buildings, and overnight those individuals were quarantined due to COVID-19 exposure in some cases.”

COVID-19 made businesses who had been dragging their feet on moving to a managed access solution realize just how critical remote management capabilities are to business continuity, Mushovic says.

Plus, COVID-19 stress-tested integrators, and the ones with recurring revenue in place had an advantage.

“RMR was also critical to integrators during the months when new installs were halted and businesses and entire cities shut down,” Mushovic says. “Consequently, integrators who were not doing managed access have felt a strong push to do so. A year ago, integrators were starting to walk down the path of managed access and now we are seeing more of a sprint among integrators who want to add cloud-based access control to their offerings.

“The drive isn’t just about finding ways to build RMR though. Integrators must figure out how they can meet the new access management requirements that have come from the last year or their customers will simply find someone else who can.”


Challenges With Managed Access

Though most consider the pros to far outweigh the cons, managed access does not come without its own set of challenges.

“There are a lot of moving pieces in play when deploying managed access, especially at scale,” Foley says. “It takes an experienced team to closely plan and organize a deployment with the end user. For some integrators, it can be a lot to take on.”

Mushovic says that most of the challenges he hears about from integrators are related to internal business logistics. “Some, but not all, of access solutions are incredibly complex, and when those solutions are used it can be difficult for the integrator to maintain the certifications and training for enough staff to meet customer needs.”

Integrators’ businesses truly run the gamut when it comes to managed services, Mushovic adds, and while very lucrative, it can be a challenge to offer such individualized services day to day — especially after their certified staff leave.

“The biggest challenge is to learn and embrace the new model,” Brooks says. “There is some basic networking and cloud education and training required, but these skills are very common in the workplace today.”

Ross sees two common challenges integrators face when offering managed access control.

“The first is properly aligning their business and selling model to support managed services and RMR as a major source of revenue,” he says. “This includes everything from properly incentivizing their sales team for selling in a managed access environment to adapting their accounting and billing procedures and aligning their support teams to work with the managed service model. We have found that the integrators who have gone all in on this model and align (and in many cases re-align) their business to support managed services have been quite successful while others who have struggled to nail this piece often run into challenges.”

The second challenge he sees is becoming comfortable with the new and different technology that comes with offering managed access control systems. Managed services require new terminology, services and buzzwords that integrators must become proficient with in order to properly articulate the value and differentiation these offerings bring to their customers and prospects.

“There is a learning curve, as well as operational concerns, involved in changing a business model,” says Cooper Briscoe, product management lead for cloud solutions at LenelS2, Pittsford, N.Y. “Some prefer to take a wait-and-see kind of approach as the adoption rates of these products and services continues to increase. Much like we saw with the smart home boom and the introduction of doorbell cameras and services that don’t require professional monitoring, the perception of security continues to change, and managed access is another example of this.”

Ross says that some integrators may still question whether managed access will ever become mainstream because some legacy access control manufacturers have been slow to embrace managed access. “Since many of these lines are carried by integrators, it can put them in an awkward position,” he says. “Do they risk losing a traditional line by moving to a more forward-looking manufacturer with managed service opportunities?

“This might strike a nerve with some people, but the reality is that many manufacturers are holding integrators back by requiring revenue thresholds that essentially force them to sell a solution that may not be the right fit for the customer, simply because the risk of not meeting the revenue target could cause the integrator to lose access to the line. It’s a scenario that could hold back some integrators from offering managed solutions from other providers.”

Lee Odess, CEO of Group 337, Bethesda, Md., says that finding the right partners to support a managed access offering is one of the greatest challenges integrators face.

“Changing manufacturers and retraining is never easy (or cheap) but may be critical as models and markets move,” Odess says. “It’s hard and expensive to change, but in the end, the change is going to happen. The question is: do you make it or does it happen to you?”


Advice for Integrators Interested in Managed Access

Like any new service, it’s important to do your research before adding managed access control to your offerings. Here, industry professionals already involved in the space share their advice for security systems integrators interested in offering managed access.

“It’s important to have an experienced team in place that can work closely with a customer to ascertain the exact needs of the business. It may sound cliché, but listening to the customer and carefully designing solutions for their unique needs is critically important. It can make the difference between a failed deployment that generates constant service calls and one that truly enhances the experience by protecting both employees and assets.” — Sean Foley, Interface Security Systems

“Find a trusted colleague, probably in a noncompetitive market, that is already successfully offering managed access solutions and see if they’d be willing to share their knowledge or mentor. There’s no need to reinvent the wheel. There are a number of integrators having great success selling managed services. Seek them out, learn their best practices, their early missteps, and then apply those as they relate to your business model. Also, don’t be afraid to consult with software manufacturers who offer solutions that enable managed services. They work with integrators everyday who sell and support managed access systems.” — Jeff Ross, Feenics

“It’s important to first recognize the incredible benefits and scalability that managed access control brings — not only to your own organization, but to the businesses you support. From there, discuss with your team if offering security-as-a-service is something you believe would benefit your organization.” — Kim Loy, ACRE

“The best way to start is to lean on your network of dealer friends and also work with your manufacturers and ask them, ‘How can you help support this vision?’ You do not need to go at it alone. There is a wonderful network to help you go at it.” — Lee Odess, Group 337

“Inertia can be hard to overcome, so start small if you need to. There are ways that integrators can dip their toes in the managed access water with their customers. For example, we have customers who have started off by managing just a couple of doors with smart locks, such as to their maintenance closets or shared huddle rooms, to get comfortable with a cloud-based solution. Eventually, they expanded their system to allow our software to control their entire access system, including the hardware that was already installed. This is a great way for integrators to start small, prove the solution to their customers while making sure they have worked out all the internal processes in their own business to support the RMR logistics and get ready for larger installations.” — Brad Mushovic, RemoteLock


Why Now?

So why is now the time to take the plunge? Our sources explain.

“End users continue to embrace managed access — sometimes more quickly than the systems integrator,” Brooks says. “With the majority of workers being remote during COVID-19, having a cloud-based platform is inherently easier and more flexible.”

And even the end users who don’t know yet about managed access control are looking for subscription-based services.

“End users are getting more and more accustomed to subscription-based models and paying for monthly services,” Briscoe says. “In particular, small- to medium-sized businesses value having predictable monthly operating expenses. Managed access reduces some set up challenges for the end customer and ongoing system maintenance, which means their personnel can focus on other aspects of security or the overall business.”

Enterprises can offload some of those same access control duties to remote offices while maintaining a single credential database that passes event data back to the main facility, Briscoe explains. And this feature has become increasingly valuable throughout the pandemic.

“It is great timing because the market demand for [managed access] is increasing, you had an epic event happen that showcased the need, and it is early,” Odess says. “You can get out in front of it and lead the evolution. This way you can not only take advantage of being a first mover, but you can also be there when the market is wide open and others are just starting to figure it out.”

As more buildings open and return to peak capacity, Foley says this is the perfect time for companies to re-imagine what a safe working environment can look like. “People have become sensitive to any type of access that requires touch after a year of concentrated hygiene practices,” he explains. “Some operations departments are going to be stretched thin and needing to do more with less resources. Managed access can help them work smarter, not harder.”

Brooks agrees, saying the entire model of the traditional workplace has been tipped upside down.

“There are new requirements for a safe workplace that fit nicely with managed access offerings — no-touch access, facial recognition, mask and temperature detection at the point of entry, contact — all in conjunction with video, people counting and tailgating detection,” Brooks says.

Also, many of the challenges that once came with using managed access are easing up thanks to new technologies.

“Newer solutions are making things radically easier for integrators to offer managed access control,” Mushovic says. “While just as powerful, they are also very intuitive systems to use, and they don’t rely on having extensively trained personnel on staff to administer them.”

New models can take time to gain high penetration, but according to Mushovic, we are past the early adopter phase of cloud-based managed access. The market is largely comfortable with the technologies and demand for managed access is growing rapidly.

And as we move past this early adopter phase, experts say it’s important to hop on the trend before you’re late.

“As the industry begins to evolve and more systems move online with either a pure cloud or hybrid of cloud and on-premise solutions, you put yourself in a better situation to ride the evolution wave versus having it done to you,” Odess says. “I believe more systems integrators and more end users will expect a different relationship with manufacturers when it comes to software solutions. And this change will be a more direct relationship where the customer is going to expect and want to pay for services rendered where they are getting value.”

While this might put pressure on manufacturers to start selling the software direct to end users, Odess says that the added value integrators can bring to integrate and manage systems will not go away.

“I would get ahead of this curve and start offering [managed access] now,” Odess concludes. “I see [managed access] as the future of what access control is in the high security and enterprise space. As more systems move to hybrid and cloud architectures and the demand increases for these systems to work with and integrate with other third party non-traditional security systems, the systems integrator is going to be in high demand, and the model of managed access will be the preferred method.”

Briscoe expects to see the continued adoption of managed access in the future, along with more flexible purchasing and financing options, and additional services for the end user.

The demand for managed access is increasing at such an extraordinary pace that Ross predicts it soon becoming the standard.

“More customers are asking for these services every day — particularly with the circumstances of the past year and the new normal many customers are facing,” Ross says. “We believe that managed access solutions are not too far from becoming the de facto standard for deploying security platforms.”

Loy believes there has never been a better time to offer managed access. “With the advancements in cyber-attacks, protecting your infrastructure has never been more vital, and passing off managed access control to your service provider provides a new level of data security. Additionally, the beauty of managed access control is that everything is handled off-site and by a team of trained professionals.”

This approach means the client can rest assured that their data is safe and secure, and also focus on the rest of their business without worrying about their security infrastructure.

“The future is very bright,” Brooks says. “Managed access is ultimately easier to deploy, which creates better long-term revenue and builds better customer loyalty.”