Optimizing Your Security Systems
When conducting security assessments, we often see what appear to be very impressive integrated security and video surveillance systems installed in a Security Operations Center or monitoring station. The systems we see were produced by some of the top manufacturers and were obviously very expensive to install. However, once we dig a little deeper, we find that only a small fraction of these systems’ capabilities is being used.
Some common examples include:
Incomplete Systems Integration
The access control and alarm systems are capable of being integrated with the video surveillance system to automatically display specific cameras when an alarm occurs, but the links within the software have not been set up to make this happen. Security officers have to continue to select cameras manually in order to assess alarms.
Not Using Graphic Mapping Capabilities
The system has sophisticated mapping capabilities that allow devices to be monitored and controlled using site and floor plan maps, but the maps have never been created, or only a few rudimentary maps are used. Security officers have to rely on text descriptions or look at printed diagrams to know where alarms are occurring.
Operator Instructions are Not Used
The system has the ability to display detailed instructions to the security officer when an alarm event occurs (what to do, who to call, etc.), but these instructions have never been entered into the system. Security officers have to rely on their memory or look up information in a three-ring binder in order to determine what to do.
Careless Assignment of Access Privileges
The system has the ability to precisely tailor the privileges of access cards to only allow access to certain doors on certain days and at certain times, but the majority of cardholders have been given 24/7 access to all doors. This has been done because it is considered “too much work” to manage multiple access levels for cardholders, so liberal access privileges are given to everyone. Many people can gain entry to areas that they have no legitimate need to have access to.
Not Using Door Monitoring Features
Card reader controlled doors are equipped with devices that allow them to be monitored for door-forced-open and door-propped-open conditions, but the software has not been configured to allow this to happen, or the feature has been bypassed due to excessive false alarms. Doors are frequently found propped open, and the security officers have no knowledge of this.
Mobile Capabilities Not Being Used
The system has the ability to immediately send alerts to the mobile devices of security and management personnel when an alarm occurs, but this capability is not being used. There are significant delays between when an event occurs and when security and management staff are notified.
These problems can often be traced back to the handoff of the system from the security integrator that installed it to the customer who must use it. In most cases, the security integrator shows the customer how to set-up access levels, create maps and operator instructions, and set-up other aspects of the system during an initial training session. The integrator may even create a few access levels, maps, and other items as examples, but it is usually left up to the customer to fully implement all features of the system. This often never happens because the customer doesn’t really understand how to do it, or doesn’t have the time to commit to doing it.
This is not the fault of the integrator. To fully configure and create maps and instructions to a large integrated security system can take hundreds of hours of labor. Unless specified by the customer in advance, most integrators will not include this labor in their bids in order to remain cost competitive.
To get the most value out of your integrated security system, the following is recommended:
Understand System Capabilities
Fully understand all of the capabilities included in the systems that you have purchased. Learn about any optional capabilities that can be purchased for an additional charge.
Get Formal Training on the Systems
The customer should receive complete training in the use of the systems. We recommend at least two separate training sessions: one at the time that the systems are first installed, and one about 60 to 90 days later. We find it extremely beneficial for the customer to receive additional training after gaining some actual experience in using the systems. At this point, the student has greater knowledge of the system and can ask better questions.
For the best results, training should be conducted by a professional instructor in a classroom setting. The technicians or project manager responsible for the installation of the systems sometimes don’t make the best trainers, because while they have great technical knowledge themselves, they often lack the ability to effectively communicate this information to non-technical people.
Establish Access Policies That Make Sense
Establish access privileges that allow people to get where they need to go, but don’t allow access to places that they don’t belong. Establish your policies using the "least access" rule that gives the minimum level of access necessary for users to perform their jobs, but no more. Access privileges should be based on daily needs, not on exceptions.
Create individual access levels for each type of user and assign the appropriate level of access to each cardholder. In a large system, this can take time, but the security benefits are well worth it.
Budget Resources to Configure Systems
Recognize that configuring the system will take a significant investment in time. For best results, we suggest that the customer learn how to do this and do the bulk of the configuration work (creating maps, operator instructions, defining access levels, etc.) themselves. This makes the customer self-sufficient and allows changes to be easily made in the future without having to call in the system integrator.
Management should be made aware of the need for one or more employees to devote a substantial amount of time to allow configuration of the security systems, particularly at the time when they are first installed. This should be considered a part of the cost of installing the system.
If the customer does not have the resources in-house to configure the system, the system integrator should be asked to include this service in the installation contract. The contract should clearly define the level of configuration required in either a specified number of labor hours (for example, 80 hours), or a specified number of objects (for example, 120 maps) to be created. The contract should also include an agreed upon price for additional hours or the creation of additional objects.
Explore and Experiment
Fully explore all of the software that you are using. Navigate every menu, tab, and system option setting. If necessary, look at the user’s manual or call your systems integrator to learn more about the options and settings that you don’t understand.
Set up some sample sequences in the software, such as the automatic display of a camera when a door is forced open, and actually try them out to see how they work. Once you are comfortable with how a feature works, implement it at the locations in your facilities where you think it would add value. Be sure to test everything when you are done to make sure that things are working properly.
Collaborate With Other Users
Identify other users in your community that are using the same types of systems and form a relationship for information sharing. Learn about the features that they are using and any challenges with the systems that they may have overcome. Join and participate in any user groups or online forums that may exist for your particular brand of systems.
You have already made a significant investment in your security systems – take the time to get maximum value out of them. Doing so will increase the efficiency and effectiveness of your overall security program and better protect your organization’s assets.
Please contact us if you have any questions or need help in maximizing the benefits of your security systems.
Like this article?
Visit our Security Tips page for more than 75 additional articles on a variety of topics related to physical security
Follow us on Twitter to be notified when new Security Tips are published
Did You Know?
Silva Consultants is an independent security consulting firm and does not sell security equipment or products
Silva Consultants can assist you in the design and planning of an effective security program and in the selection of security products and services
Please contact us for further assistance
Thinking about becoming an independent security consultant yourself?
Buy Michael A. Silva's book on Amazon
"Becoming an Independent Security Consultant – A Practical Guide to Starting and Running a Successful Security Consulting Practice"
Published May, 2016