Integrated security systems and their vulnerabilities
Technology is having an enormous impact on our lives. It is changing how we work, how we socialise and how we communicate, and the commercial building space is no different.
As security professionals, never before have we had this level of intelligence and information available to us and it’s not slowing down. In some instances, technology that was leading edge a few short years ago is already ‘old school’. While we have seen ongoing improvements in individual product suites, the biggest advancements have come in our ability to integrate disparate control systems.
Integration is not new to the commercial property sector and, like a fine wine, it has been maturing over time. It allows us to create better, more efficient and smarter buildings that are greener and more cost-effective to operate. Building Information Modelling (BIM) allows our architects and planners to understand every detail of a building before it even leaves the design table.
Yet where does security fit into our new energy efficient buildings and what impact can it have on building operations? Is it addressing the current (and escalated) environment we live in or are we just trotting out the same old solutions?
The fact is energy efficiency has been the primary consideration in building design for some time. Because the local environment has changed, however, what was deemed security best practice just five years ago may not be appropriate anymore.
In reality, the risk profile of every commercial building, transit centre, shopping centre and anywhere that people gather, has had its risk profile impacted by local and overseas events. That dictates that we must rethink how we manage security in the built environment.
In the past, an escalation in threat level would mean an increase in security manpower. A visible presence that demonstrates security is taken seriously. But we can be a little smarter with our use of resources these days, thanks to technology developments and newfound capabilities in our security systems.
Traditional security platforms such as access control and CCTV come with greater levels of intelligence and improved integration capabilities. We already know they can integrate with: building management systems, lighting, evacuation systems, personal address, fire, and lifts.
They also commonly interface with payroll, time and attendance, and visitor management systems, as well as tracking and reporting on staff and contractor competencies. They have become much more than just security systems. They create opportunities for efficiency gains and process improvement.
CCTV systems have never been smarter. They can recognise people and vehicles, work as alarm sensors through the use of intelligent Video Motion Detection (VMD) and know when objects have been left behind or removed from an area. They can also tell us how many people are in our buildings and recognise and alert us to unusual behaviours.
We can integrate CCTV with lift management systems so that we can prioritise lift movements based on the real-time pedestrian flows of a building. For buildings that don’t have Lift Destination Control (LDC), this can be a cost-effective way to gain some improvements using existing building systems.
Perhaps the single biggest development in integrated security solutions is the ability for systems to automate the response functions of many alarm events. They no longer have to go to a console operator or a security guard to action. Access control and alarm systems can automate alerts, send email advices, initiate public broadcast announcements and even dispatch social media updates, all based on a given alarm event.
“New technologies can often mean new vulnerabilities. Luckily, the vulnerabilities associated with many physical security systems are few and far between.
This is a bigger development than it sounds, as guards no longer have to be glued to a control room chair to perform their functions. From tablets and smartphones with the appropriate app installed, guards can remotely open doors, answer intercom calls and action alarms. This allows our guards to become mobile and far more effective from a security perspective. There is little value in having a guard watch CCTV monitors all day when technology can control most of it for us.
For building managers that have a permanent guard presence, this can be a way of improving security while reducing the total spend. Security staff can have a greater presence where they are really needed, which in turn has a positive impact on the risk profile of the building.
Through new technologies and clever integration, building managers are learning that security technologies can bring efficiencies in areas outside of security and even generate some return on investment. This was unthinkable not so long ago.
New technologies can often mean new vulnerabilities. Luckily, the vulnerabilities associated with many physical security systems are few and far between. It is possible to defeat access control systems, but the manner is not well-known and unlikely to be used. Historically, security breaches occur because a process has broken down or someone has not done their job correctly.
This is another good argument for security technologies. While not foolproof, technology won’t fall asleep, get distracted by Facebook or talk on the phone for extended periods. And while we continue to use traditional methods of installation, such as using closed-loop networks, they should remain inherently secure and highly reliable.
There is considerable discussion about the Internet of Things (IoT) or Machine to Machine (M2M) communications and how these will impact the physical security industry. Security networks have always relied on a physical connection, and for good reason. Sure, there have been wireless devices available for many years, but we have overlooked them anywhere security has assumed any level of importance.
If this is removed and we adopt IoT or M2M as an alternative means of communication, to what new risks will we be exposing our systems? Hacking, interception and corruption? In all probability… yes.
So let’s make use of the new tools and technologies available to us. But keep in mind that we need to stick to proven, recognised best practice for security systems’ installation.
The process to determining what security practices and technologies should be in use in your environment is not a difficult one. It all starts with a Security Risk Assessment (SRA) that will detail everything you should be doing and why. So, by all means, continue to think lean, mean and green. Now more than ever, security deserves some serious consideration.
The author, Luke Percy-Dove, is the director of Matryx Consulting. This article also appeared in the April/May edition of Facility Management.