The installation of the access control and event management system at The Vanguard Group’s headquarters in Malvern, Penn., began as most installations do – the previous system was no longer meeting the strategic requirements of the business. But where the installation differs hinges upon a solid, ongoing, honest partnership between the enterprise security leader and the security systems integrator.
The new system interfaces with security video, access control, alarms and the camera call-up process in a single suite for the security command center, which enables users to get results in less time, with more ease of use and while interfacing with current software. At Vanguard, Head of Global Security Brian W. Lynch says that the key to such a complicated installation is detailed planning.
“The process, from idea to completion, took 10 months. It’s a long and laborious process, but it only works with planning in place, coupled with a top-notch team,” says Lynch, a 28-year veteran of the law enforcement and security professions. One of the imperative features of the installation was that there could be no downtime between systems, meaning that at one point in time, two systems were operating simultaneously. This meant that Vanguard’s IT department had to be on-board and included in the conversation for network requirements, testing in a non-production environment, data conversion, and system syncing.
“Having a workable, tight relationship with the integrator is a critical piece of the process,” says Lynch. His integrator partner, James DeStefano of Siemens Industry Inc. Building Technologies Division, worked with Lynch in three main capacities:
- Guiding and informing decisions about products and services, monitoring periods and upgrades
- Forming an implementation plan, including an inventory of buildings and assets, timetable of completion, installation plan and a cost differential
- Testing new products and completing the installation, including ensuring data is entered correctly with internal controls in place
“The security department develops its strategic goals to protect the crew and assets. We design the security game plans to meet these goals,” says Lynch. “The integrator is critical in that process because they are a strategic partner not only in the strategic view of where you want to go from a technology standpoint but also on the practical implementation of these technology components within your security plan.
“That partnership makes for a more efficient and more effective security department in the ability for us to ensure that, given our strategic goals, we are deploying and using the most effective technology on the market,” he adds. “From a strategic level, our security program is in place to protect our crew. The enhanced ability offered by this new product provides us with the capability to meet our security game plan in meeting this goal in a more effective manner. The delta between where we were and where we are now is material from the perspective of being able to identify and resolve incidents. That’s the metric by which these types of decisions are made.”
In order to keep a close relationship while working on the new access control and event management system, Lynch’s department held weekly or bi-weekly meetings throughout the process, so that DeStefano’s team could come forward with any issues or concerns.
“There are lots of moving parts in an installation of this size… We wanted to ensure the team was able to get to us with their problems – it’s okay to present us with issues,” says Lynch. “It’s critically important to develop an implementation plan, but there must also be an ability and willingness to adjust to circumstances that present themselves as you move through the timetable of installation events. As a result of our process and our team’s efforts, there was no disruption of our access control system nor in our ability to identify and respond to security incidents during the installation, which was one of our strategic goals.”
Similarly, frequent meetings and progress reports from his integrator partner helped Michael J. Sullivan, Director of Security at Rockwell Collins, an international provider of avionics and IT systems to government agencies and aircraft manufacturers around the world, create a workplace violence mitigation program, including blue emergency pull-stations within approximately 75 feet of every employee. Activating one of those stations triggers a customizable, audible message, which repeats throughout the facility so employees know the next steps they should be taking depending on the situation. Working with Tyco Integrated Security, which has been the Rockwell Collins security integrator for more than 10 years, whenever a station is pulled, an alarm is immediately sent to Rockwell Collins’ command center, which means that law enforcement can be notified, should employees be unable to call authorities directly, Sullivan says.
Also, the security team in the command center can access all cameras to view activities in the facility in question and provide additional intelligence to first responders and provide live voice updates to employees throughout the facility. Sullivan and his team worked with the security integrator to design and develop the command center, with central station specifications and complete virtual backup so that the Rockwell Collins security team can monitor the imminent threat systems and view any of the enterprise’s 800 cameras around the world at any time.
“Prior to the imminent threat system installation and integration with the command center, the TycoIS team held kickoff meetings with our corporate security team to streamline communication and provide full transparency about the design, layout and operation of the system between installation teams and local facility managers,” says Sullivan. “Prior to every installation, Rockwell Collins corporate security and TycoIS involve local authorities to ensure system buy-in and understanding. Following each installation, this team meets with the local Rockwell Collins teams to make sure the system is transitioned properly to the local facility team.”
“Communication is key,” Sullivan adds. “We meet quarterly to discuss any overarching contract issues and have project cadence meetings as frequently as necessary to ensure that our projects are progressing on schedule and budget. Building and maintaining trust takes time and commitment, and it’s imperative that both parties understand one another’s needs and challenges.”
At Texas Christian University, having a security integrator partner that really listened and understood the needs of the school and the community was imperative, according to Jonathan Roark, Director of Emergency Preparedness and Business Continuity.
“After the Virginia Tech shooting, we knew we had to do more with our mass notification system,” Roark says. “We already had TCU Alert, with text, email and phone call capabilities, but we wanted to be able to reach nearly 100 percent of the campus population at any time.” He launched a four-year project, featuring electronic notification, indoor alerts (including screen-pops on all computers and video screens) and outdoor alerts, soon to include loudspeakers across the 300-acre campus – all of which needed to be controlled under a single software system for easy and rapid activation. But knowledge of the necessary technology wasn’t the only feature Roark was looking for in his integrator.
"We needed someone with experience on college campuses who understands our concerns,” Roark says. Eventually, he decided to work with his existing fire and life-safety systems integrator – Metroplex Control Systems, part of ISI Critical Security Solutions – which proposed a solution that was more expensive than other bids, but dovetailed with updating the fire console and alarm loop to fiber cabling. “MCS also understands students’ hours, necessary sensitivity about working in and around residence halls, and generally not interfering with the students’ education,” Roark says.
Roark, other TCU officials and the four integrators on-campus from MCS are also working on a Memorandum of Agreement with the City of Fort Worth Office of Emergency Management regarding the new system’s capabilities, working to ensure that the two enterprises are not sending conflicting information during a crisis.
The TCU security and IT teams will continue to work with MCS on phase two of the installation – including much of the software updates and indoor technology – as well as for ongoing monitoring and maintenance on the fire alarm system.
Long-term partnerships like this one are no longer uncommon in the security industry; many enterprise security leaders are realizing the benefits – and the possible cost-savings – of an ongoing integrator-end user relationship.
For Gary LaClair, Director of Security and Parking Services for Piedmont Atlanta Hospital in Atlanta, Ga., working with his existing security integrator expedites the installation process, supplements his workforce and brings in continuous updates on compliance, technology and cost-savings.
The need to address perceptions from nervous patients and personnel after a 2012 spike in criminal activity near Piedmont facilities led LaClair to begin a $1.5-million security improvement project, including campus-wide lockdowns, six new duress stations, access control on perimeter doors, a rip-and-replace upgrade from analog to IP surveillance and more. Since the 1990s, Piedmont has been working with Intelligent Access Systems, a Securadyne Systems Company, as the enterprise’s integrator partner.
“The trust we have in this partnership helps us work out any issues with the ongoing installation,” says LaClair. “I’m a strong believer in leveraging technology, which can help us save on the annual continual cost of labor. So I pick their brains at IAS, almost using them as personal consultants.” In addition, LaClair works with Jack Johnson, VP of Sales for IAS, to find solutions to new compliance issues, including DHS or NSA regulations for radiological waste or HIPAA regulations for medical records.
“There’s always a learning curve in terms of new compliance, and it helps when your integrator stays a step ahead on awareness. They’re already looking at pitfalls and solutions by the time you call them,” LaClair adds.
“Gary has a business unit to run,” says Johnson. “Our job is to help him do that. Part of that is having the courage to present new solutions and products and doing research for him to help his bottom-line.”
“End users can look at integrators as a casual relationship, a question of ‘who does it cheapest,’” LaClair remarks. “Those partnerships are doomed. You’re constantly faced with fires to put out. Without a personal partnership with your integrator, you’re just another customer.” This can also lead to cost-creep, he says, as a new integrator’s bid cost doesn’t include the cost of fixing mistakes made on the job or, worse, vulnerabilities swept under the rug to be discovered later during an incident.
“System issues arise; hardware can fail,” says Johnson. “The difference is taking control of these challenges, developing a resolution plan, and going the extra mile to get them addressed. That level of awareness and post-installation support brings additional value to the relationship – accountability and reliability go a long way.”
At Vanguard, Lynch worked to create a “bubble up” system for any concerns or incidents during the installation. Having members of both the integrator and security teams work together “helps us elevate those problems and surge resources to solve them,” says Lynch. “The initial plan was enacted, but there are always going to be problems, dealing with issues of installation, power issues, you name it. We had to make sure that we identified those issues and resolved them through appropriate management oversight as quickly as possible for the benefit of our installation team. We wanted to give our team the ability to communicate problems encountered in a timely manner. We needed to adjust the plan on the fly based upon circumstances which presented themselves as the team moved forward in the operation. We wanted to ensure and empower our team that any issues that arose which could not be quickly resolved at the installation site were brought forward so we could help to resolve them with the integrator and keep the process moving forward together.”
“A lot of times, you don’t have the luxury to have an end user customer who works with you,” says DeStefano. “I think this was the basis of some great collaboration.”
“My success is their success,” says Dunham Hollister, Director of Security and Life Safety for SEI, a financial wealth-management company, of his 25-year partnership with The Protection Bureau. In his most recent access control migration, extended downtime was not acceptable. So, through very careful planning and a long-term installation roadmap, there was a mere 20-minute period of disruption in badge-issuing capabilities. Hollister attributes that to a close, brutally honest partnership.
“You both need to know when expectations are not being met. This is the difference between a ‘supplier’ and an ‘integrator.’ A supplier sets up the technology as it was bid and they leave – your system is probably not seamless, and it’s operationally difficult to maintain. It’s not the same level of product services for the client,” he says. “With a good integrator partner, you share your business model and your risk tolerances in advance, and they’re less of a sales function than a solutions provider… For example, SEI and our integrator had been looking for a video IP system for four or five years before we found the correct technology for our organization.”
“Security partnerships are not static relationships,” says Matthew Ladd of The Protection Bureau. “Your integrator should always be bringing you new options in an educational capacity, not just ‘buy buy buy.’ We want to sell solutions, not just parts, and each organization needs to look at multiple alternatives for their risk solutions.”
“I’ve found that pricing is competitive or even lower through a long-term integrator partner, because they don’t forget features or your enterprise’s specifications, and they help to establish a standard of installation throughout the business,” says Russ Cline, Global Security Director for Westinghouse Electric, headquartered in Cranberry Township, Penn. “We bring Intertech (Westinghouse’s security integrator) to all planning meetings, and they essentially become part of our extended staff.”
Cline worked with Intertech to create a positive perimeter control program to mitigate piggybacking risks, adding 10 revolving doors and eight turnstile lanes to the new world headquarters in 2009.
“By working with one provider for a long period, they’re aware of our protocols, our requirements and our goals. There’s no need for reworking or changing the system after an installation, because they catch errors the first time. This helps our goal of transparent security, and we stay on budget,” Cline adds.
“Our technology and installation must fit into our ongoing security and business model. Remember, successful security people are business people who work in security, not security people who happen to work in a business.” Having an integrator partner who keeps your business goals in mind, not just your security needs, is a mark of a strong, long-lasting, mutually-beneficial partnership, Cline says.
Security in Places of Worship: Balancing Safety With Community
A 76-year-old man is shot while mowing the lawn. An arsonist sets fire to the doors of a building. Four women are robbed at gunpoint.
The common thread in these crimes is that they all occurred at places of worship within the United States. In fact, in 2012 there were 135 deadly force incidents at places of worship, and 75 deaths by homicide, suicide or people killed in action.
While churches, synagogues, temples and mosques are considered places of community and refuge for most, they have also become targets for criminals as well as becoming vulnerable to those they often seek to help — the homeless, drug and alcohol abusers, families in crisis, the mentally ill.
Incidents of violence often beget copycats, and churches are not immune to these types of attacks. Hate crimes may also be aimed at specific religions or denominations and can be played out in everything from graffiti on buildings to more serious events.
A website that chronicles deadly force incidents at faith-based organizations showed that from Jan. 1, 1999 through July 26, 2013, there had been 696 such incidents, 271 of which resulted in a death or deaths. While the trigger behind these events is mostly unknown, the site categorizes 128 incidents (23.4 percent) as robbery related, 90 incidents (16.4 percent) as related to domestic spillover and nearly 15 percent, or 82 actions, to personal conflict. Other known triggers were drug related, gang related, confirmed mental illness and religious bias.
About two-thirds of the events occurred outside of the actual place of worship on the grounds of the establishment, and nearly 60 percent happened in off hours. Single attackers were much more common (nearly 72 percent) than multiple assailants.
Churches also face growing property-related issues such as vandalism and theft. Copper thieves, for example, have beleaguered inner city churches, while newer suburban churches with high-tech — and often high-priced— audio and video equipment make attractive targets as well.
Tackling the issue of security for places of worship comes down to looking at all the areas of vulnerability, ranging from protecting assets such as the building and its contents to offering a safe environment for clergy, parishioners, visitors and outside users of the facility while still providing a feeling of welcome and inclusion. Different denominations may have different concerns, with some finding more threats from outside their religious community, while others may be focused on dealing with locally generated issues.
Often it takes a specific incident at the church or nearby to make those in charge of these places of worship take a closer look at their security and safety plans and systems.
Eric Stanton, Sales and Marketing Manager, and Ron Allen, Director of Technology, from D/A Central, a Security-Net affiliated systems integrator in Oak Creek, Mich., conducted a seminar recently on the topic of places of worship security within the greater Detroit area. At the seminar, church security personnel from Southeast Michigan were invited to participate in real time exercises to take action on several threat scenarios. As the threats escalated in real time, participants had to tell how they would instinctively respond. At the end of the exercise, it was disclosed that these were true events that had happened in local churches and they were able to evaluate their action.
Both Stanton and Allen noted that since the school shooting at Sandy Hook Elementary School in 2013, all organizations that deal with children, including places of worship, are stepping up security related to that group.
Brian Minner, Director of Sales and Business Development for AlphaCorp. Inc., another Security-Net affiliate located in Utah, works closely with the Church of Jesus Christ of Latter-Day Saints. While Mormons use a more centralized model for overseeing security, they also rely on local temples to implement general security measures.
One means to address child safety, according to Stanton and Allen, is to use a computerized church school check in/check out system that not only tracks where the children are within the facility, but also to whom they are returned at the end of the day. That can be of particular importance if there are custody issues. Larger churches may require both the child and the parent or the caregiver to wear tags so leaders can match them up.
In a smaller church that may be less of an issue, because familiarity with the individuals is greater, but having some sort of program in place is necessary, along with classroom safety features such as reverse peep holes so parents can look in.
Churches should have screening in place for workers involved in children’s ministry, says Allen, whether they are paid staff or volunteers. An active shooter plan that teaches people how to shelter in place or exit a building is also important for both children and adults.
Handling money is another issue that churches deal with during or after services, says Stanton. Churches should create policies and procedures concerning the handling of money, and consider having monitors or security personnel involved as funds are moved within the building. In new construction, churches often locate the counting room close to the sanctuary to cut down on the movement of funds.
Parking lots can be potential target areas, especially during services when it is guaranteed people are away from their vehicles. Active surveillance of parking lot cameras can be helpful, as can having patrols. Some large churches with big parking areas use vans to transport people to the building and then continue roving the lot as a visual deterrent.
Getting the local police involved is one way to address the issue of security and seeing where the points of vulnerability may be, says Allen. “Most police departments are really comfortable coming in to see where the issues are within churches,” he says. Police should even be encouraged to videotape the building so they are familiar with it in case of an incident, such as an active shooter.
Of course, modern places of worship do much more than just offer services on the weekend. The number of people who use the building is growing and with that the need to control access. By adding a card access system, says Allen, the facility manager not only sees who is using the building, but it provides a record that can be referred to for planning or other purposes.
In working with clients, Stanton and Allen said remote access is being embraced because it allows facilities managers at places of worship to operate the building from off site, not only controlling security, but in some instances the HVAC system as well.
For smaller churches without a technical person on staff, the integrator can handle remote access. D/A Central provides look in services so they can troubleshoot the system or make adjustments as needed.
Older churches present a unique set of challenges, according to Allen and Stanton. There may be issues with running cable because of the layout of the building or the thickness of the walls. Cameras may seem more noticeable against a historic backdrop, which is why some churches choose to have them painted, says Stanton.
In addition to physical security measures, churches are also taking part in seminars, such as the one D/A Central offered. “It all comes down to training,” says Allen, noting the importance of tabletop exercises on various scenarios such as a robbery during an evening practice in the choir room or a suicide in the parking lot.
Having guidelines that everyone can follow is especially important given the number of volunteers on which churches rely, Minner says. Having people on hand to greet visitors: keeping doors locked unless they are in use and having someone manning them are good general safety and security practices that can be implemented. If outside groups want to use the grounds or building, they should have to go through an approval process and be required for certain types of events to invest in security personnel.
The large-model Mormon church also provides examples of best practices for growing churches or denominations looking to set up a regional, national or even global platform. Remote video can allow churches to view cameras from a central location, and a common access system can let cards be used as people travel to affiliated churches in other cities.
The desired outcome for places of worship is to stay true to their mission, while ensuring a safe environment for congregants and visitors alike.
One Church’s Response to the Security Challenge
At Community Covenant Church in Lenexa, Kan., exterior and parking lot security were key concerns, noted Don Bonnell, Assistant Properties Chairman who has been involved in his church’s security planning since it was built in 2005. Located on 13 acres, the building spans 67,000 square feet with expansive parking lots on all sides.
Working with John Krumme, President of Cam-Dex Security Corp., a security integration firm and member of Security-Net, and their architects, Community Covenant implemented a variety of security measures designed to address the major issues the structure presented.
Cameras were put in so they covered the entrances as well as the parking lots. Before parking lot cameras were in place, Bonnell says, some of the church vehicles were vandalized — tires slashed and catalytic converters stolen. In addition to adding the cameras, he says, they also moved the vehicles, no longer grouping them together, which may have made it easier for the thieves. Cameras are also good insurance against liability issues or false claims such as slip and falls, says Bonnell.
Instead of keys, the building uses an access control system that can also be zoned to restrict movement within the building. For example, says Bonnell, if the youth group comes in for a Friday night sleepover, they can have access to specific rooms, but are kept out of the sanctuary, media and music areas and the school through restricted access.
Bonnell says cameras are monitored by several individuals during the day — the church office staff has monitors so they can provide access to the building and there are also monitors that are used by a pre-school for about 80 children that operates on the church grounds. Cameras cover the playgrounds, classrooms and hallways.
There are also another 200 home-schooled children that use the facility to varying degrees during the week for group classes, says Bonnell.
As the integrator on this project, Krumme says his goal was to implement a plan that focused on the safety of youth and church staff. “All churches are interesting environments in that they cater to those who come looking to fill various needs,” he says. “We wanted to make sure the staff felt comfortable and secure.”
The mere size of the building presented challenges, says Bonnell. “By controlling the points of entry we can keep people from coming in and hiding,” he explained. Access cards are issued to staff and some key committee members. In an effort to prevent too many people from requesting cards, the church charges members $10 per card, with the fee refundable when the card is turned in.
For those without access cards, the doors are programmed to open 15 minutes before a meeting until 15 minutes after the start time, creating a window when people can enter. Fortunately in this age of cell phones, if someone misses the window, they can call another committee member to let them in, says Bonnell.
“One of the main differences with church security vs. corporate security,” says Krumme, “is the number of events.” Community Covenant has up to 150 events scheduled during the week, ranging from regular services and pray groups to wedding rehearsals, funerals and youth activities.
Some are recurring events that can be programmed into the system, while others are scheduled as they occur. Bonnell says the church secretary also has remote access so she can lock or unlock doors on an emergency basis.
Community Covenant uses an access control system, layered with video, intrusion detection and a glass break system that is connected to central station monitoring.
Krumme says that while cameras and access systems are good deterrents, in a church environment it is also important to keep security somewhat inconspicuous. “Our devices are visible, but we try to be as discreet as we can be. We want to give the appearance of an open church,” he says.
Keeping Up with the Technology
In today’s world of advanced technologies, fast-pace deployment and an ever-changing landscape, staying on target is more of a process than a theory. To understand how to step forward, it is important to first understand why, where and when we are changing and what are we trying to solve with the change. The following are steps that can at least give direction on where to start and how to get where we want to be on a logical and productive path.
1. Discovering the requirements and needs.In any business situation there is always a desired outcome. What problem are we trying to solve, or what area are we attempting to increase efficiency? Are we attempting to increase productivity, or possibly reducing loss, or even expanding our footprint in the market? It could be the need to increase the speed of logistics. Whatever the technology that is required, it always starts with identifying the need. Technology is a tool that gives strength and capabilities to a process and in the end must produce more output than input in regards to cost both in resources and manpower. Always remembering who will be utilizing the systems and what components of the organization can take advantage of the technology, as this leads to a greater ROI in the end.
2. Investigate the resources available.In today’s technology-driven world there are myriad resources available and in many diverse formats. From magazines focused on the specific industry technology to online resources to organizations that cater to the industry, there is a plethora of research already in place. It is always most productive to keep an open mind and research multiple forums to determine an overall view of both technology and providers. Historical data is always paramount in researching any product or service as the higher degree of “Leading Edge” technology can equate to a higher percentage of failure.
3. Ranking the products, services and providers.Not all products, services or providers can do all things for all organizations all the time. Each and every component can have areas of expertise and performance and also areas of weakness. It is best to fit the product, service and provider to the needs and requirements that best fit your environment. An objective approach is always best suited for such a task as the best results are realized when the best fit is achieved. Fitting the strengths of the offering to the requirements and needs will lead to more productive results and resulting in the best possible outcome for the investment.
4. Deployment of products and services. Now that the decision has been made on the products services or providers, should we just deploy? Absolutely not. Before a full deployment, it is always the best case to test within the live environment to see how the technology reacts in a real situation. Every business environment is like a fingerprint and has its own ebbs and flows that must be taken into consideration. Pre-deployment testing is vital and can also point out deficiencies and further requirements before an actual full-deployment. Pre-deployment should also be prefaced with an organized plan and testing criteria so that again it is in an objective focused development that leads to a complete and accurate result. Once all requirements are met, actual deployment must always be a systematic deployment over a scaled timeframe and focus. It has been experienced that beginning with the lowest system critical areas and moving towards the more critical areas lends itself to identifying any last-minute changes and requirements before mission critical systems are effective.
5. Future proofing.Once the systems or technologies are in place, this does not mean that it is time to pack up and go on our way. Actually the opposite would be true. Systems must always be monitored and reviewed with a forward-moving attitude and focus. Technology is always moving and fluxing and keeping attention on the resources as described earlier just brings us back around to the beginning of our process. Keeping up with technology should be as regular as reading the newspaper in the morning before going to work.
-By Otto Tomes, National Account Manager, and Thomas Tracz, Application Manager, TycoIS