Final Convergence
- By Steve Fisher
- Oct 01, 2011
Next to “integration,” the term “convergence” has to be one of
the most overused, loosely defined words used in the security
industry over the last five years. When first introduced as the
new buzzword, its definition was fragmentary, leaving some
degree of self-determination. Over time the definitions have
consolidated into what we now understand the term to mean:
the fusion of IT with physical security.
Today, much of the originally buzz-worthy technology is offered
throughout the industry, including through manufactured
products, specialized software products and ultimately a dualskilled
workforce. The subject of this article is what I refer to
as a final chapter, picking up the pieces that may have been left
behind—such as standalone locking products.
Since the late 1990s, tens of thousands of locks with card
readers have been installed as standalone locks. The locks have
basic access control intelligence powered by batteries and updated
through either a handheld device or credentialing updates
carried on the cards.
These locks are often installed as an economical solution to
provide minimal security to a large facility, such as a campus,
and may number in the hundreds or thousands within the same
facility. They offer a limited set of features that lies somewhere
between the capabilities of keys and online systems. The software
for loading and extracting data from the locks has, until
now, been basic, but that has begun to change in the last 10 years.
Since 2000, traditional access control companies have begun to
integrate these lock-interfacing software products into their own
systems, which helps create a better overlap between personnel
databases and card issuance. Even still, user interface to manage
these locks has remained somewhat primitive at best, and this is
where convergence comes to apply to these relatively simple, economical
locks.
As economic pressures continue to suppress capital expenditures,
standalone locks can provide a pretty high bang for the
buck, which often entices users of more-converged access control
systems to incorporate these locks as a critical element of their
overall security planning. In doing so, they all too often face the
challenges of adopting these un-networked locks into their security
regime, which may include identity management, network
privileging, automated access privileging, and any number of
more-advanced features and controls.
Therefore, the solution is to incorporate a more modern operational
interface to upgrade these locking technologies so they
can converge within the common IT infrastructure. Most of the
major lock companies are now offering these locks with future
upgrade options to advance their capabilities into online systems
as budgets and features dictate.
The nature of locks and the manner in which data is pushed
and pulled from the devices obviously present some limitations;
but the controlling software is malleable, and it’s easy to remove
the restrictions and update the capabilities. When most of this
software was developed for the massive installed base of these
locks, the industry had not yet anticipated the benefits of Web
browsers, automation features, access analytics and other features
commonly in use today.
To bring such advanced features and technologies to standalone
locks, data structures, information formatting and the ability
to send alarms on critical informational changes have to be
incorporated into a user interface. Because these products are
inherently off-line, users with these locks periodically travel to
each lock to upload configuration changes and updates as well
as extract access histories and other basic information such as
battery life.
In many large facilities with converged systems, host access
control software manages online portals run in sync with thirdparty
ERP software. So when a person is terminated in the authoritative
ERP system, that information propagates throughout
the access control system to disable access privileges and the IT
system to terminate network privileges. In a traditional integration,
those access privileges would become disabled in the offline
locking software as well, but it wouldn’t become effective until
someone carries it to the door and manually uploads to secure
that portal. It’s important to be aware of exactly which portals
the terminated employ had access to; otherwise, system administrators
would need to run to every door to secure the site from a
potential threat.
Developers crafting new controlling software can highlight
these kinds of informational changes to increase visibility and
provide effective intelligence to mitigate risk. As more-advanced
software develops around this technology and lock manufacturers
continue to provide more options to upgrade these manual
lock networks to IP-based wireless networks, our industry can
continue to deliver a steady array of options to our users in terms
of budget, long-term technology planning and, above all else,
valuable features that are in demand as a result of the efforts to
converge physical security with IT standards.
Therefore, as the convergence buzz goes forward and is ultimately
replaced by another generic buzzword in the world of
cloud computing, RRMs, tablet computing and all the other exciting
new changes, it is useful to understand that opportunities
exist not only in creating new technologies but in bringing older
technologies up to date in a manner and method to disseminate
the values of the newer wave into the realm of the old.
This article originally appeared in the October 2011 issue of Network-Centric Security.
About the Author
Steve Fisher is the president and CEO of Open Options Inc.