It’s common for large companies with multiple facilities in the US (and overseas) to have a fragmented set of security systems at all those sites. You might have several kinds of video surveillance solutions running at the same time, and access control systems that don’t talk to each other or your HR database.
This technology diversity often happens for understandable reasons: Rapid growth in your core business, corporate acquisitions, or technology decision-making pushed down below the corporate level to the business unit or the individual facility. People might have had differing opinions on what the best video technology was.
Let’s say it is nobody’s fault — but you and a small corporate team might have been recently tasked with the responsibility of corporate security, and challenged to meet the CEO’s expectations for control and compliance.
More specifically, you might be feeling these pains:
- Executives and other coworkers travel to the various sites, and they are frustrated with having to carry several access cards or call a local person to get into the building.
- Safety and compliance have become bigger issues, and you need consistent visibility and control over the movement of people and materials. This happens with new business initiatives, new government regulations, or simply changing corporate priorities.
- Troubleshooting local problems take too much time, because you don’t have remote visibility of the problems, and you’re dealing with different vendors of hardware, software, and onsite service.
- Security staff turnover at local sites creates knowledge gaps. Replacement staff “make do” with their new responsibilities as a collateral duty… until they encounter a new problem or configuration challenge.
- Reporting is based on differing datasets, leading to monthly merging and reformatting.
- You’re using local contractors, who should only get access to portions of your facilities.
- More facilities are planned, and you don’t want to risk making the problem worse.
The way to solve all these pains is to integrate the local hardware (cameras, doors) with a single security software package. With the evolution of enterprise-grade software solutions and the greater role that the cloud is playing in security, this is an easier job in 2023. The effort takes time and money, but the benefits are clear:
- Employees and contractors can use a single card for all facilities, and the access control system’s identity management can tie into your corporate HR database with Active Directory. Cards can be printed (with the employee’s photo) at a single location, which gives you some advantages of scale.
- Two-factor authentication can be standardized and provided with Okta or OpenID.
- Video from all sites can be shown on a single pane of glass, which means you’ll become the single team for quick answers. You can also provide certain functional groups (executives, safety) access to defined subset of cameras.
- By working in a single software package, your corporate security team will be faster at providing answers, troubleshooting problems, and changing access rights on short notice.
- You’ll have fewer software license fees to track and pay.
Centralization Considerations
We’ve managed large technology integration projects of this type, and can share some advice.
The existing hardware at your local sites must be evaluated. Depending on the age of the local system, you might be able to reuse some or all of the cameras, card readers, cabling from technology closets and MDFs, and other devices like turnstiles. In many cases there are workarounds, like converting coax cable to transmit IP traffic and power with a media converter.
Some degree of centralization can be achieved using cloud-based video surveillance systems like EagleEye, OpenEye, and Verkada. The price/performance of this solution has really improved in recent years, and the user interfaces are generally simple. That said, pushing all your video into the cloud can often lead to much higher opex than if you were to keep the video on a central device at each facility.
Moreover, these systems don’t offer particularly powerful integration between video and access control, which is something you will need for time and attendance verification and quicker hardware troubleshooting. If your firm has facilities in Europe, GDPR requirements will affect your system architecture. Access card identities need to be stored on GDPR-compliant servers, and there are often particular restrictions on camera sitting and video retention. Again, enterprise-grade systems (like Genetec, for example) have developed enough to accommodate these restrictions. Your security system integrator should also have experience with US & EU projects.
Budgeting for a centralization effort can be spread across several years. This can have a few advantages, aside from making the capex hit more palatable. Your team can take time to learn the new system as it’s rolled out and determine compliance issues associated with special facilities or sites in non-US jurisdictions.
If you don’t have a few teammates who are dedicated to the security effort — which is most companies! — then an outsourced managed services team can be hired to perform a lot of the software configuration and maintenance. Our managed services group does so for companies with dozens of sites and non-US facilities.
IP-connected devices like cameras and door readers should be treated like any other network peripheral — as a potential cybersecurity vulnerability. So we often recommend a separate network at each site. This makes network traffic management easier to plan and monitor, and it is a good idea anyhow for life safety devices.