Practical Tips For Implementing Security Integration
OTHER PARTS OF THIS ARTICLEPt. 1: Detailed, Thoughtful Integration of Security Systems Yields More Secure FacilitiesPt. 2: This Page
Now that the scope of the integration has been identified, including system types, technical requirements, and the budget, the project moves into the most challenging phase, which is implementation. A critical component of this phase is communication to the security team. This is especially important when the integration has a direct impact on existing security procedures that will either be eliminated or modified. In these cases, the integration champion should be communicating the benefits of integration to the employees who will be most affected. This demonstrates to the end-users that a process was in place when the decision was made to integrate and that this will be the norm going forward.
Most organizations require that any project over a certain monetary threshold be competitively bid. Communicating integration requirements to bidding contractors requires the development of performance specifications that provide very clear and specific direction to the contractor about the functionality of the integration. Identification of the specific systems, including model numbers, part numbers, and software versions for existing equipment, should be provided.
The key to success is translating the ideas that were developed during the integration team brainstorming sessions into technical documents focused on those requirements. Even in cases where the building owner decides to sole-source the project, documents should be developed detailing the type of integration required. Never assume that an outside entity understands the integration requirements. This is the biggest mistake made during these types of projects. It is essential to have documentation that tells the bidding contractor specifically what is being requested. That documentation sets the expectations from both parties on what is to be provided and what is to be received. It eliminates any disputes as to the functionality of the final deliverable. Integration means that two subsystems are cooperating to provide a specific functional outcome, and it’s more difficult to determine whether the integrated system is doing what it is supposed to do than it is to answer that question for an out-of-the-box technical component.
Once the contractor has been selected and the project has been kicked off, it is essential to coordinate the work taking place with the end-users. For the project to have credibility, end users must have been given appropriate expectations for the deliverables and must see the project successfully rolled out. The integration champion is responsible for ensuring that the contractor has realistic goals as it relates to timing, functionality, and training. Changes in process are usually heavily scrutinized by employees in any organization. An organized, methodical approach to the execution of the project, with testing and re-testing of the functionality before going live, can establish a level of success and minimize failure in the eyes of those affected.
Once the project has been completed and the integration has been successfully implemented, there is a need for day-to-day management. The integration champion should develop a testing plan that is utilized on a weekly basis. This is especially important when the integration spans multiple departments.
Implementing an automated authentication of the integration during the implementation phase is an excellent way of verifying that the functionality of the integration stays intact. If there isn’t a method of automating the process, then a manual testing plan should be implemented that will identify to the end user that the integration is functioning. In most cases the security department will test the functionality in the same manner they execute back-ups to mission-critical systems. This ensures that the integration is vetted in a consistent and timely manner.
When the integration is between security systems such as access control and video management that are used on a daily basis, it is very obvious when the functionality is no longer working. Additionally, most connections between security systems require some sort of authentication that will notify the end user when it is no longer functioning.
Policies and procedures affected by the integration should be modified to reflect the connection of the systems. End users should receive regular training on the functionality of the integrations.
Because of ever-changing technology, the security system marketplace is constantly moving towards a more open-architecture environment. While this is an advantage and certainly makes integration more technically feasible, the process of integration is still complex. It requires a detailed, organized approach. Documentation and communications are of paramount importance. Technical projects can live and die by the perception of staff. When security integration is successfully implemented, end-users will recognize that the process was thoughtfully planned, and integration will provide a lasting effect on the security of the organization, its employees, and its assets.
Timothy Hicks is a senior security consultant for PlanNet. He has more than 25 years of experience and progressive responsibilities managing large and complex security and low voltage system projects, including assessment, facility planning, design, implementation, and operations.
Email comments and questions to firstname.lastname@example.org.
Practical Tips For Implementing Security Integration