By Heidi Schwartz
Published in the July 2002 issue of Today’s Facility Manager magazine
As part of TFM‘s ongoing coverage of The TFM Show, this new column showcases one of 2002′s several informative pre-conference roundtables. It includes questions asked by Moderator Susan Coene, along with those posed by actual attendees at the session. Roundtable experts (listed below) provided answers to all questions.In 2003,
Rob Zivney, Hirsch Electronics
Chuck Fisher, Sec-Pro Services
Holly Sacks, Zebra Technologies
Brenton Scott, HID Corporation
Coene: In the aftermath of 9/11, what has changed with respect to the traditional approach to securing a facility? How should facility professionals address this change?
Fisher: After 9/11, a number of issues were brought to life with regard to the security of individual facilities outside the WTC. The tragedy of the WTC was not something any facility manager could have protected against. However, facility professionals have had to come to grips with a cultural change. There is no longer a traditional approach. As of 9/11, there is no past history; today is day one all over again. But the further we get away from 9/11, the tighter the budgets become. It’s becoming an even greater task now to show justification for the improvements.
Coene: How do customers budget for security upgrades? How can they be sure products will last?
Zivney: More customers now tend to lean toward the “exotic” since 9/11—even when a very practical solution is probably better. And because of all the media attention, people have gotten a lot more involved in trying to solve their needs by making suggestions. Try to make the solution fit the application and get someone to design the right system for your needs.
This is a capital improvement, and most of what goes into the security system is going to be wiring, conduits, and control panels. A computer will be on your corporate network, so it’s particularly important to focus on the hardware. Software becomes obsolete fairly soon, but the hardware might be in there 20 years.
Sacks: As a vendor, product recommendation is part of our job. If you’re not getting that from your access control vendor or security consultant, then keep on shopping.
Peter Rohrer, Southern California Edison, Rosemead, CA: With existing security system upgrades, most cases for us are maintenance and operations dollars. Management is very sensitive on that side of the ledger, so we are experiencing a great deal of “dumbing down” of the personnel, which is actually driving our security selections. What can we do to counteract that?
Sacks: I think the industry overall has actually done a very good job at making access control and security oriented equipment and software easier not only to understand but also to operate. Support services are getting better too.
Zivney: Part of any evaluation should be an examination of what a manufacturer is doing to make it easy to use, including the availability of training. Perhaps the training can be packaged into a maintenance concept to make sure that funding is available.
Coene: How can employees be educated regarding the importance of their badges?
Scott: One thing we’ve seen since 9/11 is the installation of access control where it hadn’t been before. There’s now more focus on “do you really belong here?”
There is a corporate culture issue with respect to challenging people. There is more awareness in a corporate environment, so management has to step up and enforce badge wearing policies if the goal is to check everyone.
One way companies are ensuring badge use is by making them multipurpose devices. The card is needed to get into parking lots, buildings, offices, computers—it can even be used for lunch payment. So employees begin to think, “I must have that card wherever I go.”
Alan Smith, 3M, Murray, UT: I’ve been in security for many years, but it seems we’ve got bigger problems now: chemicals; theft of documents and information; piggybacking through doors; purse snatching; and unauthorized delivery people. Has security kept up? Or are vendors still selling the same old stuff?
Zivney: Many of these problems did indeed exist before 9/11. If anything changed since 9/11, the public became a bit more educated and aware. The most important change is that customers now realize they only have one shot when they put a new system in. And once the new system is in place, rules must be enforced from the beginning. Still, most of the systems out there continue to have many unused capabilities. The best bet is to use the system—just dig in!
Coene: Regarding unused capabilities, what are some of the aspects that are going untapped that could be used to address security issues?
Fisher: Many systems are bought for one application, and the other services simply aren’t used. These systems were designed to expand and eventually become the employee’s pass to the facility—not just an ID—so everyone recognizes the employee as a member of the team. There are many psychological aspects.
Sacks: Expanding these systems and taking advantage of the horsepower that’s already there is justified from a cost-effectiveness standpoint since you’re increasing functionality. For instance, major retailers have been expanding their access control for employees and using it for receiving bays and warehousing areas. So now, vendors and suppliers all have access control cards so they can open up the receiving bays, unload their trucks, and leave an audit trail indicating when they were there and which driver it was. Many times they even use it for information about the shipment itself.
Scott: It’s particularly important for facility professionals to use the history functions in these systems because of the administration capabilities. The end user needs to run reports on who is consistently trying to get into restricted areas where s/he doesn’t belong.
Martin Gilroy, New York State Office of General Services, Albany, NY: There seems to be a conflict on how we should migrate to a new technology. Should we just go to a memory card? Or should we make the big investment and go to a smart card? Contact or contactless readers?
Scott: Customers should take note that there are some problems with contact: readers are only rated for 100,000 reads, and in a lobby, you’ll burn them up pretty fast. Also, you have issues of condensation, humidity, and rain that make it difficult to use contact technology in an outside environment. The 13.56 MHz-type technologies are probably what you’re going to see as the predominant card in the future.
Fisher: One of the concerns I have is the push to make everything more convenient by putting more things onto the card. But if you have too many applications in one place and there’s some kind of attack, you don’t just take out one; you can knock out a number of applications.
Othman Rahman, Petronas Twin Towers, Kuala Lumpur, Malaysia: Since we are a mixed use facility, deliveries are redirected to a secure checkpoint outside the building. For our 10,000 building occupants, the security procedures are also very stringent. But we have no restrictions in our 5,400 space parking lot. What can we do there?
Fisher: It’s all about procedures. You have 5,400 parking spaces and eight access spaces into those parking spaces. The best you can do is minimize your risk at those eight entry points.
Sandra Cheng, The Miriam Hospital, Providence, RI: Since we have an active emergency room, the building must be kept open. Although we have added two security guards, I feel we may be compromising the safety of patients, visitors, and staff working the midnight shift. How do we serve people while keeping them safe?
Fisher: The first thing to consider in a hospital emergency room is the architectural layout of the facility. Because of the emergency access, many hospitals don’t have “holding areas” that act as a stopping point before people actually get into the heart of the building. In these cases, putting a physical barrier at a door is more effective than putting in a security officer. I’m not an advocate of adding more people; nor am I an advocate of adding systems. I simply stress getting down to the root of what is the very minimum thing that you have to protect—the minimum standard—and work out from there the approach or procedure. Then, you have to look at systems with people in mind.