Roundtable: Retrofitting major security systems

As part of its feature story in the April issue on “Planning a Major Security Systems Retrofit” (April 2009, page 22), Security Technology Executive recently caught up with a few integrators and vendors to delve deeper into the retrofit issue.

The participants were:

  • Brandon Arcement, manager of Global Security Technology for Johnson Controls
  • Jim Hunter, senior director of national accounts for Siemens Building Technologies Inc.’s Security Solutions Business Unit
  • Tom Mechler, product marketing manager for Bosch Security Systems’ Intrusion business unit, which produces control panel, central station and sensor technology
  • Dan Moceri, chairman and chief executive officer for Convergint Technologies, a North American systems integrator 
  • and, Jennifer Toscano, marketing manager for Schlage electronic security solutions at Ingersoll Rand Security Technologies.

Here is a recap of the roundtable discussion:

STE: What is the most important fact to consider when implementing a major retrofit — cost, migration, ROI, ease of installation, level of customization or new technologies?

Moceri: While all of these are important, ultimately the solution needs to meet the customer’s goals and expectations. Depending on the reason for the retrofit, it may be to reduce operating costs for one customer; while another may be more concerned about increasing security to lower potential liabilities. A third may be installing new technology to help them meet compliance requirements. In each case, delivering what is most important to the customer is what counts.
Hunter: When planning a retrofit, it’s important to ask what is the purpose and reason. Your strategy will be driven based on the answer to that question. For example, if you have multiple sites spread across the country, is the purpose of the retrofit to bring each facility to the new security standards? Once your purpose is clear, consider who will be your partner externally. You need a partner who has experience with retrofits, who understands your market or industry, and who knows your goals and objectives.
Arcement: First and foremost, select a consultant or technology contractor with whom you are comfortable and who understands your needs. A credible technology contractor will take the time to evaluate your business and analyze your needs to provide the best security solution. Thorough planning is a vital part of the process. A custom, scalable plan will consider everything from technology integration to ROI. For example, Johnson Controls offers a planning process that we call Security Solutions Navigator. During the structured, interactive session, we work with a company’s representative stakeholders to help quickly assess a company’s priorities and perceptions. These stakeholders include building occupants and others who may not have direct responsibility for security. The navigation sessions provide the security staff and management teams with consensus data that is then used to update the security plan.
Toscano: Don’t forget, when planning the move from the mechanical world to electronic, networked or wireless locking systems, the transition does not have to take place overnight and it does not need to include every opening. Adding electronic solutions to access points as time and budgets allow is a sensible migration plan for any organization, no matter how large or small.
How can you best realize cost savings during a retrofit project and how would you determine the TCO and ROI of the project?
Arcement: When considering a security retrofit, it’s important to quantify the return on investment in four areas: reduction in operating costs, mitigation of risk, improved compliance management within your organization, and in some cases, business revenue that will be generated. Each retrofit project is unique, yet there are some surefire ways to best realize cost savings. One is to design around an open architecture and integration framework so that the systems are flexible for integration as new technologies become available.
Mechler: Estimating TCO involves understanding the initial acquisition cost, the operating requirements, labor for installation and maintenance, and the cost savings or other efficiencies achieved from the project. When savings achieved are in hard dollars, the ROI for a retrofit project is much easier to calculate. For example, retrofitting an existing intrusion alarm system to communicate over IP instead of traditional phone lines enables you to eliminate the dedicated phone lines used for control panel communications to a central monitoring station. This cost can range from $15-$30 per phone line, per month depending on your telecommunications service provider. For an organization with multiple control panels, eliminating the need for these phone lines instantly cuts recurring operating costs.
Toscano: Viewing the secured opening as more than a collection of individual components enables the security manager to expand the usefulness of those components. For instance, biometric credential readers can tie directly to human resource management systems, positively affecting payroll and personnel scheduling. Another example may involve remote wireless access readers used for mustering to accommodate large commercial or corporate campus settings. Such applications improve security, lower the total cost of ownership and increase workforce productivity. From an installation viewpoint, given today’s constraints on time and budgets, wireless access control solutions result in substantial installation savings and significantly reduce the disruption that a facility experiences during retrofit.
Hunter: You can realize cost savings by first taking a look at reusing existing materials; for example, alarm devices or locking hardware. Ask yourself: what are we retrofitting and what can be re-used? Are there pieces of the existing system that you can upgrade and not replace? It’s also important to take into account all aspects of the total cost of ownership, not just the initial cost of the retrofit. Think about how you are going to maintain the system and the types of services you are going to need for that maintenance.
What strategies must you employ to ensure a seamless migration from the old to the new system?
Hunter: This goes back to the first question – do you have a strategy and plan that will dictate how you are going to execute the work? Having a plan will help ensure a seamless migration. Take into account if you will be running the old and new systems simultaneously until the new system is fully operational. Also consider when you will test and, subsequently, commission the new system during or after business hours? This will affect your training and communication strategy. You should also prioritize the risk – determine where it’s acceptable to have downtime and which highly sensitive areas need to be secured at all times. Training your security officers and operations staff is crucial to a seamless migration.
Mechler: If the retrofit is going to involve using your corporate network or existing or new Internet infrastructure, it is important to engage your IT colleagues early on in the planning and design stage of the project to ensure there is no delay during the installation phase when it is time to run network cables or create network drops. The IT team can also identify and help eliminate any potential issues that your firewall may pose with the retrofit.
Moceri: In all cases, it is important to discuss up-front what elements of the system need to be online throughout the transition, what can be taken down for a cut-over period, and what access is available to areas of the facility. A 24-hour facility is obviously more difficult than a facility that is typically occupied during the weekday. All of this comes down to project management and execution. On-site project management is the key to ensuring the right materials are available when needed, that crews work in accessible areas, and that problems that will come up are addressed in a timely fashion.
Arcement: Selecting the right technologies at the front-end of a project can help enable a seamless transition to a new security system. Choose head-end technology that can accommodate both the existing legacy and future edge devices. For example, if you are upgrading an old analog video system, be sure to select a hybrid recording solution that can support this old camera equipment as well as new IP camera and encoder technology. Planning ahead and taking an enterprise-wide approach will help with migration now and in the future.
Typically, what are the most challenging obstacles faced during a major retrofit project?
Mechler: Retrofit projects often include a variety of existing systems that may or may not have the same characteristics. If systems have been installed for a long time, support may not be available or may be difficult to obtain. This can be overcome by choosing a product that is flexible and can interface with multiple types of systems.
Toscano: The growing sophistication and broader spectrum of choices available in electronic access control is leading to greater integration with total building controls and systems. This results in an increase in the economic value of a door opening that goes beyond security concerns. The adoption of electronic access control technology is also redefining the meaning of the term "total opening" in the facility market and beyond. The new retrofit solution must integrate with these needs.
Arcement: The most difficult challenges often stem from unclear or incomplete understanding of a customer’s needs by the technology contractor or consultant. If the scope of the project is not clearly identified up-front, the customer will not get the desired system functionality and business outcomes. Consider these four main areas of security up-front: event management, identity management, building management and compliance management. Event management allows security decision-makers to have full situational awareness of the building; identity management reduces risk by controlling access rights; and building management systems integrated with security systems can further maximize occupant safety, increase productivity, and create operational efficiency. Lastly, adding real-time data from security systems to traditional compliance management software applications enables compliance enforcement, documentation and intervention.
Moceri: There are many potential obstacles with some being lack of drawings or as-builts to fully understand the current installation. Another challenge would be working around the occupants and normal use of the facility. Running into the unknown such as walls that cannot be penetrated or existing conduits that were planning to be re-used are laden with asbestos. Likewise, existing cabling that was planned to be used is not of sufficient size or quality. All of these problems, while challenging, can be minimized with a good initial survey of what currently exists in the facility to identify these obstacles before a project is started.
How should you assemble your retrofit team both internally and outsourced?
Moceri: Working in an existing facility is very different than working a new construction project. In new construction the environment is typically dirty, people are less concerned about making a mess, how they look, and what they say. Retrofit projects typically take place in an existing facility that is occupied and up and running. That means it is a quieter environment, it is clean, the client and their colleagues are present (and maybe their customers). The bottom line is your team needs to be more customer service-focused when working on a retrofit installation. Good communication skills from both your team and any sub-contractors you employ are important.
Hunter: It’s important to determine who your stakeholders are when developing your retrofit team. The bigger the project, the more people it will effect, which means the more people you should involve. If you’re installing a new access control system that will be hosted on the enterprise server, IT should be at the table from the beginning. For your external partners, your dealer or integrator should be involved in the beginning, no matter what the retrofit project encompasses. They can ensure that the technology you have chosen can be integrated into your existing system, for example.
Mechler: In addition to engaging the IT department, you should look for a security dealer or integrator that has employees who are trained on basic networking and understand the language of IT. Your integrator should be able to speak to the IT department in terms of bandwidth and data packets to alleviate any concerns they may have. In the case of intrusion systems, you’ll also want to ensure that the central monitoring station is on board to ensure it is equipped to receive IP control panel communications or are willing to make the small investment required for the appropriate receiver.
How much does the IT department now figure into any major retrofit project?
Toscano: A company's information technology, including its logical security component, must be married harmoniously with its physical security system. Such a platform needs to offer advanced access control, alarm monitoring, intrusion detection, fire alarm, intercom and personal safety/duress systems, credential production, and employee and visitor management functionalities. It also needs to address and enhance security management system capabilities by integrating digital video from multiple manufacturers as well as integration and support for fire, intrusion, personnel and complete facility management.
Moceri: More and more today, IT is involved with major retrofits. There are, however, still two schools of thought in the IT community. Some have invested heavily and have robust networks and are very open to accommodating new devices and applications; others are still of the opinion that if something is not directly related to the business enterprise and supporting revenue generation, the device (including security devices) are not allowed on the network. In both cases, however, IT is still getting involved on major security retrofit projects. Their help has been invaluable as they know their networks and their facilities best. By working closely with the in-house network professionals, you ensure the network not only meets the security system requirements, but also meets IT’s requirements, such as standard switches, servers, cabling, etc.
Mechler: In most organizations, IT owns the corporate network or Internet infrastructure, and they’ll likely want to be included in any decision that involves their systems. In some cases, the IT team will also want to work alongside the security integrator to assign IP addresses and create network drops, while the integrator installs and programs the security hardware. The processes and involvement will vary between organizations, but some engagement with the IT department is becoming increasingly common as more intrusion systems use existing IT infrastructure for IP communications.
Hunter: If the retrofit is going to touch any part of the network, IT figures into the equation; however, if the retrofit deals only with a closed-loop network that Security controls, there might not be a reason to involve IT. The industry is migrating off the closed-loop network, so making the IT department part of the planning and deployment team can be critical.