Protect U

Oct. 27, 2008
Small and large colleges look for upgraded security solutions that won’t break the bank
Untitled Document

Ah, college days. The thought conjures up images of ivy-covered buildings, serene students walking leisurely between classes, and administrators looking down from lofty towers with satisfaction. In reality, the college campus is a much more anxious environment. Today's colleges face increasing challenges, from swelling enrollment and budget cuts to security threats that were unthinkable just a few years ago.

More Students, More Money

Higher-education enrollment has increased over the past several years. This has been particularly true for many small colleges, due to the dramatic rise in university tuition coupled with fewer career opportunities for high-school graduates. Students are flocking to college campuses to learn business and computer skills that will help them compete in a networked society. This means colleges must invest in an ever-changing matrix of terminals, servers and software. Security funding competes with these investments, as well as with building maintenance, fire/life safety, and legislative compliance. All this at a time when security threats are on the rise.

The Threat of Domestic Terrorism

In addition to protecting assets and real estate from theft and vandalism, colleges face a new danger: domestic terrorism. Consider De Anza college's close call in January 2001. Twenty-year-old Al Joseph DeGuzman, a student at the northern California college, was arrested for stockpiling homemade weapons, with which he intended to go on a killing spree at the school. Fortunately, an alert drug store photo clerk saw pictures of his arsenal coming through the processing machine and notified police, likely preventing mayhem on a massive scale.

At the spring 2005 meeting of Research Security Administrators (a California forum of security professionals from commerce, industry and government), speakers argued that domestic terrorism may pose a greater threat than attacks from outside our borders.

Small and large universities are exploring different solutions to protect their facilities, employees and students, without breaking the bank.

The Access Problem in Small Colleges

Smaller colleges depend on traditional locks, keys and stand-alone alarm systems for their physical security. This fragmented approach is difficult to manage and costly when keys are lost or stolen. Stand-alone alarm systems connected to several central station vendors add to the complexity and compromise. Today, small colleges recognize the need for more sophisticated and flexible approaches to security.

The campus key system is the first line of defense, and the most vulnerable. Many small colleges have found their key management systems out of control, with many keys unaccounted for. Thomas Keller, consultant and system designer for TEECOM Design Group Inc. in Oakland, CA, said this situation is more than just an inconvenience. “Unreported key losses by temporary or terminated employees are a major problem. College administrators admit that most thefts are the result of entry by key,” he said.

Daily campus activities are time-structured, and mechanical key systems are inflexible. It is impractical to call the security department to unlock a door for a staff member or student on demand.

College security administrators and consultants agree that the first step to upgrading campus security is to install a rigidly enforced key system. This usually means re-keying an entire campus. Instead, many smaller schools have found that computer-managed stand-alone locks give them the flexibility of networked access control without the cost of installing the cable and hardware necessary for a networked system.

Intelligence with a Lower Price Tag

Intelligent locks first appeared in the hotel industry to increase security while reducing re-keying costs. These locks electronically prevented guests from using their key or card to gain access to a room after a new guest had checked in, and they maintained a record of access events. Equipped with a broad menu of access control functions and battery operated locking hardware, these locks quickly found applications on college campuses.

Intelligent locks allow security administrators to program access levels, manage auto-unlock functions, and retrieve event information on demand. Staff, students and vendors receive credentials (cards or tokens) instead of keys. Should a credential become lost or stolen, its access privilege is easily voided from the locks without re-keying. Equipped with a hand-held PDA linked to a desktop computer, a technician can change lock programming in a fraction of the time required to re-key. The programming data cannot be manipulated within the PDA, so no one without security clearance can reprogram the locks.

The recombinating feature of hotel lock technology has also found a home on the college campus. In recombinating systems, stand-alone locks are given an address and time/date information during setup. The college gives students and staff credentials containing ID and access level information. If a card is lost or stolen, the college replaces the card with one containing new access information. When the user presents the new card, the lock voids the lost or stolen credential and validates the new one. The locks contain an event buffer that security personnel can interrogate to document time and date and ID stamped events.

These products were primarily designed for campuses with residence halls, but they have found application in many other areas. For example, the security staff can give a student a credential to unlock an audio-visual storage room to retrieve equipment. The credential code data can restrict the times the lock will grant access and void the credential after the expiration date or after first use. Because they use multiple data tracks for ID and access coding, the cards can integrate with other campus databases and “one card” systems.

Administrative Issues

It first appeared that the stand-alone smart lock solution was the universal application for cost-effective electronic security. However, college administrators found that a large population of computer-managed stand-alone access controls poses an administrative problem. With the constant turnover of students and changes in classroom schedules, locks that could previously have gone unmodified for years now require frequent reprogramming. While reprogramming a lock is far less costly than re-keying it, it does require more visits to the lockset, which in turn requires additional personnel or a greater burden on existing staff.

As a result, college administrators have turned to the security industry for solutions. Security consultants are telling colleges on the threshold of a security upgrade to take a “holistic” approach to security. Keller said, “Many college campuses are in the process of renovating their buildings, which include upgrades to building automation, energy management, telecommunications, and fire/life safety systems. It is logical to include enhancements to security, such as hard-wired access controls at doors, and take advantage of the construction in process (to) design shared infrastructure such as cable trays and telecom closets and save money in the process.”

Big Schools, Shrinking Resources

Small colleges are not alone in their security budget concerns. Many major universities maintain large networked access control systems, but they often find them inflexible. The cost of adding an access control terminal, reader and electric locking hardware can range from $3,000 to $9,000 per door, depending on the location, and many schools can't support that expense.

One popular solution is “credential sharing”—installing stand-alone locks that will read and process campus standard access control credentials. The lock “memorizes” encoding data from the campus card, even if the bit structure and facility code remains confidential. The head of the department at which the lock is installed can manage access locally, but must use the credentials issued by the university.

Another solution gaining popularity is the use of wireless, battery-powered smart locks that communicate with the existing networked access control system. A significant expense in adding access control points to an existing building is pulling cable and wire and installing externally powered locking hardware. Wireless locks integrate physical locking and communication. A receiver and interface module connects to the network.. eliminating the cost of wiring components to the door and associated management costs.

Think of the Whole Enterprise

Colleges with tight budgets and today's security challenges demand that consultants and service providers offer cost-effective solutions. Educational institutions must also view security as a whole instead of a patchwork of components and activities. Keller remarked, “Given these issues, many colleges are justifying the costs of implementing enterprise electronic access systems to mitigate the losses from theft and utilization costs of manpower to maintain mechanical key systems. They recognize other benefits that further reduce manpower costs, such as automating the opening and closing of buildings electronically, thus eliminating the need for a physical person to unlock and lock buildings. Consolidation of alarm systems into a single network-based system of alarm reporting over the access control network resulted in a savings of over $30,000 annually for one of our clients.”

Use the Right People

College and university security professionals should look for installers and service providers who are current with building codes and who will ensure the solution design complies with local codes. A good installer will continuously communicate with affected individuals, explaining what is going on and why, when, and how each group will be affected by the change.

Martin Burkhardt, president of Opening Technologies Inc. of Concord, CA, said, “Success is in managing the details. Today's service provider must go beyond technical expertise and add value by assisting the client in defining business processes, intelligent solutions for the application, and be a single source of accountability for the project. The service provider (installation team) must be technically capable, factory trained, licensed, and meet state Department of Justice requirements.”

Burkhardt continued, “Colleges planning a security upgrade must first have a plan and a budget. It should identify specific objectives, requirements and scope for the new solution as well as understand the relationship with systems in place. Security technologies must work in concert with each other. A well established plan will ensure the execution of a new system within the defined cost objectives. Budgets should consider long-range operational and replacement costs. The cheapest solution is rarely the one with the lowest overall cost.”

Dick Zunkel is a technical editor and frequent contributing writer for ST&D.