The consultative approach

As a professional security integrator, it’s only a matter of time before you receive the ultimate compliment from one of your customers when they say, ‘we need a new access control system and want you to design and implement it for us.’ Yet, along with that vote of confidence comes a huge dose of responsibility. Here is a comprehensive blueprint for how to move through the process efficiently and ensure that the client gets the best possible system to meet their specific requirements. Putting together a comprehensive access control system is far from a one-person job. To do it correctly requires the input of numerous experts, including:

• Architectural consultants who can assist with developing guideline specifications that establish product standards for your customer and are written to Construction Specification Institute MasterFormat Division 8 and 28 systems specifications.

• Electro-mechanical specialists who can provide product demonstrations of the latest advanced locking solutions, such as those that incorporate WiFi communications or power over Ethernet technologies.

• Vertical market specialists who can assist with your visits to K-12, campus and university, or healthcare accounts. They can conduct site surveys and audits to ensure compliance to building and fire codes and provide an evaluation and report of the mechanical operation of all openings.

• Brand ‘champions’ who are available to choose from familiar names like Corbin Russwin, SARGENT and Yale. They also know the codes from the Builders Hardware Manufacturers Association (BHMA) to ensure the selected hardware is rated for the traffic loads and operational characteristics expected from the owner and occupants.

Listen to your customer

To begin with, find out what the customer expects from the installation. What’s their five year plan? What’s their short-, mid- and long-term vision for their access control system? Is it based on open standards, like 802.11b/g or 802.3af, for the most affordable infrastructure? What type of credentials are they using? How many are issued? What type of format are they using?

Observe your customer

Essentially, you’re trying to find out about the culture at your customer’s location. It can range from an open, accommodating environment to one with strict and limiting access control. Consider convenience versus security and make both part of the plan. The challenge is to create procedures and rules that balance these two disparate goals. During your observation, did you notice the employees holding doors open for each other? If so, how are they able to verify their current employment status? Did they open the door for persons carrying large packages? Did they bother to check their IDs? Did visitors sign in at the reception desk? Were they escorted by staff members? Ask this and more.

Conduct a site survey and security audit

Taking a walk through the customer’s facilities is a prerequisite toward developing a comprehensive access control plan. Here are a few things to look for during your travels:

Mechanical security--If the openings aren’t mechanically secure, any additional funds spent on electronic access control are wasted. Some things to address include looking at the specific keying system they use. Find out if it is a patented, high-security type and ask when they last time they re-cored or re-keyed the locks.

Identify assets and value--Many consider assets to be tangible items that can be sold for quick cash. Assets include anything that someone might want to steal or destroy and range drastically from site to site and customer to customer. The important thing to remember is to put a price tag on the loss of the asset, plus the cost of lost productivity and potential liability that could result from the loss.

Identify the threat--Consider your customer’s surroundings. Have the surroundings changed or do you notice any graffiti or other evidence of gang activity? See if there is an increase in shuttered businesses around the area as the effects of the economic downturn spread. If so, perhaps an increase in perimeter security is in order.

Evaluate the protected premises--This will help you identify the options you have when selecting products for the system. How old is the building? Does it have architectural or historical significance? How thick are the walls? Was asbestos used as an insulating material? If it’s a resounding ‘yes’ to all these questions then it may be difficult and costly to install conventional hardwired access control devices.

For each opening requiring access control, you’ll need the following details to ensure you order the right product for the given application: what’s the handing of the door?; does it swing in or out?; is it left or right handed?; how does the customer expect each door to operate? Ensure that an operational narrative is written for each opening that covers the essential conditions and have the customer sign off on it.

Ensure code compliance

Several agencies have issued numerous codes and standards over the years to enhance life safety, improve privacy and reduce fraud, such as various building codes and standards which need to be factored into your overall access control plan. Note that building codes and standards are interpreted and enforced by the Authority Having Jurisdiction (AHJ), such as the local fire marshal. It’s always a best practice to consult the AHJ when you plan to include new products or solutions in a system design.

Different clients have a variety of security requirements. It’s another best practice to verify these needs with your customer before starting the system design. Some of the considerations that have a direct impact on product selection and system configuration include lockdown capability, real time monitoring and audit trail requirements and the location of high security and classified areas.

Many will argue that this next point should be the first step in the process. However, jumping into the “budget” question upfront will only result in a partial solution that doesn’t fully address the customer’s true business objectives or long-term strategies. To that end, consider the following final details that will allow you to complete your system design, such as:

Aesthetics-- Where is this system being installed? Many high-profile building owners use architectural design to make their facilities stand apart from the rest and this extends to the interior space as well. So, is a black wall reader the right choice? Or will an elegant lock with integrated card reader and designer lever be a better choice?
Disease control The H1N1 flu is an excellent example of how infectious diseases can spread. Fortunately, many locks are available with an anti-microbial finish that permanently suppresses the growth of bacteria.

Turnover-- What kind of turnover does the facility experience? In college residence halls, students seem to change rooms as often as they change their clothes. This would be very difficult to manage with a PDA-programmable offline lock. However, some single-card systems actually program access privileges onto the card, virtually eliminating the need to tour the doors to reprogram them. Of course, online solutions would address this as well.

Applications-- It’s inevitable that a variety of applications will converge into a single system and it’s only a matter of time. That’s why it’s important to select an access control system that will grow with your customer by providing application support for parking access, visitor badging, integrated video and other needs.

System management-- It’s important to determine who, how and where your customer will manage their new access control system. For enterprise-class systems, it might mean multiple departments will manage their own people, while a system administrator will maintain and manage the main, centralized system. This allows for a sharing of the workload for faster response to alarms and better understanding of individual access control privileges.

Budget Ultimately, you need to know your customer’s budget. Long-term planning comes into play so you can develop a prioritization list over several phases to ensure the customer gets the access control system that fully meets their requirements, now and in the future.

Whether large or small deployments, considerations for developing and designing an access control system should be accomplished in a consultative manner and with the key points discussed in this story. When they are done right and within the end-user’s business requirements and the nuances of the environment, they often pay for themselves through a reduction in theft, liability, vandalism and cost of rekeying from personnel turnover. What is most appropriate is selling the client a system that fits their needs and can offer the level of security they are seeking while providing a platform for future growth and expansion.

Lester LaPierre is the director of Business Development, Electronic Access Control for ASSA ABLOY Door Security Solutions, New Haven, Conn.,


Title: System Checklist

- Build a team of experts
- Listen to your customer
- Observe your customer
- Conduct a security audit
- Get the details
- Ensure code compliance
- Validate security requirements
- Determine business requirements