Mitigating the Impact of a Merger

When two companies integrate, it can wreak havoc on electronic security infrastructure

The first step is to provide a universal badge that looks the same and will be recognized as the official new company badge. Common issues when creating a universal badge include: Placement of picture and name on the badge; badge orientation - landscape or portrait; font used; company logo; colors; size; any printing on the back; clearance level; years of service, etc.

The creation of employee ID badges tends to be a very emotional and sensitive issue. Employees at each company involved in the merger tend to have an emotional attachment to the badge they have grown accustomed to and change can be painful and a long political process if not handled properly. Solving and defining this list will provide a badge that looks the same across the company, but it does not address electronic access control.

Standardizing Technology

A somewhat less emotional, but more of a technical challenge is to provide a standard electronic access control technology that must then be incorporated inside the new employee identification badge. However, defining a technology does not, in and of itself, ensure electronic compatibility with the various electronic badge readers that exist throughout the new merged company.

Developing a standardized technology and protocol will have a cost impact on the merged company and cannot typically be accomplished in a short period of time. Just manufacturing a badge that looks the same requires time to develop and distribute. On the technology and protocol side, equipment may need to be replaced, multi-technology badges developed, multi-readers in common areas or other options to transition to the standardized technology and protocol.

The best way to determine impact, schedule and cost is to survey each facility to define the level of effort and time required to implement the chosen technology and protocol.

Defining Functional Goals & Technology Roadmaps

Upper management must define some security philosophies that they want to apply across the new combined company in the form of functional goals. These functional goals should be defined and expanded by a team of stakeholders to make them a real-world solution. The challenge for the security department is to develop a standardized philosophy and minimum standards to meet the functional goals.

Functional goals tend to expand in their implementation, requiring other standards to be defined in order to reach the original functional goal. In the example of a universal employee badge, the obvious unresolved problem becomes defining a universal badge for contractors and visitors. This can be a special badge totally different from employees and it may or may not include a technology. Electronic access control might be limited to employees, while contractors and visitors must be escorted.

Besides using or not using a technology, other issues such as pictures, areas of access, badge layout, etc. must be determined for the contractor and/or visitor badge. The handling of visitors and contractors is now a security standard of the new merged company.

Other functional goals should go through the same development process. The functional goals must clearly express the objective to be achieved in a statement. A team of security stakeholders - typically a member of the security team, technical support personnel and some level of upper management - must then evaluate the functional goal, and a plan can be developed.

This functional goal is often placed on a roadmap that is facility-specific, time-specific and addresses any funding issues. Many times, functional goals for the merged company will require months or even years reaching completion, meaning that milestones are developed and added to the roadmap - providing a way to show progress and provide checkpoints that allow progress to be measured. Without specific dates on the roadmap, the functional goal will often not be realized and the merged company will find itself in "analysis paralysis."

Upper management's "buy-in" at the roadmap level will enhance the probability of reaching the timetable on the roadmap and assist in obtaining the funding to proceed smoothly.