Securing a Campus Environment Through Technology & Assessment

The convergence of security technologies with campus data networks presents significant opportunities, dangers and challenges.


The key-replacement access control configuration found on many campuses provides an alternative to the use of mechanical keys in residence halls and other controlled locations throughout the campus. Key-replacement installations differ from true access control installations in that they do not monitor the status of the door (open or closed) or the status of the lock (engaged or not engaged). In other words, the key replacement system simply unlocks doors and maintains a record of accepted and rejected transactions.

Residence hall doors could be propped or forced open without signaling a central location to this condition. Since access control authorization data is commonly maintained in memory in the data panel, a communication failure was not a significant problem as long as the panel data was current. Upon a communication failure, the worst-case scenario was that an authorized person might not be allowed to enter, or a cardholder who had recently been deleted from the system might be permitted to enter. When communication was re-established, archived transactions could be uploaded to the head-end. However, as a practical matter, this data was seldom reviewed except after a reported incident.

Key replacement systems are relatively inexpensive to install, but many campuses are beginning to realize that they may not provide the level of security required in today's world. A more effective access control configuration includes the use of devices such as magnetic door contacts, request-to-exit switches and latch position sensors to monitor the status of the door and lock. When a door is propped or forced open, an alarm is sent to a central monitoring location within the building or across the campus to alert appropriate staff to the security breach. Absent a centralized monitoring function, most contemporary systems transmit the alarm to a security officer's cell phone, alphanumeric pager, Blackberry or wireless PDA.

Additionally, contemporary access control systems integrate with CCTV systems to provide camera call-up and pre-positioning. Other features include interfaces with HR and student databases, and campus one-card systems for meal, vending machine and retail transactions. In the near future, we will see more use of smart card readers on computer terminals to provide secure logon across multiple computer systems.

Real-time monitoring adds a significant new dimension to the communication architecture required in a security system. For the first time, the reliability, sustainability, survivability and physical security of the institution's data network and network components becomes a significant issue. Unlike campus e-mail, where downtime is usually just an inconvenience, failure of networks carrying security data can result in a significant security lapse. In order to be effective, security systems must provide the required real-time communication either through primary or secondary communications paths. It will not suffice to simply archive alarms and upload them when communication is restored.

Melding IT and Security
Around the country, we are seeing a new model developing for the selection, purchase and installation of campus-wide security technologies. In the past, the primary decision makers involved in this process have included physical facilities, security or campus police departments, business administration, the campus safety coordinator and campus telecommunications. Most frequently, private security integrators would provide and install the equipment.

On many campuses and in other organizations today, we are observing a convergence of physical security and data networks. The key decision maker in network planning and availability is the senior information technologies (IT) or management information systems (MIS) officer. Often this individual is a member of the institution's executive management team and serves as a vice president. Suddenly, physical security technology decisions are being influenced, even directed, by an IT professional. This individual has overall responsibility for

o the management of the network including network security,
o compliance with communication standards,
o network architecture impacting data flow management, including access control, alarm and video,
o development and enforcement of database definitions,
o ensuring that diverse business and security applications use a common data structure,
o balancing the business needs of the institution against competing infrastructure demands,
o predicting future needs,
o allocating bandwidth, and
o disaster recovery and contingency planning.