Faced with the decision to stay in-house or used a managed services provider, many large organizations have decided to keep security under their own roof and build their own Security Operations Center (SOC) to correlate events and centralize all security monitoring and functions. There may be unique business requirements that require a dedicated, “proprietary” SOC — such as a casino or very large campus environment — or there may be cost drivers that indicate the need for an in-house SOC.
The adjective “proprietary” is used in the security industry to describe a number of different attributes — some good and some not as much. In this context, it refers to a Security Operations Center (SOC) located at the user’s premises (in contrast to a commercial central alarm station) and usually owned and operated by the user.
Building an in-house SOC presents a myriad of challenges, and many security groups struggle on how to best start. This article outlines the design criteria to be considered in the development of a proprietary security systems monitoring and administration environment. The user could be a landlord or tenant and the SOC could be responsible for multiple tenants or for many locations of a single company.
Location, Location, Location
The monitoring location can either be the pride of the physical security operation, or a space more reminiscent of the Black Hole of Calcutta. Its attributes usually depend on the importance given to security within the organization. A number of years ago, it was argued in a court case that an organization had not given security the prominence that it should since the security operation was located in the building basement. The counter argument is that the SOC needs to remain operational throughout a myriad of threat scenarios and may be best located in a more secure environment, away from traffic.
It should be remembered that efficiency and productivity are related, and that security’s image can be enhanced by a well-designed work environment. In addition, the security department will demand more respect when it projects a positive image, rather than one that lives in a cluttered hole-in-the-wall. The SOC should be housed in a location with a quality of working environment at least as good as other employees are given.
The two most common types of monitoring locations are the “up-front” reception desk in the main lobby and the “back office” dedicated SOC. In some cases, both should be considered: the reception area may be too busy and distracting for effective security system monitoring during regular business hours but a small, off-hours (evenings, weekends, and holidays), security presence may best be located in an entry lobby for high visibility and deterrence. The duplication of monitoring equipment at both locations may not add significantly to the cost of a new systems installation; in fact, the additional cost can be saved very quickly in the reduction of security staffing expenses.
The first target is to obtain sufficient space, especially where real estate is at a premium. For the construction of a new facility, or a major refurbishment, it is necessary to clearly document space needs early in the design process and to “sell” those requirements to the space planners — usually the architect.
What Will Happen in the SOC?
The analysis of space requirements can begin by listing what will be happening in the SOC — what functions need to be performed there and how much space needs to be allocated to each function. Here are a few of the functions that may be included on your list:
- Alarm monitoring and video verification.
- Alarm response and communication with and deployment of security personnel.
- Security communications — phone and intercom with the user population; and two-way with security officers.
- Door and gate operations, including lock/unlock, open/close and video verification.
- Issuing employee credentials.
- Administration of access privileges.
- Visitor management, including pre-approvals, verification, validation and credentialing.
- Investigations, including review of video, alarm and access archives.
- Duplicate stations where heavy security traffic is too much for a single officer.
- Supervision of SOC functions and other officers.
The functions on the list, their volume and time of occurrence lead to a determination of staffing requirements and the number of “stations” required for the SOC. The selection and layout of the equipment required at each station will help to determine station size and the final space requirements with the architect.
Front and Center
If the monitoring post is to be located in the building entry lobby, the primary function of the security officer or concierge will be access control for building occupants and visitors. Even if access control of regular occupants is automated through the use of building credentials, identity verification and host validation of visitors will require much of their effort.
The design of the lobby desk will be dictated by the architect so it is very important to coordinate security’s operational and equipment space requirements. In addition to PCs, screens, phones, and badge printers, operational aspects such as log-in card readers, sign-in logs and ADA access should be considered in the design.
Remember also that there are other functions competing for lobby desk space, such as fire alarm and command stations, elevator displays and controls. Decisions on display screen viewing priorities need to be made before an effective layout can be designed — and each system designer considers their equipment to be the most important!
Behind the Scenes
The design of security monitoring and control functions in a dedicated security operations center (SOC) that is situated away from the hustle and bustle of entry lobby traffic has few of the design constraints evident for lobby desks — assuming sufficient space is allocated to the SOC. Older designs were centered on vertical (or angled) consoles that housed bulky video display equipment. The display function is now implemented using slim, flat screen LED or plasma technology.
Here are some important questions that need to be answered: Does the SOC require multiple workstations? Is there a need to split the monitoring and control workload between two or more stations? If so, should it be split by function (e.g., one station monitors video while another interfaces with parking lot controls and turnstiles), or geographically (e.g., by area, building or floors)? Should the stations have the flexibility to perform all functions so that staffing requirements off-hours can be reduced? Is a supervisory workstation needed? Or, perhaps, one dedicated to investigation (e.g., review of archived video and access/alarm transactions)?
If only one or two workstations are required, multiple video display screens at each station may be more practical; however, if many workstations need to see the same video images, a video wall may be less expensive and operationally preferable. A few dedicated screens at each workstation still make sense for alarm verification video selection and administrating functions.
Each workstation needs to provide sufficient desktop area for reference notes, camera schedules, operating instructions and any other data that that is not normally displayed on a screen. An 18-inch-deep work surface with a pull-out keyboard is useful. Computers and video display servers, as well as network switching hardware and filing cabinets should be housed under the desk.
The workstation should be designed for easy maintenance access (e.g., slide out CPU trays), cable management, and thermal management (dissipation of heat generated by the equipment). Display screens should mount on frames at the front edge of the desk and have the ability to be angled for optimum viewing.
Not to be forgotten is the workstation chair! Since the operator will be spending many hours sitting on this piece of furniture, it should be ergonomically designed for the purpose, adjustable to match the operator’s physique, and comfortable to eliminate distraction.
Infrastructure and Environment
The infrastructure and environmental support factors that have the most impact on the effective operation of the SOC are temperature, humidity, lighting and electrical power.
* Temperature and Humidity: The heating, ventilating and air conditioning (HVAC) systems in many office buildings are designed to operate in the most cost-efficient manner. Often, during non-business hours, they automatically set back to levels that are not intended for human comfort. If the SOC or lobby desk monitoring location is to be staffed around the clock, arrangements should be made to provide environmental support for these spaces, possibly through the use of supplemental HVAC units.
* Lighting: Computer and video glass display screens are very susceptible to reflection from ceiling or wall-mounted lighting units, and this detracts from their optimum use. The location of light units should be carefully chosen with reference to the position and angle of the display screens. Indirect, or reflected, lighting is often the best solution. It is recommended that a lighting engineer be used to prepare, or at least check the design. Many monitoring and control operators prefer to work in a darkened room with little or no ambient lighting. While dimming the surrounding lights can improve focus on the screens, it can also lead to eyestrain, and make more difficult other manual tasks, such as video display selection and keyboard data entry.
* Electrical Power: Since monitoring and control systems rely on power, it is important that its source be reliable and of good quality — thus, without surges or reduction in voltage. Both of these criteria can be met with the use of an Uninterruptable Power System (UPS). The UPS smoothes any ripples in the primary power and can come in two types: a small, stand-alone unit dedicated to the security monitoring and control equipment; or building/area-wide systems that also support critical business functions such as data processing and telecommunications applications. The UPS — particularly the small dedicated type — is not designed to provide support for long periods and it, in turn, should be supported by a building generator circuit if more than 20 minutes of back-up is required. In addition, if only minimal UPS power is available, it should be dedicated for the most critical security monitoring functions.
Ergonomics
Ergonomics is the study of the interaction between people and things. A good example of ergonomic design is the arrangement within an automobile that ensures that the driver can access all of the required controls while maintaining concentration on the road and other traffic. Security workstation layout is very important to the accuracy and effectiveness of the monitoring staff.
Using the earlier list of functions that need to be performed by the monitoring and control staff will greatly help with the layout of the workstation. Use that list to separate which functions require viewing, which require action and what the relative importance is for each function.
Display equipment is designed so that it is not required to be within easy reach once it has been set up and adjusted for brightness and contrast. Display views should be prioritized by importance — primary, secondary or tertiary. Primary viewing is located within a 30° field of view cone; secondary within 60°; and tertiary outside that field of view, as illustrated in figure 1.
Equipment that requires frequent manipulation, such as a keyboard, mouse, PTZ control, audio volume adjustment, and a telephone dial pad, must be reachable without undue strain. Figure 2 shows the typical limits of reach. Items that require the most frequent reach — keyboard and mouse, for example — should be located in the primary area.
If alarm monitoring is the workstation’s priority, the annunciation screen should be centralized in the primary field of view, and the keyboard for alarm acknowledgement and response logging should be within easy reach for typing. All regularly used control switches, such as those for door locks and gate operation, should be reachable without the operator having to bend and stretch. For example, a gooseneck microphone enables the operator to speak in a calm, clear voice without having to lean forward or shout.
If the priority is video surveillance monitoring, any pan, tilt and zoom controls should be close at hand. Camera views for alarm assessment can be relegated to secondary positions.
SOC Layout
Nearly all of the previous tips have been related to individual monitoring and control stations. The overall SOC layout is a function of the number of workstations. In a large SOC, a video wall may provide common display of camera images for all workstations to see. A supervisor’s station is placed behind the others and, if possible, on a raised platform for the best overview of the monitoring and control functions.
There are other functions that may be included in the SOC for situational awareness — secondary fire alarm annunciation, elevator controls, weather status display, and news and traffic reports. SOC design should consider all potential information sources for the optimum operation of the security function.
David G. Aggleton, CPP, CSC, is president of Aggleton & Associates (www.aggleton.com). He is actively engaged in the design of SOCs as a component of security technology solutions to mitigate risk & vulnerability since 1978. He can be reached at [email protected].
