Let’s Talk IoIP

Oct. 27, 2008
Using intercom over IP without upsetting the access control system’s balance

Audio integration with TCP/IP network infrastructures has revolutionized intercoms. Digital signal processors now surpass old sound wave conversion methods, allowing audio and data signals to be transmitted across the network between intercom servers and intercom stations.

Analog master and intercom exchangers can no longer compete with nor provide the level of functionality available through local, regional and global IP connections. In fact, intercom servers and IP infrastructures now make possible the exchange of conversations between subscribers or end users from one remote location to another without regard to distance or master console dependability.

The New Direction

Modular interface cards empower intercom over IP systems with added functionalities, including integration and connection of external systems such as computers, telephones and mobile radios. What is more, digital connection and recording cards provide intercom servers the ability to interface with public address and two-way radio systems. Door and gate control, alarm, video integration, and system management and functionality depend on the type of interface cards implemented with the system.

Fiber optic media integration is now available within IoIP systems without audio or data converters. Even noise and interference are no longer of concern. One can neither ignore nor minimize the significant advancements made by IoIP manufacturers in the last few years.

Seamless, Limitless Scalability

Manufacturers allege that cost-effective installations will allow security users to replace existing central communications equipment hardware with state-of-the-art digital network switching equipment.

In fact, a few years ago, Eli Gorovici—president and CEO of DVTel, a leading provider of IP-based security systems—noted that IoIP technology will not only be fully “compatible with most of the installed base of intercom door stations'' but also will be able to “upgrade to a fully digital infrastructure.”

IoIP promises to provide seamless integration; limitless connections; scalability; system management through high-level, interactive, modular and graphical user interfaces; voice, data, and access control functions; video verification, and many other capabilities controlled and managed through a single IP platform.

According to Bill Vernon of Digital Acoustics, a provider of IP audio communication systems, “Integrating IP intercom and paging into centralized access systems will provide enhanced safety at building and campus access points, enterprise-wide communication of informational and emergency messaging, and operational efficiencies using flexibly managed command centers. Solutions are now boundaryless, not limited to the walls of a single structure.”

Conflicts with Existing Access Control Systems

With such a degree of sophistication and system flexibility, however, one cannot avoid speculating about how much coordination you'll have to perform to maximize these advanced intercom IP functionalities and capabilities without causing an operational conflict with other applications and command center management decisions.

Over the years, security directors and managers have been able to integrate security technology into effective operational programs. Adding a new set of IoIP functionalities and modes of operation, although beneficial, will most likely disturb the balance and effectiveness of these programs. Operational modes and functionality levels incumbent in an access control and alarm management system (ACAMS) could potentially overlap with some functional and administrative modes now offered in IoIP systems. Consider the following.

• IoIP software currently supports not only access control functionalities such as four-digit access codes, door status and alarm monitoring, gate and door control release; but also manages the same security data being supported by the ACAMS.

• Dynamic icons and comprehensive floor plan displays supply operational functionalities that are similar to those available in access control system platforms.

With these newly added functionalities and operational correlations, the obvious question in one's mind is “To what extent should IoIP assume operational control?” Simple automated decisions previously controlled by ACAMS may have to funnel through a series of reasonable questions.

• Should IoIP react to typical system or alarm event conditions?

• Should it initiate site events or security decisions?

• Should it manage and control site access?

• Should IoIP archive and time-stamp access, door, alarm and video events?

• Should its audio be recorded and archived?

• Should it actuate predefined tasks or site-specific conditions?

Operation, Functionality and Coordination

Taking into consideration site-specific operational modes or routines would ensure that existing operational programs adopt and adjust to new IoIP functionalities, thus creating balance and ensuring operational effectiveness. Through effective planning, access control event management functionalities could integrate and implement IoIP modes of operation, eliminating unnecessary performance glitches.

• Common access control and pre-programmed events may require redefinition to existing site-specific requirements, particularly in response to conditions such as forced entry, door held open, duress, invalid entry attempts, intrusion alarms and visitor and delivery services access.

For the most part, forced entry and held open door alarm conditions generate a set of automated system event actions and operator responses, which in most cases are logged and maintained as part of customary audit trail repositories along with video alarm capture to provide evidentiary support.

• Adding IP intercom to the process will require added coordination, especially when IP audio recording is to synchronize with time-stamped access control and alarm event occurrences. Such consideration could be critical during a duress alarm event condition when time stamp, system event synchronization and archiving would demand operational effectiveness.

• Security managers and system administrators may need to define not only length of archiving and rotational time, but also the requirements to support and maintain audio bank repositories to event conditions such as duress alarm, disgruntled employee threats and site intrusions.

Privacy & Compliance

Although IoIP may not have clearly defined privacy protection policies, security directors, managers and professionals may do well in observing and coordinating the necessary legal mandates put forth in the Electronic Communications Privacy Act (ECPA) of 1986, which sets out the provisions for access, use, disclosure, interception and privacy protections of electronic communications.

• Operational and legal requirements may also demand departmental or policy adjustments and, in some cases, the development of new departmental or company standards.

• Human resources and security departments may need to adjust their policies to ensure that proper business ethics comply with existing privacy acts.

Furthermore, the integration of IoIP technology may demand maintenance of historical IoIP audio recordings for the most part for public companies, institutions and or organizations whose business programs may require Sarbanes-Oxley (SOX) Act compliance.

Some organizations are gradually incorporating SOX compliance requirements into their current access control programs particularly in areas such as data centers, server rooms, and IT-communication areas where business vulnerabilities demand that access be restricted to a few vetted personnel.

• Adding IP intercom to any of these locations will require compliance specifically in respect to section 404 of SOX; which requires IP business communications be included in the annual management and independent auditor reports regarding the effectiveness of the company's internal controls.

• Moreover, IoIP integration may demand new security policies to ensure that typical encryption tools used to scramble data sent over the Internet neither scramble IoIP communications nor modify or delete any existing system configuration.

In other words, security system administrators may be compelled to add new forms of data encryption in order to ensure that IoIP functionality, access control, alarm monitoring, and video alarm preset configurations are not at any moment compromised because of IoIP server or database vulnerabilities.

Technology to Watch

The significant progress made by IoIP system manufacturers shows their renewed focus and new business direction. In fact, Bill Vernon, vice president of Digital Acoustics, noted that “A&Es and end users are increasingly requiring that network-based security and building controls systems incorporate IP intercom and paging” solutions.

It will not be surprising to soon see IoIP being recognized as a highly developed technology capable of providing arrays of sophisticated applications, functionalities and integration. In the interim, this great technology will have its growing pains developing and stratifying system enhancements based on circumstances, errors, failures and lessons learned through projects and systems integrations. Time, as well as operator and administrative interaction, will determine what operational channel would prove to be the most effective and efficient means to manage not only security and event responses, but also IP intercom communication. IP intercom solutions will soon constitute an off-the-shelf application available in most ACAMS configurations.

Augusto Garcia is a senior designer for Sako & Associates Inc., a leading security and media technology consulting firm. He is based in the New York City office. He can be reached by phone (212-695-6670) or e-mail ([email protected]).