Enterprise-level access control systems have been slowly reinventing themselves over the past several years. Once solidly the sphere of the large, proprietary, on-site systems, more security and IT directors had begun exploring what else they could do with access control. From big data, to open platforms that facilitate integration with video surveillance and HR systems, to looking ahead to mobile credentials and cloud, many in charge were somewhere along a continuum of shifting from the old to the new.
Then COVID-19 hit. Immediately, many businesses were shut down, and some large facilities still don’t have the majority of their employees back on-site. While some took advantage of empty buildings and had their security integrators continue or even accelerate projects already in progress, others took a step back to re-evaluate what they really might need from their access control and integrated security systems.
“We see our integrators pivoting from new systems sales to upgrading and servicing their customer base,” says David Uberig, regional sales manager, PACOM Systems, Sarasota, Fla. “This is due in large part to the COVID-19 situation, as service and support revenue becomes more critical to their success. At the same time, we are seeing an uptick in RFI and RFP requests as enterprises evaluate their existing systems and start planning for the post-COVID normal.”
With the rapid pace of some technologies coming to market — particularly on the temperature sensing side — there are some things that security integrators need to keep top of mind — particularly cybersecurity, thorough vetting and the need to set expectations.
“Our entire world is at its most vulnerable right now,” says Gary House of Dem360. “we are rushing so quickly to keep up and be safe, and health and safety have come to the forefront of what we are trying to emphasize. But [it may be at the] expense of letting our guards down and being vulnerable … We are not able to be as diligent in the pace at which we scale our solutions. That will only increase through time because all of this is so bleeding edge … We have a couple of camera and access manufactures we use, but none of them had a solution that catered to what we are trying to do, so we have had to improvise or go to companies that are on the bleeding edge.
“You look at these and all you can do is embrace them. You can’t validate them. There is no history. They’ve only been around for a few weeks, so we are really gambling and hoping they work the way they are intended.”
Even when time is short to implement solutions, experts caution that cybersecurity still needs to be maintained. “It is something that can’t be lost,” says Despina Stamatelos of Genetec. “There is so much technology being introduced so quickly that you wonder, have they done their due diligence to make sure it is cybersecure?”
Chuck O’Leary of Open Options offers this advice to integrators seeking to implement bleeding-edge solutions: “As soon as an integrator puts a thermal device at an entry point to a building there is a risk that the device could get hacked. Don’t loosen up on the cyber security front. Don’t use default passwords. Use encrypted technology … There are many thermal devices available right now and it’s important that they are properly vetted like any other technology being added to the network. Integrators should maintain a strong sense of due diligence, despite the sense of urgency to implement these new technologies.”
House agrees. “We have to consider the policies that are in place and not be so quick to change those for one particular thing. We are so hyper-focused on COVID-19, but there are so many things in the world that are of greater concern and risk. Change, but with diligence, is the key.”
For integrators this has presented both a challenge and a huge opportunity for doing what they do best — being a trusted advisor to the end user and helping them plan for the future. And as the process of reopening has progressed (sometimes in fits and starts), access control systems have really started to prove their worth and show their even greater potential.
“I think access control already does what they are asking, fortunately,” says Chris Randall, director of sales, Americas, AMAG Technology, Hawthorne, Calif. “It is a hard stop. There hasn’t been a significant change in the way they are using it, but they are definitely making some adjustments. Active badging is disabled and there is a need for self-assessments or temperature checks, preventing access prior to entry until you have some sort of [health] validation.”
This marriage of health and security is new. While much has been talked about regarding the use of elevated temperature systems (ESTs) on the video side, many manufacturers and integrators report a sharp rise in interest in integrating these with the existing access system to automate the process of granting or denying access.
“Most enterprise customers … are rethinking how they can use their existing access control system as an extra line of defense when it’s coupled with medical technologies,” says Chuck O’Leary, president, Open Options, Addison, Texas.
In many ways the pandemic has uncovered for end users and integrators alike both the flaws and the possibilities of their existing solutions, says John Szczygiel, executive vice president and chief operating officer, Brivo, Bethesda, Md. “Upgrades and changes are indeed underway with enterprise customers that come in two general forms: needs driven by the pandemic and needs uncovered by the pandemic. The needs driven by the pandemic include implementing features like health screening automation and contact tracing. Needs uncovered by the pandemic include simple remote operation and the ability to shift workloads easily to cloud service providers. This will have long-lasting effects on us in the security industry as fewer companies choose to use their precious IT resources to manage on-premise applications, particularly ones that don’t contribute directly to the bottom line like access control and video.”
Pandemic Impacts
COVID-19 upheaval in the access control space resulted in several consequences for integrators in the enterprise space, including limited access to customer spaces, changes in timelines — some slower and some faster — and the need to sell, maintain and train remotely. Luckily, the supply chain was mostly not an issue on the access control side, according to those SDM spoke to.
For enterprise customers, the biggest impact came as they started thinking about going back to work, with many seeking to incorporate EST systems, contact tracing and no-touch access systems, all while facing an uncertain economic picture. Many sought to figure out how they could use their existing technology without much more cost outlay in the short term.
“A lot of [companies] are under cost constraints,” says Eric Widlitz, vice president of North America Sales, Vanderbilt Industries, Parsippany, N.J. “People are trying to figure out how to get more out of their system or more efficiently use systems.”
Richard Goldsobel, vice president, Continental Access, a division of Napco Security Technologies, Amityville, N.Y., describes the immediate impact his company saw from their integrator partners and enterprise end users: “Most immediately they were looking for lockdown and change in schedules. There was a flurry of activity with some integrators not knowing exactly how to do it. There was a lot of training and teaching for setting up systems that had never been set up to do that.” Now, he says, conversations have moved to contact tracing abilities of access control systems.
Integrator Wayne Smith, president, Tech Systems, Buford, Ga., says the pandemic is driving many decisions about physical security today. “Enterprise clients are utilizing the data from these systems much more in order to make business decisions, whether this is utilization of space, activity level with card readers, video analytics, contagion reports or contact tracing information and more. This pandemic has challenged the way we think about these systems and the important data they collect.”
Before gaining access to a facility, many employees and visitors are now being asked to provide an extra step, sometimes in the form of a daily questionnaire to gauge whether they have had a fever or any symptoms, and/or an EST system at the door.
“Some of the companies are looking at adding a daily questionnaire on the phone and tying that to the access level; answering the questionnaire would enable the credential. Those are the kind of requests we have been getting,” says Ryan Rieger, vice president of National Division for integrator NextGen Security, Exton, Pa.
“Enterprise customers are looking to use their access control systems as a central data source for this extra layer of vetting,” O’Leary says. “There is now a direct correlation between the access control system and the health assessment and compliance with public health guidelines. For example, a badge will not be provisioned for a visitor until they pass the initial health check and are validated as wearing a mask.
“With the onset of COVID-19 and the need to prioritize protecting people’s health inside a building the security industry has changed significantly,” he adds. “Understanding how to combine technologies that usually don’t go together so seamlessly, such as traditional access control and medical technologies, is a real challenge that integrators have to take on.”
Rieger has seen this with his customers. “I wouldn’t say enterprise systems as a whole are changing, but they are changing how they are using it and what they are integrating to it,” Rieger says. “They want some sort of screening for employees or visitors coming back to work, so some sort of automated way to stop access if they have an elevated temperature, for example.”
Another aspect of this challenge facing both enterprise customers and security integrators is the fast pace of change in recommendations, rules and regulations, says Despina Stamatelos, product marketing manager, access control, Genetec, Montreal. “Customers were coming to us or our integrators asking, ‘How can we use our security system to help?’ They needed to know what rules they have to abide by and what new technology has been developed.”
But many suggest caution with these fast-to-market technologies. “Customers think, ‘I’ll just go buy this temperature sensing camera and that will fix my problem,’” says Scott McNulty, senior product manager, EAD, dormakaba, Indianapolis. “The expectation is an easy solution, and that is an issue. A lot of these products aren’t made for security.”
For integrators, one of the biggest changes resulting from the pandemic is the emergence of a third decision maker at the table, Szczygiel says. “For more than 15 years we have been talking about convergence in the physical and IT security domains. With a strong push from COVID-19, this convergence has rapidly evolved into a trivergence, where the physical security and IT decision makers have been joined by a third force.” This force is HR, which is tasked with developing rules for worker safety to avoid corporate liability, he explains. “When faced with the question of how to open the workplace and navigate the human implications, the people in the room are looking to HR for guidance.”
Beyond that, Smith adds, enterprise customers are reevaluating their future use of offices in general. With many working from home, there is speculation that some will not come back to the office when this is over. “There are a lot of conversations and analysis about space planning,” he says. “Many are questioning how much office space they actually need due to remote workforce. At the same time, users who have space are looking at acquiring more so they can create a safer work environment that includes social distance parameters.”
Will COVID-19 Finally Brings Biometrics Mainstream?
Biometrics has been around for many years —but never managed to find a foothold in the mainstream security market. Often considered a niche technology, biometrics has been popular for two-factor authentication in high-security locations, as well as for convenience (often coupled with mobile credentials). But cost, concerns about privacy and an inability to settle on one or two types of biometrics have hindered its adoption by many enterprise locations.
Now, “no touch” options are increasingly popular. While it might be bad news for fingerprint readers, facial recognition, iris scans, “wave” readers and other non-contact biometrics are having a moment. Will it last?
“As technology continues to mature, we will see the emergency of facial recognition as the main access identifier, while dependence on traditional access control verification methods will diminish,” predicts LenelS2’s Ewa Pigna. Ashley Tousignant of Johnson Controls says they are seeing customers replace standard fingerprint readers with non-contact options like the MorphoWave, which reads without touching.
But not everyone is seeing an immediate bump. Bill Hobbs of 3xLOGIC isn’t seeing a big uptick for facial recognition yet. “We do have a facial recognition offering in our line but it has been a bit of a disappointment from an adoption rate standpoint. … People are worried about privacy issues and there has been misinformation in the general public’s mind around that.”
PACOM’s David Uberig agrees that facial recognition may not be the first choice for enterprise customers, despite its convenience. “Enterprises are reevaluating biometric devices and moving away from facial recognition and contact technology such as fingerprint, which are no longer considered safe or effective. Instead, they are adopting technologies such as retina and touchless palm screening. Access control manufacturers have been able to effectively implement third-party products to keep pace with these changes.”
The cost factor may also become less of an issue, says Gary House of Dem360. “I think with this crisis the sheer volume of interest at all levels and the enforcement of social distancing we will see a huge demand and see more companies and solutions. That will drive a lot of the cost down. Five years ago, if you wanted to implement a contactless retinal solution it would have been too expensive for many. Now it has come down to be more affordable and I wouldn’t be surprised to see tax incentives to make it [worthwhile] to consider implementing.”
Future Technology Changes
On the access control technology side, it may be too soon to tell exactly what changes will result from the COVID-19 pandemic, but many experts agree there are indicators pointing in certain directions — particularly when it comes to some of the biggest trends such as mobile credentials, biometrics, open systems and more.
“Even prior to COVID-19 there was interest on the enterprise level for that frictionless environment where you don’t have to touch anything,” AMAG’s Randall says.
The difference is the motivation behind it. Where before there was a trend to more convenience and “open” campuses that allow credentialed people unfettered access, now they want to have more safety checks, O’Leary adds. “Before the pandemic, many customers were working towards having an open office and campus environment, striving for ways to make it seem as if security was non-existent. In today’s world, our customers are essentially building a new safety perimeter … They are also looking at enhanced reporting and ways to identify/notify people if there are physical or health and safety issues. I see a shift away from the open campus. The perimeter has changed for our customers: you don’t get to just walk into a building anymore, even with an employee badge.”
With increased interest in getting more data from access control points, some manufacturers and integrators speculate that more affordable technologies such as wireless readers might get a boost.
“We are seeing customers asking for additional reader points … so they can do contact tracing,” says Bill Hobbs, global vice president of sales, 3xLOGIC Inc., Fishers, Ind. “Mobile credentials lend themselves very well to that because my phone goes with me everywhere and I don’t have to touch anything [else] or have a card.”
Enterprise customers are not known for making quick decisions and this situation is no exception. But now is the time for the conversations to begin, Randall says. “I don’t think COVID-19 is going to drive enterprise end users to make large, wholesale changes in their primary backbone of their access control or video platform. But it is a fabulous opportunity … to build and develop the next great thing … Manufacturers, end users and integrators are being much more aggressive to work together to come up with solutions. Open standards and PLAI (PSIA’s physical logical access interoperability spec) are becoming much more interesting because people are looking for new solutions.”
Cloud is another technology that may get a boost from the pandemic, although some say they aren’t seeing it quite yet.
“There has been a lot more interest and asking about cloud, but really they are just kicking tires,” says Mike Ficco, director of engineering at NextGen Security. “As far as customers pulling the trigger, there are still very few from the enterprise standpoint.”
Others are more optimistic. “Managed and hosted will ramp up,” Hobbs says. “People are really rethinking the whole enterprise server and IT environment they had in the past.” Particularly if they haven’t been able to get into closed buildings to reach the servers, this model is showing its potential downside. “People are beginning to think, if this could happen, what happens when something else bad happens, like an environmental event or attack? They are really starting to understand the value of a serverless or cloud environment.”
Ewa Pigna, chief technology officer, LenelS2, Pittsford, N.Y., suggests security integrators be ready by educating themselves on various cloud and hybrid models, “Be prepared to move past traditional on-premise access control.”
Advice & Opportunities
For security integrators, the changing needs of enterprise customers — both immediate and longer term — mean a chance to review, revise and recommend solutions. One thing that has not changed: integrators always need to listen intently to their customers and the “why” behind what they are asking for.
“Continue to play the role of trusted adviser,” says Marcus Logan, global offering leader, Honeywell Commercial Security, Atlanta. “While the problems we’re trying to solve today may seem similar to before, with the current landscape it may ultimately require a different solution. Integrators need to stay aware and engaged with their customers’ industry — understanding fully the new problems they are facing will be critical to providing solutions.”
This means staying on top of the latest technology more than ever.
“It is important to stay connected and embrace leading-edge technology,” says Ashley Tousignant, senior product manager, Tyco Software House, part of Johnson Controls, Westford, Mass. “Things that were important 12 months ago may never come back to being a primary concern for our customers.”
However, that should be balanced with some caution, says integrator Gary House, CEO and founder, Dem360, Hagerstown, Md. “Technology doesn’t always work. Try to balance and set expectations. It’s not like this technology has been around where we have data to point to and sell to clients. Sensors break or don’t always work the way they are intended. We are kind of in a beta stage right now and that will improve through time as more systems get implemented.”
This is an unprecedented time for everyone and security integrators and enterprise clients are no exception, Hobbs adds. Fortunately, integrators know what it takes to get through this and help their clients.
“Who would have thought the whole world would shut down for six months? These businesses are just trying to figure it out and when they sort it out we have to be able as an industry to react to that. The way to do that is to listen to the conversations they are having now. Things aren’t going to change overnight, but they will change pretty rapidly over the next few years.”