Each integrated security system requires constant maintenance. Strangely, this comes as a surprise to many owners who would never think about running their cars for two years without oil changes and fluid and tire pressure checks but nonetheless wait until something breaks in the integrated security system before they call a maintenance technician. These are the same owners who have a scheduled maintenance program for the elevator, building automation system (BAS), roof, windows, and other parts of the building, but make no budget for maintaining the security system.

Integrated security systems should be maintained on a standard schedule. Depending on the size and scope of the system, the maintenance could be bimonthly, monthly, weekly, or even daily. Each component should be checked for its normal working order on at least a weekly basis. However, this does not have to be performed by a contract maintenance technician but, rather, can and should be performed by the security console officer staff.

Weekly system testing requires a console officer and a roving guard or maintenance technician. One walks and tests, and the other confirms the test results. Each access-controlled door, alarm, and output control point should be tested weekly. Access-controlled doors should be tested for operation—not just for the electronics but also for the operation of the door. This can be done easily on a guard tour. The roving tester should carry a clipboard and follow a standard checklist. Any discrepancies in operation should be noted on the clipboard. Alarms, output control points, cameras, and intercoms can all be tested while on the guard tour walk.

Any items that are found to be out of specification can be adjusted or repaired on the next scheduled maintenance visit (usually bimonthly) if it is a noncritical element, or sooner if it is a critical system element. System maintenance must be conducted routinely on the security system hardware and the information technology (IT) infrastructure, servers, workstations, operating systems, and software. This must be under the authority of a knowledgeable individual who:

• Understands the security program and its goals, methods, and tactics.

• Understands the security equipment and their normal operating conditions.

• Can determine if a problem is operational, electronic, or IT related.

• Has good oversight and management skills.

• Has been given responsibility, authority, and budget for maintenance.

Many organizations believe that the security contractors often are not well suited to maintain the entire system because many contractors do not employ adequate IT-trained service technicians. That will change. At the same time, many IT service organizations are discovering that they can install and service IT-based security systems. Some of these organizations are rushing in to fill the void.

IT-based integrated security systems must be maintained by a group that is competent in the maintenance of IT systems. That is often not the installing security contractor, whose competence is limited to the edge devices and software. I often recommend that maintenance of the IT infrastructure, operating systems, and software be placed under the authority of the organization’s IT department.

The decision as to who should be in charge of maintenance is important and must be made on the basis of technical competence and political sensitivity. In the end, it is essential for the organization to understand that the security system helps to provide physical security for the entire organization. To the extent that it is well maintained, it can do that job. To the extent that it is not well maintained, it cannot, and that creates exploitable vulnerabilities in the organization’s security.

Management

Electronics is a tool of the security management program, of cohesive security management, not a segregated program unto itself. The integrated electronic security system is there to assist the security operations force, not to replace it. The data that the system gathers must be acted on by patrol officers, so the two functions should both be managed by the corporate security manager or director, who makes and implements corporate security policies and procedures.

It is not uncommon in the third world to segregate the management of the guard and electronics monitoring functions to two different managers, who may for cultural or political reasons not be inclined to work together. The reason stated for this segregation is so that neither would have total control of the security program and that there would be checks and balances on the overall program. This approach is doomed to fail in a security program. The result is always that there is essentially no communications between the two segregated and essential security programs. In one such case, the guard force was not receiving information from the console operators to direct it to respond to alarms; the operators were simply recording alarms and observing the independent, uncoordinated activities of the guards who were “in the dark” about events that the security console operators knew about. The guards, of course, also did not know that the console officers had a habit of taking naps on the night shift, turning off alarms in order to sleep. Was this critical government facility on which the entire government depended protected by its security force and electronics program? Not at all. This installation, in which the electronics security manager mostly used the available equipment to “tell on” any breaches of protocol by the guard force, served no useful security purpose. It had instead created a hopelessly uninformed guard force with a multi-million-dollar investment in electronics that was of little value to the organization. It is important to integrate the guard and electronics programs to the advantage of the guard force and therefore to the advantage of the organization.

Unmonitored Systems

Unmonitored systems simply provide access control and video recording for use for audits if a suspicious event should occur. This is a very useful application for smaller sites where it does not make economic sense to invest in the high operating cost of full- or part-time system monitoring by a dedicated security guard.

Hybrid Systems

Systems that have a monitoring console at a reception guard post are a hybrid between monitored and unmonitored systems. They are not truly monitored because the guard has other more primary duties and may look at video screens only when time (and boredom) permits. In all types of systems, it is clear that the recording of alarm, access control, and video scenes is an important element of their successful implementation to ensure that evidence of suspicious activity is gathered that can be used to identify offenders and prevent or deter future similar events.

Supervision

It is easy to forget the purpose of something when it becomes routine. I heard about a console guard who was assigned a “most urgent task” for a refinery graveyard shift. Focusing on the task, she was consistently distracted by false alarms in the perimeter detection system. After resetting the false alarms no less than five times without sending a patrol to check them out, she was amazed when a routine patrol stumbled onto a group of student activists with throw-away cameras who had climbed the fence and gotten into the refinery, claiming to be on a photography class project. Right! A photography class with throw-away cameras at night, in a refinery. What a surprise that several of the “students” were not attending any classes and were members of an environmental activist organization.

Good console operation begins with good management. Supervisors should have console officers focus on the task of console management, not other tasks, no matter how urgent the other tasks may seem. The job is to use the security system to detect, assess, and respond.

Skills of the Security Management Team

A committed management team is essential. The organization’s security team should begin at the top and end at the bottom.

• A successful enterprise-class integrated security system design is one that is used and that grows in its coverage of remote sites.

• Successful systems pay for themselves in loss prevention. For example, when a system can provide evidence identifying the perpetrators of damage to the facility or theft of goods or information or provide evidence of who perpetrated an illegal act, that system has shown value.

• Successful systems facilitate a more gracious conduct of business.

• Successful systems facilitate a uniform application of corporate security policy.

• Successful systems catch offenders.

Lessons Learned

At the conclusion of any major design, it is advisable to have an internal session to go over lessons learned. The lessons learned session should recap challenges and solutions, mistakes and corrections, and shortcomings in the design or implementation that one would like to change in the future. A series of recommendations should be put forward to limit or prevent such problems for future projects. Generally, it is advisable to consider putting those recommendations into policy or into the specifications, if they were installation related.

Using the System for Surveillance

When surveillance is indicated, a console and operator should be dedicated for that purpose. It is unwise to mix surveillance with other duties because the event one is looking for will most likely occur while other duties are being conducted. Video can be used to look for suspicious behavior, especially where crimes have occurred previously.

For example, in a public transit environment, success can be achieved using the video system to surveil subway platforms for suspicious behavior. Because most offenders assume that even though cameras exist, they are not being actively watched, they may feel free to surround a passenger and hassle him or her. By using intercoms to intervene when they move in for the assault or robbery, positioning officers nearby to respond quickly to apprehend, and coordinating with operations to ensure that no trains stop while the officer takedown is occurring, successful apprehensions can take place. Properly advertised in the press, these methods can have good results in reducing crimes in subway environments because they put criminals on notice that they will be detected and apprehended while committing crimes on the metro’s property.

Using the Archive Video System to Detect Improper Behavior

Video systems can also be used to identify offenders from their presence in other environments than where an offense took place. Whereas the offender may try to obscure his or her identity while committing a crime in view of a camera (e.g., by wearing a hat or hood while entering and leaving an office area to steal personal effects and laptops), such behavior looks very suspicious while entering or leaving a more public access way to that area, such as clearing past the receptionist or while tailgating through an employee entry with a group of employees. By observing time–date stamps on the video of the subject entering and leaving the area where the crime took place and looking for a suspect who enters with nothing and leaves with a laptop, the security manager can observe clothes and identifying features, then look for that person on other cameras until a good full-face video of that person is found. It is often found to be an employee or a person who is escorted into the area by a receptionist, from whom a positive identification of the offender can be made.