The request for quotation (RFQ) went out for an access control system for a state agency. Like many RFQs, it did not include too much information about the system requirements, making a site visit essential. The agency occupied a portion of the sixth floor of a multi-story office building.
I was surprised to find existing card readers on the three entry doors into the suite. The business manager explained that their purpose was two-fold. First the agency wanted direct control of the doors, the card holders, the schedules, and the activity reports (rather than have the building’s access control system). Second, they wanted to upgrade the system features so that it would require a valid credential to egress the premises as well as to enter.
The client said that the reason for adding this feature was to prevent employees from not working the hours for which they were being paid. Apparently someone discovered that they could get away with it, and now many of the employees were taking advantage of the agency which not only was amounting to employee theft, but also engendering a lack of respect for the employer, and undermining agency professionalism. It is sad that some employees feel it is their mission to find weaknesses in a system and then exploit them. Pretty soon all the employees feel entitled to the same benefits the original miscreant stole for his own personal use. Although most employees may not be motivated enough to find ways to circumvent basic rules, once a way has been identified and successfully circumvented, it gets messy getting the toothpaste back in the tube; valuable employees may need to be disciplined and if such sanctions were to be legally challenged, the operation of the agency might be jeopardized. Of course adding this type of security also enhances the safety of all the employees by discouraging pilferage of personal property.
The client also preferred to continue using the existing credentials that got employees into the building. If that same credential could allow them to also enter this office, it would be a plus.
We had already decided that the project was worth bidding; given the distance from our shop and the job price. Next I needed to determine if we could back into the existing card population. Then I needed to pick an access control system to use. Then I needed to design a solution that would meet the client’s requirements and meet code. Then I needed to win the bid.
We did a little homework and determined the existing credentials were a format we could enroll. Then we selected an access control system suitable for this size of a system, which would be three doors, but six readers. I would use the existing levers and door strikes, and add entry and egress readers and delayed egress maglocks to accomplish the system objectives.
Before submitting my bid, I had clarified some details of how he expected the system to operate, and it was determined that in addition to the egress reader, they also wanted an EMERGENCY button adjacent to each door so they could unlock the door immediately even if the fire alarm was not in alarm.
We won the bid. I do not know how low we were, but although we wanted the job, I priced it to make a profit.
About a week after we received notification that we won the project, the building engineer emailed and advised that the theory of operation failed to mention how the facilities department would be able to gain emergency entry into the space. A couple of emails later we agreed that a keyswitch on the exterior wall adjacent to each door would satisfy their requirements, and the upcharge was within project guidelines so the project would not have to go out for bid all over again. That was a good thing. We would supply housings and the building would supply the IC cores.
The final (?) obstacle was to get a permit for the project since we were using a delayed egress system.
This an open architecture, web-based access control system lets users access, monitor and manage their access control system from any computer running a standard web browser