BUSINESS CASE ACCESS CONTROL - FINAL

Page 1

IT Governance Business Case Perimeter Access Control Standardization

Project Introduction

Project: Access Control Standardization

Major Objective:

To replace the existing access control system with a more robust, integrated and centralized solution

Desired Business Value:

• Increased safety for occupants and assets

• Increased operational efficiency

• Modernized security system

• Improved integration of card access control system

• Increased data security and reliability

Stakeholders:

• General Services

• Technology Solutions

• City of Durham Employees

• City of Durham Residents

Current State

• The City currently uses Paxton Access Control at all facilities with the exception of Water Management which uses Millennium.

• The current setup features at least fifteen access control servers throughout the City at facilities that act completely independent from each other.

• Repairs to the existing system have increased significantly as card access to certain doors and gates is often broken.

Current Pain Points

• Existing system is outdated with no scalability and is unable to upgrade to the constantly changing security industry.

• Existing system is not centralized, and therefore does not have added security, flexibility, expanded accessibility, and built-in backup capabilities.

• Existing system is not flexible enough to handle special security events.

• No ability to run real-time reports and metrics to help management quickly make informed business decisions.

Current Pain Points (continued)

• Existing system is proprietary.

• Existing card reader and badge technology is easily susceptible to cloning with an inexpensive $10 replicator.

• When employees are terminated, and especially at will, the badge will still have access at all other servers allowing an opportunity for disgruntled employees to still gain access.

• Inadequate access control systems has continually lead to security issues at Fleet Management, Solid Waste, and PWOC due to unsecured gates from access control issues.

• Not all doors wire back to a central IT closet and currently most locations have the door controllers unsecured in the drop ceiling above the door.

Future State

Upgrade to an enterprise-level, highly scalable access control solution that will increase safety, provide state of the art capability for access management, and will allow General Services to more efficiently manage, maintain, and track entry.

Future State Benefits

Integration & functionality

• Standardized security system citywide including electronic access control.

• Partitioning and Facility Consolidation.

• Ensures that future work is efficient and coordinated with the city's security operation and technology infrastructure.

• All doors wired back to a centralized IT Closet.

• Increased flexibility and user convenience for operator.

Increased Card Reader and Badge Technology

• Badges cannot be easily cloned.

• Non-proprietary door controllers.

• Increased level of Data Privacy.

API

• Integrating existing systems or a unique third party application into a new access control solution is easy with open API.

Open Architecture Solution

• Future extensive migrations not needed, not proprietary.

Slide
WAN/LAN Browser Browser Card Readers Card Readers Card Readers Card Readers Card Readers S2 Enterprise Controller Mercury Controller Mercury Controller Mercury Controller Mercury Controller Mercury Controller
IT Architecture
S2 ENTERPRISE –PARTITIONED

Access Control Solution Roadmap

Phase 2 – FY 21

Phase 1 – FY 20

City Hall and high risk locations

• City Hall

• Fleet

• Solid Waste Admin/Transfer

• PWOC

• General Services

Remaining City locations

• Fire

• Parks and Recreation

• Water Management

• Transportation

• Radio Communication

• Community Development

• NIS

• Sign and Signal Shop

• New Morgan St. Parking Deck

(Completed in FY19)

• PD (Already installed Card Readers. Only door controllers are needed)

Solution Options & Analysis

11

Options Considered

1. Proceed with the replacement of access control locations at existing facilities listed in phase 1.

12

Description

Option #1:

Proceed with the replacement of access control locations at existing facilities for Phase 1 & 2.

Pros

• Increased overall safety for occupants and assets

• Increased integration and functional capabilities

• Upgraded card reader and badge technologies

• One centralized control server

• Increased reliability

Cons

• There will be some slight disruption with deployment of new card access replacement

• Occupants will have to get a new picture for the ID badge from HR

13

Option 1. Project Financial Estimate

COST ESTIMATES FUNDING Description Year 1 Costs (Hours) Run Costs (Hours)/ KTLO Departmental Funding Amount: $0 Labor $ (Hours) Internal TS: 32 hours 0 hours Funding Requested (Y/N): Y Business Analysis 0 hours 0 hours TS Services 32 hours 24 hours Total Project One Time Costs –Both Phases $545,000 Internal Project Management: 96 hours 0 hours Project Run Cost (External) $0 General Services Department: 75 hours 0 hours *Total Project Funding Requested for Year 1 (Phase 1) $245,000 External: $0 (0 hours) $0 (0 hours) *Total Project Funding Requested for Year 2 (Phase 2) $300,000 Business Analysis $0 (0 hours) $0 (0 hours) All recurring costs from this project will be included in the existing operational budget of G.S. Professional Services $135,000 (0 hours) $0 (0 hours) Non-Labor $ Hardware: $360,000 $0 Software: $50,000 $0 Other: $0 $0 *Total Project Funding Requested (External), includes External Year 1 Run Costs and Non-Labor

Risk Optimization

Risk: Is S2 Access Control currently in production elsewhere?

Risk Mitigation Plan: Complete due diligence with other municipalities and organizations on performance of S2.

References Checked for Vendor:

15
Reference Checks Municipality Contact Person Satisfied with product? Mecklenburg County Chad W. Harris, CPP Security Director Asset and Facility Management Yes Durham County ED MILLER I SECURITY MANAGER Yes Lincoln County Government Lincolnton, NC Dante' G. Patterson Lincoln County Government Chief Information Officer Yes

Summary & Recommendation

16

Options

Analysis Summary

Access Control Operations – Desired Business Value Analysis Criteria

Single server, enterprise-level solution?

Open hardware and integration platform?

Real Time Data Analytics & Reporting?

Software Familiarity?

Scalable to suit fast changing industry? Cost $ $ $ $ $

17
1. New Access System 2. Existing System

Recommendation

Option 1: Proceed with the procurement and implementation of a new enterprise level Access Control System.

18

Our Ask

We are asking to approve the Business Case for a new Enterprise Access Control System

Project Planning

Implementation Overview

Project Timeline

Implementation Overview

• March 2019:

Gain Approval from Steering Committee

Soft launch at Morgan-Rigsbee Parking Garage

• April 2019 (Two Months)

Implement outfit

• June 2019

Develop project manual and bid documents

• July 2019

FY20 funding

• August 2019

Begin implementation of new Card Access Control for Phase 1

• November 2019

Complete Phase 1 of Card Access Control replacement

• July 2020

FY21 funding

• August 2020

Begin implementation of new Card Access Control for Phase 2

November 2020

Complete Phase 2 of Card Access Control replacement

21

Estimated Project Timeline

22

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.