SSI Magazine: Security-Net Ensures Access Control for USI Insurance Services

Learn how The Protection Bureau and fellow Security-Net partners are rolling out a seamless access control solution for USI Insurance Services’ 100+ locations.

Sometimes it takes a collective effort, along with a small army of security systems integrators, to ensure that an aggressive plan to unify more than 100 locations and 5,000-plus access control credentials all within a quick timeframe can be executed in a timely fashion. That’s exactly what happened for end user USI Insurance Services when it called upon the Security-Net Inc., an independent network of 18 security systems integrators located throughout the United States, to handle its unified access control needs.

USI Insurance Services specializes in property and casualty insurance, employee benefits and specialty products. Headquartered in Valhalla, N.Y., the company has more than 4,000 experienced professionals who operate out of in excess of 140 nationwide offices. Through the years, USI Insurance has been actively acquiring other insurance businesses, driving home the need for a unified access control platform company wide.

“For a company to be successful, it needs both an organic and acquisition growth strategy,” says USI Vice President and CTO Tim Porreca. “We’ve done north of 200 acquisitions over the past 15 years and we continue to be active in the acquisitions marketspace. However, we also have heavily invested, and continue to invest in tools and resources that help us grow organically. These investments are geared toward creating an environment that facilitates success in the market-place for our people, and enables our clients to achieve — and even exceed — their business goals.”

With continued expansion a part of its culture, USI has to manage its buildings and employees as efficiently as possible — something that becomes increasingly difficult, as with that rapid growth comes more employees, more cards and badges, and more disparate security systems of which to keep track. This is the still unfolding tale of how exceptional results can be achieved in the name of security by combining a well-defined vision, impeccable coordination, flawless execution and immediate follow-up.

Rekindling Decade-Old Relationship

As mentioned, the insurance and consulting firm needed an integrator that could handle its aggressive plan of eventually unifying more than 100 locations and 5,000+ cards, including employees, contractors and maintenance, within a quick time-frame and without missing a beat. It was important the integrator had a national focus so that multiple locations and continued expansion could be handled easily while allowing USI one point of contact for design, installation and troubleshooting.

The impetus for this was when USI acquired TD Insurance Inc., a wholly-owned U.S. subsidiary of TD Bank, N.A.; that acquisition included the South Portland, Maine, office and about a dozen other locations. “They had C•CURE 9000 from Software House running on a PC,” recalls Porreca. “It wasn’t what I would consider enterprise class, but they had the beginnings of some-thing that we could build on.”

Looking for an integration partner, USI approached the integrator that had installed the C•CURE 9000 system in its former TD Bank’s location, but the company didn’t get the answer for which it was looking. “They were unresponsive and very expensive,” says Porreca. “That’s when I thought of The Protection Bureau. The Protection Bureau had put in the security system in USI’s datacenter more than a decade ago. Once I gave them a call, they were able to provide me with one-stop shopping, which was a big timesaver for us and no headaches.”

Founded in 1975 by Keith Ladd, The Protection Bureau is a full-service, soup-to-nuts security systems integrator serving the entire Mid-Atlantic region. The multiple awards-winning firm is a UL-Listed fire alarm installation company and operates its own central monitoring station from its Philadelphia metro-area headquarters. The company was named a Security Sales & Integration Installer of the Year in 2009.

“When we first met with Tim, he showed us a stack of access cards that was probably eight inches thick, and he said, ‘We need to fix this,’” says Matthew Ladd, second-generation president of The Protection Bureau family business and a Security-Net member.

Because of The Protection Bureau’s affiliation with Security-Net, it allowed USI access to a national network of partners to expand and unify its access control across the country, while providing streamlined communication. USI and The Protection Bureau agreed on the design, end results and processes it wanted, and The Protection Bureau tapped into its Security-Net (for more on this organization, see box) partners to execute installation in other cities.

To date, nine integrator partners have coordinated with The Protection Bureau to install and upgrade 50+ sites, with a roadmap in place to eventually support all locations within three years.

“When there is a problem or question, there is one person to call, one number to call. That’s one of the strengths of the organization that we’ve put together with Security-Net,” Ladd says.

Achieving Active Directory Integration

Another deciding factor in USI partnering with The Protection Bureau and Security-Net was their ability to tackle Porreca and his team’s biggest item on its must-have list: integration with Microsoft Active Directory. The company wanted to bring the C•CURE 9000 platform into its datacenter in Philadelphia and have it handle support for all of its locations across the country.

Because the company’s IT team would be handling the access control management, integration with the IT department’s Active Directory database was a nonnegotiable. The team needed to be able to easily manage the additional responsibilities without adding significant time or complications to their existing daily workload.

According to Porreca, with so many locations and cards, USI recognized it would be difficult to maintain all of that information in both the C•CURE and Active Directory networks. The biggest challenge would be that when people changed roles or left, the systems would be out of sync with each other.

The Protection Bureau identified a way to tie C•CURE into Active Directory. “This was no small undertaking,” Ladd explains. “You’ve got 10 projects going on at any one time. That’s 10 site managers, 10 IT connections you have to coordinate with and make sure that everyone involved knows what they are doing beforehand to avoid any roadblocks.”

Thanks to an integration with Active Directory, daily card maintenance, updates to doors, or changes to access rights would automatically be updated in both systems. Since USI must follow HIPAA (Health Insurance Portability and Account-ability Act) and other government regulations because of its client information, an integration that merges IT and security is a huge benefit for the company. It allows IT personnel to keep track of employees who are allowed rights to certain files, data or doors, and update/reassign access rights across the company both remotely and instantly. “There is no hole or gap; it’s a huge timesaver for us,” Porreca says.

Security-Net Partners Execute Plan

Currently, with the aforementioned 50+ sites already online and upgraded, USI and Security-Net have ambitious plans to convert about 40 sites per year, in order to adhere to the timeline of getting the whole company onto a one-card system within three years. With such complicated logistics on so many fronts, having a centralized project manager from The Protection Bureau to co-ordinate the entire undertaking and communicate with Security-Net partners has allowed the proceedings to be seamless, with very little disruption of service to USI employees.

Security-Net member Security Controls Systems (SCS) was the first integrator partner on the job, taking advantage of its Houston base of operations to upgrade USI’s Dallas office. The office location, which encompasses two floors of a major high-rise building, made it to the top of USI’s conversion list because, while there was a functional access control system in place, there were considerable issues managing the 100+ cards in the system.

“Though the access control system was installed, the location was essentially out of service. Personnel couldn’t add or delete cards,” says SCS President Bill Savage. The integrator’s operations manager was closely involved in coordinating the site assessment and specific requirements that The Protection Bureau and USI had discussed.

Weekly meetings between those involved at USI and The Protection Bureau help fine tune the ongoing deployment, and the integrator makes sure that the end user’s point of contact is al-ways the same so that nothing falls through the cracks.

“The fluidity of these installations has so much to do with the amount of planning and communication that happens between us and The Protection Bureau before we ever walk into the location. It minimizes problems and answers many questions that might come up while we’re in the field,” says Henry Olivares, president and CEO of Gilbert, Ariz.-headquartered APL Access & Security Inc. APL’s team, led by David Castro, vice president of sales/operations, completed the second installation for USI at the company’s six-door, El Paso, Texas, location.

The planning before this installation, and every installation, is meticulous, making sure all parties have accurate employee and access lists. Cards are defined, tested and sent out prior to the installation. According to Castro, because of the high level of communication before and during the project, the installation was able to be completed on time within one weekend. This was the case even with an initial hiccup of having to rerun wire to the elevator access control system because the current system had been disabled.

This whole process has been made even easier by the fact that The Protection Bureau’s design for integrating the access control solution with Active Directory works automatically, al-lowing USI’s IT staff to handle all of its current and new responsibilities without adding personnel.

“It takes a lot of foresight and integration at a high, high level to be able to execute a security plan such as this one,” Ladd says. “USI pushed really hard to make sure the solution would integrate with Active Directory and it has paid off.”

“Once you get to the point of adding, deleting and managing thousands of employees in dozens of locations at any point in time, that is a full-time job for any staff to keep track of,” adds Porreca. “And integrating all of this together for our IT staff just makes it an absolute breeze.”

End User Eager to Expand Into Video

With USI’s constant growth through new acquisitions, the integrator partner and access control platform it chose will surely al-low the company to continue managing its security and credentialing on a highly scalable enterprise level. “This is an ongoing effort for us,” Porreca says. “We are always growing. So as we add more locations, we are bringing them onboard to the managed system. We no longer have to rely on someone locally to manage the systems. It’s a lot more flexible for us.”

And, if unifying access across its expansive U.S. footprint isn’t enough, USI has two more items to add to its agenda. The company has plans to centralize its current video surveillance, which includes a few disparate systems at a handful of locations, into one centralized system. “We also want to look into issuing photo ID cards to give all of our employees a visual identifier. A lot of people travel and not everyone is familiar with everyone else, so we want to manage that better,” Porreca says.

With Security-Net and its partners in place, USI is in good hands as it braces for an integrated future. “We’ve only touched the surface,” says Porreca of the possibilities.

Read the original article at Security Sales & Integration.