Cloud-Based Access Control Right Location for Property Managers

| 0 Comments | 0 TrackBacks

Page:   1   2   3   4  Next  »

Brivo Systems Finds Commercial, Multi-Tenant Residential Real Estate Great Space for Hosted Services

As research for a look into best security practices in commercial real estate, Security Squared's Sharon J. Watson had a conversation in late December with John Szczygiel, executive vice president of business development for Brivo Systems, which offers cloud-based (a.k.a. hosted, or Software-as-a-Service) access control and video services. During the last year, the company has announced a number of deployments of its SaaS solutions via systems integrators serving large commercial and residential properties throughout the U.S. and Canada.

We talked about how property managers perceive the value of security, how access control can affect tenant relations, and growth areas in the real estate market. What follows is a transcription of our conversation, edited for clarity and length.

***
Sharon J. Watson: I'd like to chat about security trends in commercial properties and large residential developments and how some of those security trends might be linked to some of the business opportunities and challenges those sectors are facing. What would you say is the big security and or business challenge driving that sector at this point?

John Szczygiel, Brivo Systems
: Any time you think about property management, they look at everything through one lens, which is tenant retention and the ability to attract new tenants. So occupancy is really their primary concern. That's what they're selling, 100% occupied buildings. In the sense of tenant retention, they are definitely interested in making sure their operations are flexible enough to accommodate the needs of their tenants and that they're running smoothly. Because if their tenants are unhappy or feel constrained by the building's system, then they are less likely to renew, are less likely to be happy.

Then, as it relates specifically to having the facilities secure, there are probably two key pieces. One is risk mitigation, the protection of people and property and their own liability. The second goes back to the tenant retention and lease potential: when new prospective tenants are looking at the property, they like to understand how secure the property is and compare it to other properties. The security is pretty important both from a convenience standpoint and from a physical security standpoint for the tenant. That's a big factor in some of their leasing decisions.

SJW: In terms of security issues, are they thinking about video cameras in the parking lot and public areas or is it controlling access to building?

JS: Speaking from a property management perspective?

SJW: Yes.

JS: I think the big issue for property management is access control for the majority of properties. There are many, many properties that have video but the main elements of how [managers] interact with their tenants is going to be the access control system. Tenants feel secure when they're walking in and there's a video system there and someone is watching it, but [management] is not going to get too many calls about the video system not working, right? They're going to get calls if [tenants] can't get in the front door, they are locked out of their suite or the tenant perceives a security vulnerability-- the door that's propped open, the door that's unlocked at a time when the tenant thinks it should be locked.

From a security standpoint, that's first and foremost in the property manager's mind: how is my building getting locked and unlocked, is it happening automatically and reliably, and when it's locked, how can my tenants get in and out and does my system allow them to have security in their suites that is synchronized with the building systems so they aren't carrying multiple cards and things of that nature.

SJW: With that focus on access control, it seems identity management is a natural linkage there. You have to know who the appropriate people are that should be in the building, such as visitors and maintenance, what times they should be in the building.  In this day and age, how are [property managers] thinking about solutions for managing that?

JS: There are a couple different aspects. One is that identity management in commercial office properties might be a bit of an overblown term. For years, property management people have had to keep track of tenants and who are these individuals inside the building. Individual named persons and what access they have -- that's largely the responsibility of some person managing the actual tenant suite. I think property managers are probably a little less concerned with who the individuals are in the classical definition of identity management than they are just in knowing that a certain group of folks are being managed by a person responsible for an individual tenant's lists and it's up to that individual to manage that information. That's in the commercial property management context.

There are situations where property managers want to be able to filter their database, their access control database, or keep it up to date using other applications to insert or extract data such as from HR systems or even, in the multifamily residential market, the leasing systems. In some cases [those] are used to establish that a person has leased a particular apartment or condo and that there's some number of individuals who are authorized to be in that space. Those could be named individuals they have to manage that within the property system.

Some innovative property managers are taking time to synchronize that database so that when tenants are added inside the real estate management system, they are also added automatically to the security system. Or the reverse: they are deleted [in the management system] and in the security system. I don't think that is so much getting into government style identity management because there are lots of privacy issues. It's more to get to the point where they are better managing the quality of the database so when the tenant has left the building and has been gone for two years, they shouldn't have a card that still gets him into the building or into his old suite. There is a general expectation that card has been deleted and retrieved--or if it's not retrieved, that certainly it is no longer valid in the system.

That's a concern of property managers: is my system providing me with the flexibility to be able to check the list on a periodic basis, how do I make it convenient for my tenants, as an example, to manage their own lists of users, is it easy for them to do that because if it's easy for them to do that, then it's more likely the quality of the list will be much better. So those are things that we are supporting on the property management side, being able to give [those list management abilities] not only to property managers but allowing property managers to assign to their tenants the ability to manage their own lists of cardholders.

The [tenants] don't have to install anything; they go to the Brivo website and login with credentials provided to them by the property manager, and they are looking at their list of users and their particular suite and they can make the adjustments to the people as they come and go inside of that individual tenant pool.  The old way of doing it used to be property managers on a quarterly basis would have to circulate a card roster of who still has access to the suite and ask the tenant to go through and mark off whether this person is still there or not there, write in new names, and reassign the cards.

That's one way to do it but that's clearly prone to error. By giving a tenant access to their own portion of the database, first of all the property manager can get the [lists] done more accurately and also it's simple. The property manager doesn't necessarily have to be personally involved in each one of those transactions because they allow the tenants to manage it for themselves.

SJW: Would the tenants most interested in that kind of management ability be the smaller to medium-sized tenant, with the larger ones tending to have their own systems?

JS: It runs the gamut. It depends. The larger tenant, maybe they are a multisite organization, they may have a system that controls the inside of their suite that might be connected to other systems they have around the world. That doesn't necessarily preclude them from also managing a group of cardholders that have access to shared resources. For example, the front door to the building or the garage entry are "shared resources" for the building. It's possible for a tenant within the building to manage access to those reader locations even if they're not [using the Brivo system as their own] card access control system.

Many times credentials can be common. A tenant may program their proximity card for the base building systems and also for their interior suite, which could be a completely different system. But the credential remains common, assuming the base building system and the suite systems are compatible, which is very often the case now. They can do that.  If a person has to carry two credentials because for whatever reason the base building system and the suite system are not compatible, that doesn't preclude the building owner from still allowing the tenant to manage the comings and goings in the database for the common areas from the web-hosted system.

Page:   1   2   3   4  Next  »

Brivo Systems Finds Commercial, Multi-Tenant Residential Real Estate Great Space for Hosted Services

As research for a look into best security practices in commercial real estate, Security Squared's Sharon J. Watson had a conversation in late December with John Szczygiel, executive vice president of business development for Brivo Systems, which offers cloud-based (a.k.a. hosted, or Software-as-a-Service) access control and video services. During the last year, the company has announced a number of deployments of its SaaS solutions via systems integrators serving large commercial and residential properties throughout the U.S. and Canada.

We talked about how property managers perceive the value of security, how access control can affect tenant relations, and growth areas in the real estate market. What follows is a transcription of our conversation, edited for clarity and length.

***
Sharon J. Watson: I'd like to chat about security trends in commercial properties and large residential developments and how some of those security trends might be linked to some of the business opportunities and challenges those sectors are facing. What would you say is the big security and or business challenge driving that sector at this point?

John Szczygiel, Brivo Systems
: Any time you think about property management, they look at everything through one lens, which is tenant retention and the ability to attract new tenants. So occupancy is really their primary concern. That's what they're selling, 100% occupied buildings. In the sense of tenant retention, they are definitely interested in making sure their operations are flexible enough to accommodate the needs of their tenants and that they're running smoothly. Because if their tenants are unhappy or feel constrained by the building's system, then they are less likely to renew, are less likely to be happy.

Then, as it relates specifically to having the facilities secure, there are probably two key pieces. One is risk mitigation, the protection of people and property and their own liability. The second goes back to the tenant retention and lease potential: when new prospective tenants are looking at the property, they like to understand how secure the property is and compare it to other properties. The security is pretty important both from a convenience standpoint and from a physical security standpoint for the tenant. That's a big factor in some of their leasing decisions.

SJW: In terms of security issues, are they thinking about video cameras in the parking lot and public areas or is it controlling access to building?

JS: Speaking from a property management perspective?

SJW: Yes.

JS: I think the big issue for property management is access control for the majority of properties. There are many, many properties that have video but the main elements of how [managers] interact with their tenants is going to be the access control system. Tenants feel secure when they're walking in and there's a video system there and someone is watching it, but [management] is not going to get too many calls about the video system not working, right? They're going to get calls if [tenants] can't get in the front door, they are locked out of their suite or the tenant perceives a security vulnerability-- the door that's propped open, the door that's unlocked at a time when the tenant thinks it should be locked.

From a security standpoint, that's first and foremost in the property manager's mind: how is my building getting locked and unlocked, is it happening automatically and reliably, and when it's locked, how can my tenants get in and out and does my system allow them to have security in their suites that is synchronized with the building systems so they aren't carrying multiple cards and things of that nature.

SJW: With that focus on access control, it seems identity management is a natural linkage there. You have to know who the appropriate people are that should be in the building, such as visitors and maintenance, what times they should be in the building.  In this day and age, how are [property managers] thinking about solutions for managing that?

JS: There are a couple different aspects. One is that identity management in commercial office properties might be a bit of an overblown term. For years, property management people have had to keep track of tenants and who are these individuals inside the building. Individual named persons and what access they have -- that's largely the responsibility of some person managing the actual tenant suite. I think property managers are probably a little less concerned with who the individuals are in the classical definition of identity management than they are just in knowing that a certain group of folks are being managed by a person responsible for an individual tenant's lists and it's up to that individual to manage that information. That's in the commercial property management context.

There are situations where property managers want to be able to filter their database, their access control database, or keep it up to date using other applications to insert or extract data such as from HR systems or even, in the multifamily residential market, the leasing systems. In some cases [those] are used to establish that a person has leased a particular apartment or condo and that there's some number of individuals who are authorized to be in that space. Those could be named individuals they have to manage that within the property system.

Some innovative property managers are taking time to synchronize that database so that when tenants are added inside the real estate management system, they are also added automatically to the security system. Or the reverse: they are deleted [in the management system] and in the security system. I don't think that is so much getting into government style identity management because there are lots of privacy issues. It's more to get to the point where they are better managing the quality of the database so when the tenant has left the building and has been gone for two years, they shouldn't have a card that still gets him into the building or into his old suite. There is a general expectation that card has been deleted and retrieved--or if it's not retrieved, that certainly it is no longer valid in the system.

That's a concern of property managers: is my system providing me with the flexibility to be able to check the list on a periodic basis, how do I make it convenient for my tenants, as an example, to manage their own lists of users, is it easy for them to do that because if it's easy for them to do that, then it's more likely the quality of the list will be much better. So those are things that we are supporting on the property management side, being able to give [those list management abilities] not only to property managers but allowing property managers to assign to their tenants the ability to manage their own lists of cardholders.

The [tenants] don't have to install anything; they go to the Brivo website and login with credentials provided to them by the property manager, and they are looking at their list of users and their particular suite and they can make the adjustments to the people as they come and go inside of that individual tenant pool.  The old way of doing it used to be property managers on a quarterly basis would have to circulate a card roster of who still has access to the suite and ask the tenant to go through and mark off whether this person is still there or not there, write in new names, and reassign the cards.

That's one way to do it but that's clearly prone to error. By giving a tenant access to their own portion of the database, first of all the property manager can get the [lists] done more accurately and also it's simple. The property manager doesn't necessarily have to be personally involved in each one of those transactions because they allow the tenants to manage it for themselves.

SJW: Would the tenants most interested in that kind of management ability be the smaller to medium-sized tenant, with the larger ones tending to have their own systems?

JS: It runs the gamut. It depends. The larger tenant, maybe they are a multisite organization, they may have a system that controls the inside of their suite that might be connected to other systems they have around the world. That doesn't necessarily preclude them from also managing a group of cardholders that have access to shared resources. For example, the front door to the building or the garage entry are "shared resources" for the building. It's possible for a tenant within the building to manage access to those reader locations even if they're not [using the Brivo system as their own] card access control system.

Many times credentials can be common. A tenant may program their proximity card for the base building systems and also for their interior suite, which could be a completely different system. But the credential remains common, assuming the base building system and the suite systems are compatible, which is very often the case now. They can do that.  If a person has to carry two credentials because for whatever reason the base building system and the suite system are not compatible, that doesn't preclude the building owner from still allowing the tenant to manage the comings and goings in the database for the common areas from the web-hosted system.

<!--nextpage-->

SJW: Are you finding property managers can use that kind of ability as a sales point when talking to tenants?  

JS: Absolutely. Just generally having security is important but many times security is delivered to the tenant at the expense of them having control. They always have to go through the property manager to add or a delete card. Sometimes the property managers have to go through a third-party service company to add and delete a card, so you can imagine the lag time in that whole process.  A new person comes in or an executive is visiting, they show up all of a sudden, and they want a card that works....The Brivo way of doing it is to establish a card bank for the tenant but also for the building. Inactive cards can be sitting in a desk somewhere and when a person who is authorized logs on, they can provide access immediately. That's a huge advantage.

If [a tenant] chooses not to have their own card access system but they've been provided those shared door rights by the property manager, they can effectively administer their own access to the building immediately but in a way that's also auditable by the property management. The property manager still has overall visibility about how the building is being used, can monitor cards and cardholders that are activated per tenant, and can even research incidents and other kinds of things that might happen within that facility themselves immediately when they need to do that.

SJW: I have had an integrator suggest to me that property managers can look at that kind of audit data and notice which tenants are in the building most often, when they are there, their power usage, etc., and might even structure rents or other fees for services around that kind of data. Have you seen that carried out that?

JS: I don't know if they charge differential rents, I haven't heard any of that, but certainly they have other kinds of services. Many buildings will have electricity, heat, air-conditioning during scheduled hours and then after those hours, security could be used to activate the HVAC controls. That way then, the property manager can negotiate inside their lease an hourly rate for when the air conditioning or heat is on during those off building hours. There are possibilities on that kind of use.

SJW
: Are you hearing property managers being able to tap the access control system to better monitor special areas of the building, such as a daycare facility or some kind of health club within the building, using a more sophisticated access control system to limit access to those facilities or to ensure that appropriate fees and dues are up to date before a tenant's personnel can get into an area?

JS: I don't know if that's the role of property manager. Typically a number of cards are assigned to a lease and the number of people who can occupy the space is dictated by the terms of a lease. In most cases, it's not all that flexible where a property manager would be able to monitor that on a daily basis...I think property managers certainly [can] use access control systems so if they are having a problem with rent collection, they may be able to restrict access to certain services inside the building.

Of course, that's dictated by state law. In many cases, on the residential side, they can't lock the tenants out of their personal space, their home, they can't deny them access to that if they haven't paid their rents pending an [eviction] procedure that may take several months. But they can deny them access to other kinds of auxiliary services, so if you have a daycare center and swimming pool or laundry facilities or even parking, under certain conditions, the property manager might be able to turn off those access points so tenants behind in their rents would no longer be able to use those types of optional facilities but would still be able to get into their primary living space.

That's certainly a tool that property managers can use, a more sophisticated way of ensuring they're being paid what they're owed and to get the tenant's attention in case they are not.

<!--nextpage-->

SJW: As you talk to your channel partners about the property management market, are you finding that property managers see these capabilities as [addressing] security issues or is this being so melded into the business they are just business issues?

JS: It's important, whatever product or service you're selling, to look at it in the context the customer views it in, so when I go to the property manager, I know they are doing it [for] tenant retention and risk mitigation. It's important for us to be able to talk about what our technology does in those perspectives. Sure, they're concerned about security because it has an impact on the safety and happiness of their tenants and ultimately on how well they can retain those tenants, how their property is perceived in terms of its quality and its ranking and what rents they can drive from that.

I don't know that it is so much focused on security as it is focused on how security supports their overall business objectives, what they're trying to achieve with it, what they're trying to deliver to their clientele--their tenants.

SJW
: Any other thoughts you had come prepared to offer on security practices in the commercial real estate market?

JS: In any kind of property management, whether residential or commercial, there's certainly a big focus on cost and total cost of ownership. One of the things that's quite interesting to many property managers about the Brivo model is that it is Software as a Service. That means there is not the investment in dedicated PCs, software and hardware that need to be maintained and that whole treadmill of the upgrade process that is quite typical with client/server installations. It's structured on a pay-as-you-go scenario, which aligns nicely with their business model. 

When you rent space in an office building or even rent an apartment, you presume you're going to pay for that monthly, Brivo's business model is based on the end-user paying for the services on a monthly basis, and as they add and delete capabilities, that's added or deleted from their bills. So just as the tenant is shrinking the size of their space, we can shrink the size of the security system literally on a monthly basis or grow the security system on a monthly basis.

That's pretty important to a property manager because their buildings are seldom 100 percent full. They need that flexibility to change the size of the security operation to the number of tenants. The ability for multi-tenant control is important. The term "multitenant office building" is analogous to what Brivo does, which is multitenant software: we've designed a software package that can be used by millions of people. All [functions are] hosted centrally, with fault tolerance and disaster recovery facilities, so that everybody shares the cost of a very efficient application as opposed to everyone purchasing their own hardware and software and running their own application at 20 or 30 or 50 percent of its capacity, which is pretty inefficient.

We feel like the business model we have aligns quite well with what property managers are looking for, which is not that complex security implementation, not a huge upfront investment or ongoing management headache, but something that can be easily deployed, is simple to scale up or down and then provides them with a lot of flexibility to deliver different types of services to their tenants.

<!--nextpage-->

SJW: Are you seeing a lot of movement of SaaS systems into master planned communities?  I know you have a systems integrator who had done a project with you out in California upgrading a large residential community.

JS: We definitely have a growing market in homeowner associations, and there are a couple of things that drive that. If you look at just the multi-family residential community in general, when you break it down, you have the apartment properties or condos, and typically there's some kind of a card access system to get in. There's a visitor management system as well because these residential properties have a high number of visitors. We see a lot of call for integration with telephone entry systems that have the capacity to do that. So one of the things we deliver to multi-family property managers is the ability to synchronize the access control database with the telephone entry system.

So again, when they're adding or deleting the tenant from the physical security card readers side of things, that tenant information also can automatically be downloaded to the telephone entry unit on the property so when that tenant has a visitor, that visitor can be processed through by the tenant themselves easily and it makes the whole management of that process one portal as opposed to separate portals managing the access control system and telephone entry separately.

As it relates to gated communities, there's a similar scenario. There are lots of homeowners, lots of visitors. Typically there is one or maybe two gates that are the primary access points. Certainly there are lots of issues maintaining accurate lists of data for those entry points. That's where the concept of having multiple [software] tenants comes in: a homeowners' association could assign these tenants, the homeowners, their own security system access so if you owned the house, you might have a pool of five access cards. To administer the cards, you don't have to install any software, you don't have to have any special training, there's no danger of you going in and deleting the whole homeowners' association system or unlocking of doors to an entire complex because your rights are limited.

Imagine if you had the ability to be able to assign a card to work during certain hours and change those hours or turn access on or off to that card from your PC sitting at home. That's the homeowners' association market on the positive side.

On the downside, each homeowners' association is just a little bit different. They're not really run for the most part by the property management community. In many cases they are run by the homeowners themselves, so there are a lot of challenges there getting consistency from homeowners' associations. The challenge that creates for Brivo is we are needing to build a lot more flexibility into the product because there seems to be a never-ending list of things that they want to do in just slightly different ways, to call something a slightly different name.

It is definitely a market for access control. Certainly the technology is inexpensive enough and it can be readily deployed, it's reliable enough where it can be used without creating a lot of difficulty, particularly with the ability to have a multitenant approach to the management of the card database. That prevents homeowners' associations from having to designate a person as the manager of all of the homes. I don't know who would want to be the person taking all the phone calls saying 'you have to delete Jimmy's card because he lost it,' etc.

SJW: Could that literally get to the point where they could add a reader on my front door?

JS: Sure. There are six or seven major manufacturers making battery-powered locksets for the home and for commercial purposes. Some are activated by PIN codes, there's a number pad built right in, and others have proximity technologies and card access technology built into them. If you've ever been in a hotel and you've used the hotel lock system, it's the same concept. And the door at your home is not really activated that many times a day unless you have teenagers and then maybe it's a different story--

SJW: --then you want to know what time they came home--

JS: Yeah, that is part of that notion. One manufacturer has done a lot of advertising on national TV of that exact model, somebody sitting on a plane gets a message on their Blackberry that says Sally just came in at 3:45 p.m., she must be back from school. Absolutely that technology is here today: it's only a matter of cost and implementation.

What we see in that market over the next two years to five years is an explosion in access control points that will most likely be battery powered and WiFi accessible, somehow wirelessly accessible. In some cases, it will be an individual home and you just program your home reader from your own computer. In other cases, it might be a little bigger network than that and that's a perfect application for Software as a Service, with the heavy lifting done in the cloud and physical devices out at the control points.

***
(If you found useful information in this feature, please take a moment to sign up for our free weekly newsletter so you don't miss any of our convergence coverage.)

No TrackBacks

TrackBack URL: http://www.securitysquared.com/cgi-bin/mt/mt-tb.cgi/159

Leave a comment