Banking On Convergence

Integration of physical access control with IT functions begins a major shift at Fifth Third Bank

FIFTH Third Bancorp is a diversified financial services company headquartered in Cincinnati. The company has $104.6 billion in assets and currently operates 19 affiliates with 1,100 full-service banking centers, including 128 Bank Mart® locations open seven days a week inside select grocery stores and 2,000 Jeanie® ATMs in Ohio, Kentucky, Indiana, Michigan, Illinois, Florida, Tennessee, West Virginia and Pennsylvania.

In the past, physical access control systems have typically resided within the security department, segregated from the rest of an organization's IT department. Meanwhile, the IT department has created an entirely different access system for network or logical access.

Today, that is no longer the desired or standard access control environment. Following this physical access control system paradigm shift, communication between the security and IT departments has become more critical than ever. Sharing the same infrastructure between the security and IT departments not only makes fiscal sense, but it makes security sense, as well.

Following this physical access control system paradigm shift, communication between the security and IT departments has become more critical than ever.

"It is our job in physical security to protect the bank," said Mike Neugebauer, manager of safety and security for Fifth Third. "It is IT's job to protect our systems. Our mission has been successful due to the partnership that has formed between our departments. While our roles are different, our objective is the same. By working together, we have been able to accomplish a number of things that simply could not have been done without this partnership."

For instance, Fifth Third Bank has been using GE's Picture Perfect access control and security management system at its headquarters and 42 other locations since the early 1990s. With it, someone can create and support an unlimited number of badge holders and card readers. The system also provides access to features such as database partitioning and occupancy control. Bank officials can delegate facility administration while still maintaining centralized control. Notably, the bank is provided real-time monitoring and audit trails.

Fifth Third Bank also is in the process of integrating the March Networks DVRs and the Picture Perfect system into the GE MASterMind central station package (formerly Monitoring Automation Systems). This will allow employees to monitor and respond to all alarms, whether generated from a standard burglary or fire panel or through the card access system in a single interface. The CCTV integration provides instant access to any associated video information. This integration allows security to quickly e-mail high-quality photos to the proper authorities. This has directly resulted in apprehension in a number of cases.

In addition to being monitored by the central station, the Picture Perfect system is integrated with Fifth Third Bank's e-mail system, so that certain high-security alarms can automatically be sent out to personal computers and to designated cell phones via text messaging. Employees generally receive the alarms within a few seconds of the alarm being tripped. This allows the operators to follow standard dispatch procedures while key individuals are notified automatically.

By centralizing the security operations, security can achieve tighter control and use of personnel at maximum efficiencies, even though facilities are spread throughout nine states.

The system allows security to determine precisely who receives access to designated areas and at what time, and this information can be printed out or e-mailed as a report. As an example, security officials can enter a badge holder's name and determine the time and place that individual entered or exited an area.

What Else Can It Do?

The security management system, along with March Networks' DVRs, have helped solve other problems not directly related to security. For instance, a few complaints were received that there were lines entering a building that had recently opened. The bank was able to create reports showing the number of reader swipes in a given time and pull video clips of the doors at peak times.

This clearly showed that the security portals were working efficiently enough to handle the traffic in and out. The problem was directly related to how employees used the revolving doors. Many employees would stand at the door while looking for their card, or try to enter while carrying bulky items. The bank was then able to educate the end users and eliminate the problem.

How the System Works
For Fifth Third Bank, the security management system not only manages access control, but works in conjunction with CCTV surveillance and fire alarm functions. A redundant server configuration is used, running the Red Hat Linux operating system. The security management system runs on the IT backbone. A hot backup server ensures that if the primary machine goes down, the backup will take over, with no loss of operation. The backup server is located in a separate location in another state.

Ten client workstations are used to run the security management system. Seven are regular workstations designated for system configuration and alarm management. Three workstations are used for creating employee badges, which are presented at card readers to access various areas of the bank. The bank has added several hundred readers since installing its first version of the security management system, and it plans to add more it expands into other states.

The access control and security management system is used in all Fifth Third Bank corporate offices, which are usually located in denser downtown areas. The system controls more than 1,100 doors throughout the bank's nine-state area, some with both inbound and outbound readers.

In order to smoothen the transition to new credentials, the latest installation includes GE's new Transition card readers, which can read most types of access control cards including all popular proximity and smart cards. In fact, the bank is switching from magnetic-stripe to Mifare cards to stay on top of technology. The bank also has biometric readers for high-security areas.

The security management system allows remote management of access control functions, including scheduling what time doors will lock and unlock in other states. The automatic time zone feature is helpful. In the past, officials had to adjust for different time zones manually. Now, they can schedule doors to unlock at 8 a.m., and the system automatically converts to the time zone for that door.

Both CCTV surveillance cameras and fire alarm systems work in conjunction with the Picture Perfect security system. The cameras are always recording, and officials can find out who really used a given door and at what time by going to the camera. The bank can visually identify the people using doors synchronized to the second. If researching an incident, officials can look at a badge activity report and pull the exact time from the March DVR.

New Features Add Flexibility
Fifth Third Bank was the among the first sites to go live with the Picture Perfect 3.0 beta software. With this latest version, officials are now customizing forms for better appearance for the operator and changing the screen so that different tasks are seen in a more efficient way, depending on what the operator is working on.

Using database triggers, the bank can add its own features to customize the system even further. If needed, the triggers can be turned off and on, and will revert to the way that it was before. New scripts don't permanently affect the system and, more importantly, don't affect support agreements with vendors.

When the bank does its badge imaging, capturing photos for IDs, it can now use one security management system for two card access systems. These systems will eventually be integrated so that card management will be handled in Picture Perfect and automatically update the Verex alarm system used for burglary alarm and card access in retail locations.

Bank officials also use the reporting tool often, exporting to Excel or a PDF file. They can now write reports with drop-down boxes, which makes the information easier to find. Reports contain information on everything from who has access to certain areas, to system configuration information.

Automating the regular reports has allowed console operators to focus on more critical tasks rather than the manual tasks of pulling reports. The bank runs approximately 200 automated reports at various intervals, from weekly to monthly or quarterly. Recipients receive the reports as Excel files. In addition to saving operators time, automated reporting ensures that the reports go out on schedule and are never overlooked. This helps the bank maintain a high level of audit compliance.

Security officials also have written scripts that ensure that no employee has duplicate badges and that contractor badges are deactivated after a certain period of inactivity.

Fifth Third Bank's human resources department shares some non-sensitive employee information -- such as name, department and phone numbers -- so personnel changes are automatically imported to the system and terminations automatically deactivate a former employee's badge.

Adding Fire Capabilities

At Fifth Third Bank, officials also can use fire alarm software and fire alarm panels in conjunction with Picture Perfect at many of its facilities. GE's Fireworks software allows officials to quickly look at alarm conditions, find exact locations and produce a history file. It also gives dispositions and a global dispatch. For example, the fire department can be given an exact drawing of where the alarm is. The software reads the EST3 fire alarm panel.

The entire system has been designed to be non-proprietary in that the end user can go to any EST strategic partner. If the user doesn't like the service or otherwise has a problem, he or she can go to another strategic partner.

Already, there has been a return on investment with the extended warranty and the sensitivity of the smoke alarm heads. Companies can recover the cost of the system by not having to manually test smoke alarm heads.

What's more, there was an incident where the motor on an HVAC unit shorted out. The alarm detected it immediately and pinpointed its exact location. The bank quickly determined that it was not a threat to the building, within 10 minutes. When you factor in the cost of emptying out an entire office tower, the cost savings are considerable for a single event.

What It's All About
Without question, physical access control systems on an enterprise level are now described as much in IT terms as they are in access control terms. The openness of these integrated physical security systems lets security officials integrate security solutions with other business application systems, such as personnel and enterprise resource planning.

That's what convergence is all about.

This article originally appeared in the February 2006 issue of Security Products, pgs. 52-56.


  • 12 Commercial Crime Sites to Do Your Research

    12 Commercial Crime Sites to Do Your Research

    Understanding crime statistics in your industry and area is crucial for making important decisions about your security budget. With so much information out there, how can you know which statistics to trust? Read Now

  • Boosting Safety and Efficiency

    Boosting Safety and Efficiency

    In alignment with the state of Mississippi’s mission of “Empowering Mississippi citizens to stay connected and engaged with their government,” Salient's CompleteView VMS is being installed throughout more than 150 state boards, commissions and agencies in order to ensure safety for thousands of constituents who access state services daily. Read Now

  • Live From GSX: Post-Show Review

    Live From GSX: Post-Show Review

    This year’s Live From GSX program was a rousing success! Again, we’d like to thank our partners, and IPVideo, for working with us and letting us broadcast their solutions to the industry. You can follow our Live From GSX 2023 page to keep up with post-show developments and announcements. And if you’re interested in working with us in 2024, please don’t hesitate to ask about our Live From programs for ISC West in March or next year’s GSX. Read Now

    • Industry Events
    • GSX
  • People Say the Funniest Things

    People Say the Funniest Things

    By all accounts, GSX version 2023 was completely successful. Apparently, there were plenty of mix-ups with the airlines and getting aircraft from the East Coast into Big D. I am all ears when I am in a gathering of people. You never know when a nugget of information might flip out. Read Now

    • Industry Events
    • GSX

Featured Cybersecurity


New Products

  • ResponderLink


    Shooter Detection Systems (SDS), an company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation. 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3