By Bob Stockwell · April 17, 2017
This story originally ran in CS’ sister publication Security Sales & Integration.
A merger or acquisition can be a chaotic time. Establishing the right formula to run a successful business or institution — between personnel, facilities, business operations and corporate finances — is quite an achievement on its own, but combining these important elements from two separate organizations into one new company or institution is always challenging.
Because of the disorder that accompanies the reshuffling of a merger or acquisition, businesses are more vulnerable to security risks and must have a plan in place for maintaining their security systems during and after the transition.
Combining two or more entirely separate security systems into a single centrally managed system is a task with the potential for major malfunction. There are some simple steps that can be taken to ensure a smooth transition, as reviewed below.
Security Systems Need Documentation, Updates
At some point during the process of a merger or acquisition, Company A would like to meld the legacy security system from newly acquired Company B into their existing enterprise system. This can potentially create issues and cause an otherwise existing stable platform to become less reliable.
Oftentimes, an older installation of hardware may not have been maintained, serviced or even upgraded as needed. Sometimes, there may not be the necessary documentation to show where custom components are mounted or how they are powered.
Too often, important information, such as cable or network infrastructure limitations — and how these limitations may have affected the system’s custom installation — exists only as tribal knowledge passed verbally between employees, and is often lost in the transfer of a facility from one company to another.
It is highly recommended that every system being acquired and integrated into another enterprise platform is documented and updated before being merged.
Confirm and test (including a power sourcing survey with load testing information) all powered devices and affected components, including IT-related integration hardware access points, to ensure the operational functionality of a system.
Load testing, with strict load balancing, should be conducted on every lock, card reader or any other security device to ensure every single component is fully functional during power outages.
As a chain is only as strong as its weakest link, a single malfunctioning lock or card reader that goes undocumented can easily undermine the stability and integrity of the entire security system.
All software support agreements and recurring licensing requirements that may exist on the legacy platform must be reviewed and confirmed before being merged.
Oftentimes, in the middle of the systems integration process, it is discovered that all port licensing has been used and additional port licenses must be purchased from the system’s security provider to complete the merger of enterprise platform.
In these situations, the system conversion is stopped in its tracks, causing unplanned expenses and the possible delay of system migration. It is worth noting that even in some of the most straightforward security system integrations some hardware or software components from the legacy system will simply not be compatible with the new corporate standard.
In these cases, work solutions may be available through third-party software data conduits that will bridge or convert data from one platform to another.
Software Can Help With Migration Schedule
All intrusion systems’ hardware and software should undergo a hard reset. All previous user and installer codes (including all factory default, service and dealer codes) should be purged from the system, as well as any remote functions that may have been programmed.
This will eliminate the possibility of anyone having access who may have serviced the system in the past. Conversion and consolidation of CCTV systems are also extremely important to maintaining the integrity of a security system through a merger.
Fully engaging IT personnel is critical to moving any network device from one host to another to ensure networks are isolated and no device (or camera) is left behind.
Because global enterprise systems can easily exceed thousands of cardholders, the synchronization of information between platforms is a crucial element for maintaining user access privileges through the transition process of a corporate merger or acquisition.
Third-party active software program links, such as Oracle’s People Soft Human Capital Management Applications, help merging companies to achieve and organize the high level of communication between enterprise access control and HR platforms.
The winning strategy for maintaining a security system throughout a corporate merger starts with documentation and testing of the entire system before being acquired.
From there, bring in the existing and new service providers to create a plan for fully integrating systems, and involve IT from both the existing facility and the new acquiring team to ensure nothing has been “lost in translation.”
Covering these bases will save headaches, and ensure the security of regular business operations without any interruptions.
Bob Stockwell is Chief Technology Officer for Stanley Security.