Editor’s Note: Although this article was originally published in CS sister publication Security Sales and Integration and targets the integrators who install access control systems, school, university and hospital security end users should find this information insightful.
We’re seeing things in access control today that no one had envisioned as recently as a few years ago. If you were at ISC West this past April or GSX 2025 a few weeks ago, you saw new access control-related solutions that you likely didn’t even consider a possibility when you went to the 2024 iterations of those shows.
That’s why we continue to ask security systems integrators and those in the trenches what they’re seeing in the field these days and some of the newest ways they’re helping their customers solve their access control-related needs and issues through our annual Access Control Deep Dive.
Although cloud was the big buzzword across the security industry when it comes to access control a year ago, these days we’re hearing more about how access control is coming to the palm of your hands through wallet-based credentials, an emergence that’s likely to grow before the 2026 Deep Dive.
Chuck Robinson, a regional vice president at Cincinnati-based Integrated Protection Services, does fire alarm installation, access control, video surveillance and small IT network deployments from offices in Columbus, Ohio; Lexington, Ky.; and Nashville, Tenn., for regional and national customers.
Much of its work is in the Fortune 500, K-12 schools and data center space along with commercial high-rises and healthcare. About 30% to 40% of its overall work comes in the access control space, says Robinson.
Related Article: How to Protect Campus ID Cards from the Flipper Zero Hacking Threat
Todd Burner is the chief product officer at Houston-based Kastle Systems, which started in the access control space 54 years ago but which has grown into visitor management, video surveillance, remote video guarding and parking in commercial properties, multi-family dwellings, life sciences, industrial, retail and more.
“We think about ourselves as offering a managed service,” he says. “We do everything from the design of the system to the installation of the system, the ongoing operations of the system, the monitoring of the system, even the maintenance of the system.”
“Really, it is one throat to choke [or] one back to pat, depending on which way you want to think about it, from an outcomes perspective,” Burner adds. “I think the insight that Gene Samburg had when he founded the company back in the 1970s was [this]: Security is only as strong as its weakest link.”
“We are trying to help create experiences for our customers and access control is often thought about as kind of like the central nervous system for the commercial building,” he says. “It’s the place where you actually have an understanding of who are the people in the building, where can they go.”
“If you get it right, it kind of fades in the background, and people don’t even notice it,” Burner continues, adding, “Access control is absolutely center to Kastle’s identity.”
Ryan Schilling is the engineering manager at Eden Prairie, Minn.-based Parallel Technologies, which does the bulk of its work in the Twin Cities area but which also works on remote and out-of-state projects based on client demand in a variety of vertical markets, including K-12, higher education, government, municipalities and corporate campuses.
“We’re doing everything video, surveillance, access control, your intrusion systems and beyond on a daily basis,” he says. “We live and breathe it.”
Customer Sophistication in Access Control
Graphic by Emerald
The challenge for security integrators these days is that customers are becoming more educated and sophisticated when it comes to the solutions they want. That’s certainly true in the access control space, according to our integrator experts.
“The industry has really shifted,” says Robinson. “Recently, I would argue that the majority of the customers want the same thing the enterprise customers wanted for years. They want a single pane of glass; they want an integrated solution; they want something that gives them business intelligence on their facility and things of that nature.”
Robinson continues, “With the advent of cloud solutions, we’re able to deliver that at a much, less overhead and less capital expense, so they can leverage those products and those solutions much faster and much easier.” He notes that Integrated Protection Services is now “cloud-first.”
Kastle Systems works on projects of all levels, but it tends to gravitate toward higher-end work in the Class A or Trophy class, says Burner. As he puts it, “where you’re charging premium rents, and you’re trying to create a differentiated experience for your tenants.”
“If you can create an experience through things like wallet credentials that allow people to use their phone as the way to access space, [it] becomes part of the story that the building is telling prospective tenants,” he says. “Those are some of the different ways in which we get into these conversations with the buildings itself, and then with the tenants inside of the building.”
Parallel Technologies’ core focus is to “create a partnership” with its customers, says Schilling.
“While they know what doors they want to have, we like to make sure that we talk to them about the nitty-gritty of it,” he says, including who’s issuing the credentials and whether the client has active directory integration with its access control system.
“Things like that, they’re a little bit more below the surface, so that’s where we find the most success in delivering a great product that our clients are very happy with,” says Schilling. “There’s a lot of downstream impact, where if you don’t have those conversations, their idea of having that door might not pan out so well for one reason or the other.”
Proactive vs. Reactive Installations
Access control is no different from most other segments of the security industry, with the bulk of the work coming after a customer has experienced a breach of some kind. That doesn’t mean there aren’t plenty of customers who aren’t planning ahead when it comes to their security systems.
“In our space, it’s driven a lot by compliance, whether that’s IT compliance, Joint Commission compliance in the healthcare space, data compliance, things of that nature,” says Robinson. Standalone high-rises and small businesses tend to be more proactive about installing access control and other security solutions, he says. Price is and will likely always be the top objection, says Robinson.
Related Article: Why Campuses Should Consider Open Technology and Interoperable Access Control Credentials
“We get a lot more price objections if the customer comes to us asking for the solution than if we go to the customer,” he says. “If we go to the customer, then we’re positioning ourselves as the expert. If the customer’s coming to you asking for things, then they’ve either already talked to somebody or they’ve already got a number in mind and that’s a much harder conversation to overcome.”
When Kastle is working with a customer who is installing a security system in a new building, “you get to envision a reality that doesn’t yet exist,” Burner explains. “So, that’s where people will want to dream big and understand what is possible to bring the vision that they’ve got to life.”
Schilling says his company is primarily “on the front side of it,” but they are often called in as security experts who “can help them point down the right direction.”
Staying Educated and Informed
Graphic by Emerald
Trade publications, industry events and trade shows, conversations with peers and participation in industry councils and groups are just a few of the ways that our panel of experts seeks to stay ahead of their customers on the latest innovations in access control and other aspects of security integration.
“First and foremost is just general study of the industry, then really also listening to the customer’s voice, because customers, if they’re asking for something, and we’re having to say no a lot, somebody’s probably working on it, and it’s going to be showing up in the very near future,” says Robinson.
“There’s a handful of manufacturers now that have entered the market that are really progressive in their technology roadmaps, so seeing what they’re doing and how they’re disrupting the market, it’ll tell you a lot where the industry’s going,” he says.
Burner calls the responsibility to stay educated and informed about the latest innovations in access control and other aspects of security “a two-way street.”
“Certainly, it is our responsibility to be out there understanding what’s taking place in the market, reading the industry trade press, attending conferences, making sure that we’re staying up to date, talking to our various partners and people that we could partner with,” he says.
“But we learn from our customers as well, because they might have a vision for things that they’re looking to do that might be different from anything we’ve done with a customer prior to that,” says Burner, noting Kastle has its own product division, engineering division and hardware division, giving them the ability to create custom security solutions when customers want them.
“We’re going to learn as much from our customers as we can teach them. [It’s important to understand] what the new problems [are] that are emerging for them — what the concerns are that might be different from, say, a year ago, two years ago, because they get asked by their tenants,” he says.
It’s critical for integrators to have a close relationship with manufacturers, says Schilling.
“Particularly in SaaS deployments, solutions change so quickly when it comes to software features,” he says. “You really need to make sure to keep those partnerships tight to ensure both the customer and internal teams are educated.”
Emerging Access Control Technologies
The use of biometrics, such as facial recognition, fingerprint-based access control and retina scans, is becoming more common in the security industry, but artificial intelligence is growing at warp speed and creating opportunities for integrators that simply weren’t available a few years ago.
IPS has used Alcatraz AI, a facial recognition product, in select installations as well as jobs that involve handprint-based access control and a few iris scanners, says Robinson, who expects the latter to be restricted to high-security facilities as biometrics options become more cost-effective.
“I really am interested to see how generative AI takes hold,” he says. “We’re starting to see it more and more in the product lines and it’s making the products even easier to use for the customers. I really think we’re not too far off from being able to see customers have just a ChatGPT-style interface with their system, and they can have a conversation with it, and it produces the results they’re looking for.”
Related Article: Campuses Continue to Expand Deployment of Access, Lockdown Systems
The video side of the business for Kastle Systems is more sophisticated when it comes to incorporating emerging technologies, says Burner, since it’s been cloud-native since 2012.
“All those things come with conversations with customers, starting with what the problem they’re trying to solve is,” he says. “While we can do facial recognition, there are a lot of issues that we need to work through with people, so it’s not a one size fits all.”
According to Burner, “We have an open set of APIs, SDKs, we work with lots of different hardware manufacturers, even in some cases where we might have an alternative hardware offering ourselves, but our work is always driven by what the customers are asking for.”
Biometrics are typically deployed more often in life sciences and critical infrastructure facilities rather than in high-end residential properties, he says.
Visitor management has become a big deal for Schilling’s customers, especially in K-12 deployments. As has always been the case and likely always will be the case, price enters the conversation and often determines just how sophisticated a system will be installed, he says.
“We definitely give them the options and talk them through the pros and cons of each,” says Schilling. “What’s really the best conversation to be had is: what is the return on investment? Whether it be ease of operations or various levels of risk mitigations, there is always a driving ROI for our customers to go in a specific direction.”
RMR in Access Control
Graphic by Emerald
With just about everything going to a subscription-based model these days — from internet access to TV to keeping up with the latest fashion — it’s become easier than ever for security integrators to recoup more recurring monthly revenue from their customers than ever, according to our panelists.
Integrated Protection Services’ cloud-first model bakes RMR into it, says Robinson. “So, that’s a big driver of our business model.”
“Even if we end up doing an on-prem solution, we’re probably going to try to educate that customer that a service agreement’s a good option based off ROI and what we can expect out of general service calls, demand for that type and size of system. So, we try to put it on everything that we sell,” he says.
“Most customers are getting more and more open to it, because I think everybody’s accustomed to it already with Apple and other things that they work with every day in their life,” says Robinson. “I think a lot of the pushback we get is self-inflicted pushback of us being afraid to ask for it versus just offering it and seeing what the customer says.”
“[IPS] was late to the RMR game,” he says. But with their RMR-focused business model, the company hopes to achieve 20% of its overall revenue in recurring revenues.
“[RMR] has been part of Kastle’s DNA going back to the very founding of the company,” says Burner.
“We’re going to stay with you, we’re going to be your partner in terms of creating these security outcomes, these experience outcomes for you, but also we’re going to make sure that your system is always current,” he says, noting that includes patches and software updates as they come out.
“We are not going to hand this over to you and wish you good luck,” says Burner. “We’re going to be that ongoing partner with you and that there’s a service fee for that. But if we’re doing our job right, we’re delivering better outcomes at a lower total cost of ownership than somebody would if they were to try and cobble together a lot of different vendors and playing air traffic control amongst them.”
Burner compares access control to utilities, such as electricity.
“When my lights turn on in the morning, I don’t high-five the electric company that the lights went on. But when they don’t, I’m pretty upset,” he says. “Access control is kind of the same way. Nobody high-fives you when the door opens. But when it doesn’t, that’s a problem.”
According to Burner, “Our job, as the managed service provider, is to make sure that the door opens, and if it doesn’t, to make sure that we are getting it back into an operating state as quickly as humanly possible.”
The RMR side of the business is “growing bigger and bigger,” says Schilling.
“The SaaS model is almost a ‘must-have’ for manufacturers now,” he says. “Even in our own personal lives, we’re all starting to get used to a lot of the subscription-based products, so it’s no longer this foreign concept to have reoccurring costs associated with these systems. Because of that comfort level, we’re seeing a ton of growth in the SaaS and cloud platforms.”
“Historically, our client contacts were primarily your facility managers, building managers, etc.,” says Schilling. “Now, because of the cloud and SaaS models, we’re also being introduced to and working with the IT departments – which is great. From an IT stance, we’re getting their buy in as well, knowing they’re not on the hook for making sure the firmware versions are up to date and patches are being applied. That’s all happening in real time.”
What’s Next in Access Control
Wallet-based credentials are becoming increasingly important in the access control world, our panelists agree.
“Whether that’s Apple Wallet, Google Wallet [or] Samsung Wallet, that’s the journey that the whole industry has been on going back over a decade now,” he says. “Everybody recognized that people are going to want to use their phone as the way to access space. You’re seeing people realize they probably need to create the same kind of digital experience that people have in other parts of their lives.”
Bluetooth was never built for access control solutions, says Burner, so the wallet-based credentials have emerged as the go-to solution in the sector and are only continuing to grow.
“We’re very excited about the wallet experience because it’s highly reliable,” he says. “It’s from the providers that people already trust a lot of their digital lives to. It’s very fast. It’s a branding moment, because you can brand the credential to be what the building is, or what the tenants are, so there are a lot of experiences that we think become possible in a wallet world.”
Burner expects it will take a few years for wallet credentials to become universally accepted across all vertical markets as the access control option of choice, but he’s confident it’s going to happen.
“These kinds of things take time,” he says. “The real estate industry, the access control industry, it evolves over time. But this is one of the areas that we think is going to take off across the next couple of years and that’s why we’re trying to make sure that even if a customer’s not ready for rolling out wallet credentials today, we want to make sure we’re putting in the right infrastructure to support it when they’re ready.”
Schilling calls wallet- and smartphone-based credentials “the way of the world.”
“I know, personally, if I forget my phone at home, I’m turning right back around to go get it, [as opposed to] my card,” he says. “I might say, ‘Hey, I’ll get to work, and I can call someone, and they let me in.’ It kind of defeats the purpose of access control.”
Schilling agrees with Burner that wallet-based credentials as the primary access control tool will be a gradual shift.
“It’s like any other new adoption,” he says. “People needing to become comfortable with it—and figuring out how they’re going to manage it, I think, is one of the biggest obstacles with that trend. It’s no longer a simple card that you can easily manage or replace. Now it’s bringing in third-party devices and how do you manage those third-party devices?”
“At the end of the day, it’s about systems being smart, secure and creating a responsive environment driven by a successful access control system,” says Schilling. “It’s the way the world’s going: do more with less, and when you can start getting the operational efficiencies and ease of use out of these systems, that ROI just continues to grow and grow and grow.”
