Locked Out, and Locked In…

Review by Dylan K, April 2021

Locked out, and locked in to your access control system?

Imagine you’ve just bought yourself a new vehicle. Nothing too outlandish, just a Toyota Landcruiser, or Ford Ranger.  One that is reliable, with great reviews, plenty of spare parts – everything you need in a vehicle.

 

You used a vehicle broker, as you were told that they’d get you a better deal, and to this point, it definitely seems that way.  As you’re being handed all of the vehicle’s bits and pieces at the dealership, everything seems normal.

You’re so excited to get in the car and enjoy that new car smell.

It’s not until you get home, that you realise that you didn’t receive your spare key.

You also find the glove box is locked, and you don’t have the key for that either.

 

The next day, you ring the dealership. The person on the phone explains that all is well, that you don’t need the spare key, or the key to the glove box, as they will be looking after your vehicle for you.

 

“Whenever you need something, just call and we will be there.”

Initially it seems a little odd, but seeing that there is a warranty on the vehicle anyway, and you usually have your vehicles serviced by the dealership during the warranty period, you don’t think much of it, you don’t ask anymore questions and accept the explanation.
Now, fast-forward 12 months.

 

Your warranty is ending, and you’re looking forward to getting your spare key.You’ve needed it a couple of times, and having to call the dealership each time to get it has been a pain.You’re also looking forward to taking your vehicle to the family mechanic for it’s regular servicing, as the dealership has been slow to react when you’ve called them, and taken unusually long to fit you in.You’ve been using the family mechanic for years, and you know he’ll look after your vehicle just as well, if not better than the dealership.

You call the dealership to request your items, and you’re put through to a manager who repeats what you’d heard already before, “you don’t need the spare key, or access to the glove box, as we’re looking after it for you”.You press a little harder until the manager explains that you actually can’t have the spare key, or access to the glove box, as they’re registered to the dealership, and not actually owned by you.

 

If you’re an:

  • Owners Corporation Committee

  • An Owners Corporation Manager

  • Work as a Building Manager

  • A Facility Manager

in any of Melbourne’s apartment or office buildings, you likely know this story. But it’s not your vehicle that you’re locked out of, it’s your Access Control system.

You’ve been unknowingly caught in a trap.

Replace the dealership in this story, with a Security Integrator (SI).  Replace the vehicle broker, with a Project Manager, or Contract Administrator who engaged the SI, without understanding the implications it was going to have on the end-user.

 

We see it day-in, day-out.

 

A frustrated Owners Corporation Manager, Building Manager, or Facility Manager is struggling to get a response from the Security Integrator who installed the system, and when they do, the lead-time for someone to attend is agonising. They’re also sick of being charged exorbitant amounts, for a piece of plastic. They think “surely it doesn’t have to be this way”, and they’re right, it doesn’t!

 

The system installed isn’t anything alien, it’s a high-quality, open platform Access Control system, from a reputable manufacturer. The problem lies with the Card Readers. The Card Readers that have been installed, are what we call ‘High Security’.

The idea, is that we register an individual encryption, to an individual ‘end-user’. The encryption can then be used across multiple sites and systems, held by that end-user, and the procurement of cards and/or fobs, can be managed by the SI’s and suppliers, chosen by the end-user.

 

Where did it go wrong?

 

Well, at some point SI’s have been allowed to register these encryption’s to themselves, and not the end-user (this is actually not that uncommon through the Defects Liability Period (DLP), on a construction project, but once the DLP is complete, the key should be handed to the end-user for them to own and manage).

They have also been allowed to use the same encryption across multiple sites, projects and customers. And rather than use the High Security system the way it was designed to be used, have manipulated a process to quite literally lock the end-users in.

So, what does that mean?

The SI now has your site locked in.

And unless you’re willing and able to pay to replace all of the card readers, (or go through the pain-staking task of defaulting the readers), and then replace all of the cards and fobs that are in circulation, you’re stuck!

You don’t have a choice, and you’re now at the mercy of a single service provider, for the life of the system. Great business model, isn’t it?!

So, how do we fix this and ensure that the end-user isn’t locked out, and locked in, going forward?

We have to educate YOU in the construction industry.

You can put pressure on the SI’s to release these sites, and ask more questions.

If you’re a Contract Administrator, or Project Manager, ask the SI whether the access control system they are proposing to install is a ‘High Security’ system. If it is, confirm in writing that the system will be registered to the end-user, at the end of DLP.

And if you’re an Owners Corporation Member, an Owners Corporation Manager, Facility Manager, or Building Manager, make some noise about it.

Send the SI an email requesting ‘the release of the High Security encryption, to the end-user’.And don’t take no for an answer!

Ultimately, the SI doesn’t own the system, you do, and you should not be held to ransom, because of an unethical practice that has been allowed to go on too long.

Back to Full List