...
Under the direction of the President, the Chief Information Officer, Assistant Vice President of Public Safety, and the Chief Director of Information Security Officer shall implement and ensure compliance with this policy. The Deans, Vice Presidents, and other members of management will implement this policy.
...
- Access Control - The use of computer-controlled entry and locking devices to limit and log access to areas of a physical facility, usually by means of a digitally-enclosed identification card or biometric device.
- Information Technology Security Board (ITSB) - A unified effort jointly managed by the Chief Information Officer and the Chief Director of Information Security Officer, working closely with Risk Management, Network and System Service (NSS), Public Safety, Facilities Services, and other University units, as warranted. The ITSB governs technical and operational security solutions specific to the University's needs. The ITSB will recommend security measures compliant with this policy, and security best practices.
- Security Control Owner – The Department, Dean, or VP who is responsible for the area that is being secured by a camera and/or control access system.
- Video Surveillance - The use of image capture, processing, transmission and storage equipment for authorized monitoring of public areas. This includes full-motion and still images, use of network transmission capacity, and digital storage and retrieval software. Audio recording is specifically excluded from this definition.
...
- GENERAL
- This Access Control Design and Construction standard applies to all new construction and renovation projects, as well as single device installations on the Rowan University campus, and any other location or campus subject to the University.
- This standard applies to employees, contractors, design professionals, and tradespeople involved in the design, procurement, or installation of electronic security devices or systems.
- The electronic security devices/systems encompass computers, network connections (including wireless), data transmissions, communication devices, multiple points of monitoring, interfacing controls, sensors, and actuators. Some functions may be supported locally as well as University-supported.
- For the purposes of this standard, electronic security systems or devices include:
- access control (wired and wireless)
- networked video surveillance
- Security and access control systems must be integrated with the University central systems unless an exemption has been granted.
- For Access Control and Video Surveillance systems: the Chief Director of Information Security Officer, Director of Network and System Service (NSS), Public Safety and Facilities Services shall be consulted during the initial design or planning, during schematic and construction design reviews, during construction if a scope change occurs or clarification is needed, and prior to building occupation, a signoff is required by all groups listed above
- Electronic security systems/devices are not to be connected by hardware, integrated by software, or otherwise interfaced with any other control systems (ex. Building Automation Control System) or life safety systems unless specifically required by code or approved by appropriate system owner and the Chief Director of Information Security Officer, Network and System Service (NSS), Public Safety and Facilities Services.
- Electronic security systems/devices planning should be incorporated into the overall building design. Physical security devices and measures, as well as electronic devices and connections, are to be considered at the same time as comfort, function, energy efficiency, maintainability, life safety, accessibility, environment, inspiration and any other primary feature attributed to a facility.
- QUALITY ASSURANCE
- The design of all security and/or access system installations shall be performed by a qualified individual, either licensed as a Professional Engineer or certified as a security professional. Consultant shall provide credentials to the Rowan University project manager upon request.
- The integrated security and/or access system including all equipment, components, and accessories shall be Underwriters Laboratories (UL) listed for this purpose.
- The Contractor providing the security and/or access system must be certified and licensed to install security and access control systems.
- SYSTEM DESIGN
- For all renovations and new-construction projects, consultants shall engage the Chief Director of Information Security Officer, Network and System Service (NSS), Public Safety and Facilities Services.
- The following elements should be incorporated into the basis of all designs:
- Type of security or access system
- List applicable Codes and Standards
- Identify Building Occupancy Type
- Sequence of operation (especially when fire alarm and access control systems are interconnected)
- Wiring type
- Main equipment locations
- Special considerations (for example, when a facility houses animals or human remains
- Drawings and Specifications shall include all requirements for Submittals and for As-Built information. Submittals shall contain the following information:
- Product information for all installed components
- System diagram with typical equipment and device connection and labeling (a detailed connection diagram is not required until project completion)
- Wire schedule
- Battery stand-by calculations
- Special system requirements (interlocks with other systems, for example)
- System labeling materials and methods
- Surveillance system storage capacity calculation
- Surveillance Camera Lay-out
- Place cameras near entrances and exits to school buildings
- Install surveillance for campus parking lots
- Mount cameras in at-risk areas such as poorly lit walking paths and locations where students and faculty might find themselves alone and defenseless
- Position cameras in campus stores, cashier offices, and other areas where money is exchanged
- Have proper video surveillance for sports facilities
- Monitor common areas such as stairways, lobbies
- Install security cameras at all residence hall
Note: Typically we would recommend one interior camera per perimeter door, one interior camera per building lobby and perhaps one interior camera per elevator lobby. Special attention will be given to areas within the building that require special attention, but those could be handled on a case by case base.
The exterior requirements will be flexible because each building is different and some may not require any coverage. However, if the building is adjacent to a student walkway, is isolated, or is used for student congregation, exterior cameras will be required to adequately monitor those areas - SUBMITTALS
- To ensure compliance with the intent of this standard, all system final designs and associated contract submittals shall be reviewed by the Chief Director of Information Security Officer, Network and System Service (NSS), Public Safety and Facilities Services.
- One (1) copy of each new project submittal shall be sent to the Chief Director of Information Security Officer, Network and System Service (NSS), Public Safety and Facilities Services for review and comment prior to releasing final approved submittals to the contractor
- SYSTEM DESCRIPTION
- Card Access Systems :Wired/Wireless: are comprised of card reader, door contacts, electric hinge or power transfer (wired systems), door strike, latch, reader interface module, interconnecting power and communication wiring, head-end intelligent system controller. All systems, unless exempted from University policy, are centrally monitored - transmitting data to and received by the Access Control System.
- Network Video Surveillance Systems :Wired/Wireless: are comprised of IP-enabled cameras, interconnecting power and communication wiring via POE (power over Ethernet). Cameras must be connected to a POE-enabled switch with ports enable on the appropriate security VLAN unless approved by the Chief Director of Information Security Officer and/or Network and System Service (NSS). All systems, unless exempted from University policy, are capable of being centrally monitored - transmitting data to and received by the Video Management Systems.
- PRODUCTS
- Manufacturers
- All equipment must be designed with open system architecture.
- All systems and infrastructure components that support the video surveillance and access control systems shall be equipped with battery backup in the event of a power failure and capable of operating for a minimum of 8 hours.
- All system components installed must be compliant with a current version of this standards document, defined as any version of this document valid within 120 days of installation of the system. Requests for the current version of the standard can be submitted to support@rowan.edu.
Subject to compliance with requirements, provide products by one of the following
Note: All non-standard existing security access control or camera systems will be required to comply with this standard at a future date.
CISODescription
Manufacture
Where deployed (if known)
Standard or Non-Standard
Access Control Software
SOM deployed, applies to all future deployments of any size
Standard
Access Control Panel/Microprocessor Hardware
Mercury
http://www.mercury-security.com/SOM deployed, applies to all future deployments of any size.
Standard
Video Management System/Software (VMS)
Enterprise Level OnlyExacqvision
https://exacq.comFor all Rowan locations
Proposed New Standard
Video Surveillance Camera – (Indoor) Individual scenario will dictate what model camera should be used
AXIS, Sony, and Arecont Vision
www.axis.com
https://pro.sony.com/bbsc/ssr/mkt-security/
www.arecontvision.comFor all Rowan locations
Proposed New Standard
Video Surveillance Camera – (Outdoor) Individual scenario will dictate what model camera should be used
AXIS, Sony, and Arecont
www.axis.com
https://pro.sony.com/bbsc/ssr/mkt-security/
www.arecontvision.comFor all Rowan locations
Proposed New Standard
Video Management System/Software (VMS)
Exacqvision
https://exacq.com
See section entitled "Video Management System Environment" for software licensing and configuration details.For all Rowan locations
Proposed New Standard
Management System Hardware
See section entitled "Video Management System Environment" for software licensing and configuration details.
For all Rowan locations
Currently used as Standard
Intelligent Locksets.
Sargent (wireless and online types only)
http://www.sargentlock.com/products/ product_landing.php?item_id=1589For selected Rowan Locations. (Request assistance from office of Director of
CISOInformation Security prior to selecting appropriate intelligent locks)
Proposed New Standard
Intelligent Locksets
Allegion (Wireless and Wired types)
www.allegion.comFor selected Rowan Locations. (Request assistance from office of Director of
CISOInformation Security prior to selecting appropriate intelligent locks)
Proposed New Standard
Intelligent Locksets
Salto (Sallis and CVN)
http://www.salto.us/For selected Rowan Locations. (Request assistance from office of Director of
Information Security prior to selecting appropriate intelligent locks)
Proposed New Standard
Access Control Card Readers
Allegion MT series
For all Rowan Locations
Standard
Video Surveillance Manager (VMS)
Cisco
Camden, Glassboro residential spaces
Non-Standard
Video Surveillance Camera
Cisco (Pelco)
Camden, Glassboro residential spaces
Non-Standard
Access Control for entry doors, elevators, stairwells, etc.
Blackboard
Camden (Medical school), Glassboro (CGCE)
Non-Standard
Video Surveillance Camera - Advidia
(A-44-IR)Advidia
CGCE
Non-Standard
Video Surveillance Camera - Elevator camera (ELV-650)
Advidia
CGCE
Non-Standard
Video Surveillance Camera - ACTi (KCM-7911)
Act-I
CGCE
Non-Standard
Video Management System/Software (VMS)
Video Insight
CGCE
Non-Standard
Video Surveillance Camera – Access P3367
Access
Glassboro residential locations
Non-Standard
Video Surveillance Camera – Access 216
Access
Glassboro residential locations
Non-Standard
Video Surveillance Camera – Access PIZ
Access
Glassboro residential locations
Non-Standard
- Video Management System Hardwar
The security integrator shall provide all required software for at least one recording server, one Enterprise Management Server and at least one fail-over server as follows. All server hardware (excepting the EMS server) will be provided by the integrator, and will be installed in a main campus datacenter by the integrator in coordination with the Information Security Office (ISO) and Network and System Services: - The VMS Recording server hardware will meet the following minimum requirements:
- Required Server Model: HP DL380 G9
- Intel Xeon 8-core x 20MB Cache (minimum)
- 64 GB RAM
- NIC: 4x1000 Mbps
- Redundant Power Supplies
- Windows Server 2012 Enterprise
- Four post rack mounting kit
- Storage:
- Minimum 20TB raw storage
- Minimum two hot spare drives
- Sufficient storage to meet retention requirements with all cameras recording at their highest available resolution at 10 FPS based on 50% motion for indoor cameras and 24/7 recording for outdoor cameras.
- Storage calculation should include 30 day retention requirement for non-clinical areas, 90 day retention requirement for clinical areas.
- No drive larger than 4TB. No drive smaller than 3TB.
- Storage calculations, including RAID and hot spare overhead as well as disk usage per day per camera based on the above specifications, must be included in all proposal submittals.
- Dedicated operating system partition of 60GB (minimum)
- If storage requirement exceeds the capacity of a DL 380 G9 multiple servers may be necessary.
- Enterprise Level Video Management software for serve
- Four year next business day warranty direct from HP
- Professional series camera software licenses for each connected camera/device. Provide 10% spare licenses above quantity required for project.
- Three year software support agreement to cover upgrades
- The Failover VMS Recording server hardware will meet the following minimum requirements:
- Required Server Model: HP DL380 G9
- Intel Xeon 8-core x 20MB Cache (minimum)
- 64 GB RAM
- NIC: 4x1000 Mbps
- Redundant Power Supplies
- Windows Server 2012 Enterprise
- Four post rack mounting kit
- Storage:
- Minimum 20TB raw storage
- Minimum two hot spare drives
- Sufficient storage to meet retention requirements with all cameras recording at their highest available resolution at 10 FPS based on 50% motion for indoor cameras and 24/7 recording for outdoor cameras.
- Total usable storage capacity after RAID and hot spare overhead must provide 7 (seven) days retention for all cameras the system is intended to provide failover for.
- No drive larger than 4TB. No drive smaller than 3TB.
- Storage calculations, including RAID and hot spare overhead as well as disk usage per day per camera based on the above specifications, must be included in all proposal submittals.
- Dedicated operating system partition of 60GB (minimum).
- If storage requirement exceeds the capacity of a DL 380 G9 multiple servers may be necessary.
- Enterprise Level Video Management software for server
- Four year next business day warranty direct from HP
- Professional series camera software failover licenses for each connected camera/device. Provide 10% spare licenses above quantity required for project.
- Three year software support agreement to cover upgrades
- Enterprise System Manage
- License for Enterprise System Failover (EVESM)
- Three year software support agreement to cover upgrades.
- Server environment for ESM will be provided by the University
- System Operation and Performance
- System operation and performance should include, but not be limited to, the following features
- Proper activation of door hardware when a valid credential is presented
- Appropriate shunting of the alarm upon exit from secured space
- Video signal being transmitted over IP
- Alarm initiation
- Trouble initiation
- Activation of alarm notification
- Activation of trouble notification
- Total supervision, monitoring of abnormal conditions in the system
- Activation of off-premise signals that are sent to the VMS via the Access Control System or Ethernet
- System operation and performance should include, but not be limited to, the following features
...