3.10.22 – SSI – Tristin Vaccaro
Widespread adoption of OSDP, an access control communications standard, is long overdue. Fortunately, the barriers for entry are low.
Open Supervised Device Protocol (OSDP) entered the access control scene almost 10 years ago as a more secure alternative to Wiegand communications. Today, it is maintained and further developed by the Security Industry Association (SIA) and has been adopted by dozens and dozens of access control solutions and device makers.
Over time, the need for OSDP adoption has grown as new cyber and physical security threats emerge. Integrators who fail to adapt risk leave money on the table and their clients vulnerable to attacks.
Widespread adoption of OSDP is long overdue, and luckily the barriers for entry are low. Use these 10 tips to prepare your integration team for OSDP success.
1. Appoint an OSDP Expert
Defining an OSDP expert(s) within your organization is the first step in setting up your integration business for OSDP success. Selecting an individual with a background in IT is a good start, but you will find there are many educational tools available for even the most novice of OSDP installers. The great thing about OSDP is that not everyone installing the devices needs to be an expert.
When installing the access control unit and peripheral devices, field technicians connect the devices and work with your OSDP expert to ensure the setup conforms to a test plan or design specification. Once setup is completed and approved, the OSDP expert should work to document the process and transition the project from setup to operation.
2. Learn From the Best
The quickest, most efficient way to familiarize yourself with OSDP is to sign up for an OSDP Boot Camp course. Developed by OSDP expert practitioners and managed by SIA, this daylong training session educates attendees on how to design, deploy and configure modern OSDP-compliant access control systems.
The program is structured to include informational presentations and hands-on exercises. Sessions are held in person at SIA’s headquarters throughout the year, in addition to at key events like ISC West, ISC East and PSA TEC. Visit the SIA website for information on upcoming OSDP Boot Camps.
3. Familiarize Yourself With OSDP Verified Products
OSDP is an open standard, and many manufacturers are working to make their devices OSDP-compliant. The best way to validate OSDP compliance claims is to select products bearing the OSDP Verified mark. An OSDP Verified product is one that has undergone rigorous testing by a third-party test laboratory to ensure the device conforms to the SIA OSDP standards.
When you see the OSDP Verified mark, you can be confident the product will work as intended for various OSDP access control use cases. The OSDP Verified list is accessible via the SIA website and is regularly updated with newly verified access control units and peripheral devices.
4. Study the Risks of Wiegand
OSDP has long been known for its superior security benefits when compared to Wiegand, which can be attributed to OSDP’s advanced encryption and use of bidirectional communications that allow for continuous device status monitoring. Wiegand, on the other hand, can easily be hacked by someone with limited experience and access to the wiring.
When working with your clients, understand many security practitioners are unaware of the security risks associated with Wiegand. As an integrator working to grow your OSDP business, we encourage you to inform clients of the potential security risks when it comes to installing a Wiegand system.Related:On-Ramp to the Cloud: Upgrading Physical Access Control With OSDP
5. Recognize the RFQ Implications
When completing a request for quotation (RFQ), you want your access control offerings to meet as many, if not all, of the system requirements listed. Quoting OSDP-compliant or OSDP Verified systems allow you to “check yes” to specifications regarding network protection, data encryption and more. You may also want to educate the specifiers on the benefit of using OSDP over Wiegand. The ability to meet more system requirements in an RFQ means higher chances of winning the bid.
6. Understand the Different OSDP Profiles
OSDP is a standard available for use by all manufacturers looking to develop OSDP-compatible devices. The standard can be applied to build OSDP-compliant card readers, biometric devices, smoke detectors, etc. Because of this, multiple performance profiles, like smart card and biometric capabilities, were built off the underlying standard. Not every device fulfills every performance profile, and that is OK. Understand there is a baseline which various implementations stem from.
7. Get Vendor-Specific Training
OSDP is a standard that all manufacturers have implemented differently, which means that there are slight nuances in OSDP devices among manufacturers. Take the time to undergo specific OSDP product training with the access control manufacturer so you can properly navigate these intricacies. By not getting trained in advance, you risk potentially wasting time in the field trying to master a topic that was covered in the training course.
8. Speak to the Financial Benefits
You have communicated the security benefits of OSDP to your clients, and they are sold on the interoperability and suite of features OSDP offers. Close the deal by selling them on the cost savings they can expect by deploying an OSDP-compliant system. Rather, compare the cost of a complete OSDP access control install to the financial loss experienced when a Wiegand system is hacked.
Encourage clients to contact their cybersecurity insurance providers to find out whether cybersecurity improvements like installing OSDP could lower their premiums. Your clients will appreciate your budget-conscious candor, which could be the difference between winning and losing their business. Additionally, wiring used for legacy access control systems may be reused for OSDP implementation.
9. Offer Managed Services
Offering managed services directly adds to your bottom line while increasing the level of service you offer to your customers. With OSDP’s bidirectional communication and file transfer capabilities, it is possible to update and configure access control readers remotely. While that may mean fewer billable hours in the field, you can turn it around and add system health supervision as a billable managed service. Remote reader configuration is a billable service that also eases your inventory management. Standard OSDP readers can be bought in bulk, then uniquely configured remotely per job requirements.
10. Participate in the SIA OSDP Working Group
Integrators looking to learn more about OSDP are welcome and encouraged to join the SIA OSDP Working Group, which is made up of manufacturers, specifiers, integrators and end users all looking to understand and improve OSDP. With biweekly phone calls and online group chats, the OSDP Working Group is a place to ask questions, troubleshoot and be a part of ongoing OSDP discussions.
Whether you jump in to ask a quick question or participate in every call, the working group is open to everyone. To get involved, contact SIA Director of Standards and Technology Edison Shen at email@example.com.