Security convergence — integrating building- and IT-access systems -— is supposed to make life easier for everyone: IT, building security staff and employees coming into the office each day.

But two big questions loom:

* Will security convergence force employees to change their routines and learn entirely new ways to work, thereby lessening productivity before it can be improved?

* Can security convergence be used by organizations to enforce policies that have been unenforceable previously and therefore not truly effective?

Regarding the first big question, it has been assumed that combining physical and logical systems will add more mundane or complicated processes to the lives of users and existing building-security staff, or at least involve changing daily routines.

That’s a death knell because of people’s resistance to change, which already has rendered many security advances irrelevant. So, it is incumbent on vendors to deliver systems that are not just functionally useful but also behaviorally digestible. Processes have to be very similar to what employees are doing already.

Subtle behavioral changes will be forced by the shift to a converged system, but the changes should build on familiar technologies and processes rather than require a complete reeducation. Done correctly, convergence takes advantage of existing physical and IT infrastructure and technologies.

For instance, if employees flash badges at door sensors when they enter a building, requiring them to do something similar to get into applications will be better received than would be forcing them to punch in a new number at the gate every day and then remember a password that changes daily to gain access to the resources they need.