Green Close Button
Cook Solutions Group

Office Building Security Integrations:

Elevators, Turnstiles, Tenant Access, and Visitor Workflows

Published:
February 27, 2026
Blogs
/
Office Building Security Integrations:
All CSG Insights
Retail Banking
Managed Services
Security
Guides & White papers

Why integration is the difference between “installed” and “working”.

Most office buildings already have the pieces of a security program, access control at doors, cameras, an intercom, maybe a visitor kiosk, maybe turnstiles. The problem is that these systems often operate like separate islands. When something happens, a guard is flipping between screens, a property manager is calling a vendor, a tenant is texting their receptionist, and nobody has a single, reliable view of what is going on.

Integration is what turns those islands into a system. It connects identity (who someone is), intent (why they are here), and permission (where they can go), across the entire journey from curb to suite. When it is done well, security feels simpler, not heavier. Tenants and visitors experience a smoother flow, while the building gains better control, better auditability, and faster response when something is off.

Start with the reality of a multi-tenant building

Office building security is not the same as headquarters security because authority is shared. There is “base building” responsibility (common areas, life safety, infrastructure) and there is tenant responsibility (the leased suite, internal policies, their visitors). Integration has to respect that split or it creates friction and political problems.

A practical way to think about it is this:

  • The building controls the journey through shared space. Lobby, turnstiles, elevators, garages, and amenities.
  • Tenants control what happens inside their suite. Office doors, internal sensitive areas, their own policies, and exceptions.
  • Integration provides a bridge, not a takeover. The building does not need to see tenant internal activity to run a safe lobby. Tenants do not want the building controlling their suite access.

When you design around those truths, the technology choices become clearer, and the workflows become enforceable.

The “identity spine” that makes everything else possible

Every meaningful integration depends on identity. Without a shared understanding of who someone is and what they are allowed to do, your elevator system cannot enforce floors, your turnstiles cannot distinguish a tenant employee from a visitor, and your visitor platform cannot safely automate anything.

At minimum, an office building integration strategy needs an identity model that can represent:

  • Tenant employee (tenant affiliation, credential type, access schedule)
  • Building staff (security, engineering, property management)
  • Visitor (host tenant, visit time window, approved destination)
  • Vendor/contractor (sponsor, scope of work, approved zones, time limits)
  • Deliveries (if you manage them, most buildings handle these separately)

This identity spine does not need to be complicated, but it must be consistent. If one system calls someone a “visitor” and another system treats them like an “employee badge,” you get confusion, loopholes, and constant manual overrides.

Turnstiles: controlling the boundary without creating a bottleneck

Turnstiles sit at the moment where “public” becomes “controlled.” That is why they matter. In many buildings, the lobby itself is meant to feel open, but the tenant floors are not. Turnstiles create a clear, consistent boundary that does not depend on a guard recognizing faces during rush hour.

What turnstiles actually solve

Turnstiles solve two problems that are easy to underestimate:

  1. They standardize enforcement. Everyone follows the same rule, credential required.
  2. They create reliable audit trails. Entry events are captured consistently.

Without them, you usually end up with informal enforcement, exceptions that become routine, and a lobby team that is constantly negotiating access.

Where turnstiles go wrong

Turnstiles can fail as a security tool when they are treated as a standalone installation. The biggest issues show up as:

  • “Temporary” visitor access that never expires
  • Tailgating that nobody is accountable for
  • Tenants issuing badges without building-level standards
  • Manual check-in that backs up lines and drives people to bypass the process

Integration is the fix because it allows the turnstile to make decisions based on context.

Turnstile integration, what “good” looks like

A well-integrated turnstile setup typically supports:

  • Tenant employee flow: fast badge-in or mobile credential, minimal stopping
  • Visitor flow: a visitor credential that works only during the visit window
  • Exception handling: clear escalation for rejected entries, lost badges, expired visits
  • Anti-passback and tailgating controls: rules that match the building’s risk level

Practical design note: The best turnstile program is not “maximum lock-down.” It is “maximum clarity.” People should immediately understand what to do, where to go, and what happens next.

Elevator access control: vertical movement is access control

If a person can reach any floor after entering the lobby, the lobby becomes a single point of failure. Elevators are where office buildings often leak access because “they already got inside” is treated as authorization. In a multi-tenant environment, that assumption is risky.

Elevator access control integration is about ensuring that lobby entry is not the end of the security decision. It is the beginning.

The three most common elevator control models

Different buildings and elevator systems support different approaches. Here is how they work in real life:

1) Traditional floor control (enable buttons)
 A credential enables specific floor buttons inside the cab. This is common in older elevator systems or upgrades where the building wants to add controls without changing dispatch behavior.

  • Good for: straightforward upgrades, smaller buildings
  • Watch-outs: can slow cab flow if people wait to present credentials inside the elevator

2) Elevator access control at the lobby (pre-call)
 The credential is presented before boarding, and the elevator is called for an authorized floor. This keeps the decision outside the cab and reduces confusion.

  • Good for: high-traffic buildings, cleaner lobby flow
  • Watch-outs: needs good signage and a predictable user experience

3) Destination dispatch integration
 Users select their destination at a kiosk or reader, and the system assigns an elevator. Integration allows the system to show only authorized floors.

  • Good for: Class A buildings with heavy traffic, efficiency goals
  • Watch-outs: requires careful UX design and stronger tenant alignment on identity

Elevator permissions should be time-aware

A common failure mode is “someone is authorized, therefore always authorized.” Office buildings are full of schedules. Tenants have business hours. Contractors have windows. Amenities have hours. Elevator permissions should reflect those realities.

Examples of time-aware rules:

  • Tenant employees can reach their floor 24/7, but only reach amenity floors during amenity hours
  • Vendors can reach service floors and a designated tenant floor only during approved windows
  • Visitors can reach the host tenant floor only during the visit window

Elevator integration is where these policies become enforceable without putting a human at every elevator bank.

Tenant access: autonomy inside a shared framework

Tenants need to control their suite access. Buildings need to control base building access. The integration goal is not to merge these into one system in a way that strips tenant control. The goal is to allow coordination where coordination matters.

The base-building vs tenant boundary

A clean approach usually looks like this:

  • Base building controls: lobby to elevator to common amenities to after-hours building entry
  • Tenant controls: suite doors, internal zones, sensitive rooms, their off-boarding rules

Integration should allow tenant employees to use a single credential to move through the building, while still letting tenants define what “inside the suite” means.

Two common models for tenant integration

Model A: Building-issued credentials with tenant provisioning
 The building issues the credential format, tenants manage who gets access and what levels. This supports consistent lobby controls.

  • Pros: consistent experience building-wide
  • Cons: requires strong governance and a clear process for tenant changes

Model B: Tenant-issued credentials with building trust framework
 Tenants issue credentials, the building trusts credentials that meet defined standards and are mapped to the identity spine.

  • Pros: tenant autonomy
  • Cons: more complexity, higher risk of inconsistent credential quality

Both can work. The decision depends on building class, tenant profile, and how much central standardization ownership is willing to enforce.

Visitor workflows: the highest-risk, highest-friction moment

Visitors are unpredictable. They arrive early. They show up without pre-registration. They do not know where to go. They might not understand why they cannot “just go upstairs.” All of that creates pressure on lobby teams to bend rules.

A strong visitor workflow does not rely on perfect behavior. It makes the correct path easy and the incorrect path hard.

The building should define the visitor standard, tenants define the visitor details

If every tenant runs visitors differently, the lobby becomes chaos. The building should set the building-wide standard for how visitors enter shared space. Tenants can still customize what happens after the visitor reaches their floor.

A workable standard typically covers:

  • What information is required to issue a visitor credential
  • When ID verification is required and for which visit types
  • Whether the building requires host confirmation for access
  • How long visitor credentials remain valid
  • What happens when a visitor is denied or the host is unreachable

A visitor workflow that actually scales

Here is a practical “flow” you can implement in most buildings without creating a luxury-hotel check-in line.

Visitor workflow (recommended)

  1. Pre-registration: Host tenant enters visitor details, visit window, destination floor, and any escort requirement.
  2. Arrival and check-in: Visitor checks in at a desk or kiosk, staff can support exceptions.
  3. Verification step: ID check and photo capture if required by policy, risk-based by tenant or visitor type.
  4. Credential issuance: QR code, temporary badge, or mobile pass with strict time window.
  5. Turnstile access: Visitor credential enables turnstile entry, only during visit window.
  6. Elevator access: Visitor credential enables only the host tenant floor, optionally only specific elevator banks.
  7. Expiration and audit: Credential expires automatically, logs retain visit details.

Why visitor integration matters beyond convenience

Visitor integration is not just about speed. It is about reducing loopholes:

  • Visitors should not be able to reuse an old pass
  • A “quick visit” should not become open building access
  • Visitor movement should match what was approved

If your systems are not integrated, visitors often end up as permanent exceptions.

Contractors and vendors: the group that breaks most “nice” policies

Contractors and vendors are not visitors. They often need repeated access, sometimes after hours, sometimes through service entrances. If you treat them like visitors, you create constant frustration and rule-bending. If you treat them like employees, you create long-term risk.

A strong program treats vendors as a distinct identity type with sponsor accountability.

Vendor workflow (structured, realistic)

  1. Sponsor approval (building or tenant sponsor based on scope)
  2. Proof of authorization if required (work order, tenant approval, COI if applicable)
  3. Credential issued with:

    • specific entrances
    • specific floors or zones
    • time windows
    • expiration date

  4. Monitoring rules for after-hours access
  5. Credential return or automatic expiration at job completion

Integration matters here because vendors are often the reason side doors are propped, service corridors become uncontrolled, and elevator rules are bypassed.

Parking and garage access, the “other lobby”

Garages are often a secondary entry route into the building. If garage access is loosely controlled, it can undermine everything you built in the lobby.

Integration in parking is not only about opening a gate. It is about knowing who entered, when, and whether they should be there.

Parking integration patterns that work

  • Badge or mobile credential at gates, mapped to tenant affiliation and schedule
  • Contractor parking rules that expire automatically
  • Alerts for forced gate events or repeated tailgating patterns
  • If used, license plate recognition tied to a credential, with rules for exceptions

A garage is not just a vehicle area. It is a pathway into stairwells, elevators, and service corridors, which makes it part of the access journey.

Common amenities: gyms, conference centers, rooftops, and shared spaces

Amenity spaces are high-traffic and high-visibility, and they often become weak points because building teams want them to feel welcoming. Integration helps you keep amenities usable while still controlled.

What amenity integration should support

  • Tenant-based eligibility (some leases include access, some do not)
  • Time-based access (amenity hours)
  • Capacity limits if needed (especially for shared conference centers)
  • Visitor rules (visitors can enter amenities only if explicitly allowed)

Amenities are where “everyone just follows the rules” often fails. A good integration makes the rule enforcement automatic.

Privacy and tenant trust, integration without “spying”

A common concern in multi-tenant buildings is that integration becomes surveillance of tenant activity. That is not necessary for effective security, and it is a fast way to lose tenant confidence.

A better approach is to separate:

  • Operational data needed to run the building safely (who entered base building space, visitor audit logs)
  • Tenant internal activity (suite-level access events, internal room access)

You can support investigations when needed through a defined escalation process, rather than default visibility into tenant systems.

Reference Table

The integration map: what should talk to what

Here is a practical reference table that clarifies the most valuable integration paths.

System Should integrate with Why it matters What “good” looks like
Access control Turnstiles, elevators, visitor platform Consistent permissions across journey One credential works, rules apply automatically
Visitor management Turnstiles, elevators, notifications Visitors are controlled, not exceptions Pass expires automatically, access is scoped
Elevators Access control, visitor platform Prevent floor wandering Only authorized floors appear or work
Intercom Visitor platform, tenant directory Reduce social engineering Unlock requires a valid context
Cameras Access events, turnstile alarms, elevator lobbies Fast verification and investigations Click an event, see the video
Parking Access control, schedules Garage is part of access journey Gate access follows tenant status and time
Tenant directory Visitor platform, intercom Accurate routing Visitors reach the right host quickly
Identity source Access control, visitor platform Fewer manual errors Offboarding disables access automatically

Alerting and monitoring, integration that reduces noise instead of creating it

If integration creates more alerts, it will be ignored. The goal is fewer alerts with higher confidence.

A strong alert strategy typically includes:

  • High-priority events that demand action (forced doors, repeated rejected turnstile attempts, after-hours access in restricted zones)
  • Medium-priority events for review (door held open patterns, unusual access times)
  • Low-priority events logged for audit (normal badge entries)

The biggest win is tying alerts to context. If a turnstile rejection includes the person’s credential type, the tenant affiliation, and the camera view, you avoid “someone got denied, go look” chaos.

KPIs that show whether integrations are actually helping

Instead of counting devices, measure outcomes that reflect control and user experience.

Security and control

  • Tailgating incidents (confirmed, not just suspected)
  • Visitor exceptions (unregistered arrivals, host unreachable, manual overrides)
  • After-hours access exceptions (especially vendor entries)
  • Elevator floor violations (attempts to reach unauthorized floors)

Operational efficiency

  • Average visitor check-in time during peak periods
  • Percentage of visitors pre-registered vs walk-in
  • Number of access helpdesk tickets per month (lost badge, access denied, wrong floor)
  • Mean time to investigate an incident (from report to video and access timeline)

System health

  • Turnstile uptime and fault rates
  • Elevator integration uptime
  • Credential provisioning delays
  • Log completeness (are you missing events from any major system)

If the building cannot report these reliably, the integration is not fully operational yet.

A phased approach that keeps the building running

Office buildings cannot shut down for a security project. A phased plan keeps disruption controlled and helps tenants stay aligned.

Phase 1: Governance and foundations

This is where most projects either succeed or fail. You define how the building and tenants will share responsibility.

  • Define base building vs tenant boundaries
  • Define identity types and minimum credential standards
  • Choose the visitor workflow standard for the building
  • Confirm life safety and accessibility requirements early
  • Document how exceptions will be handled

Phase 2: Lobby control and visitor workflow

The lobby is where you get the fastest ROI because it is where the most people interact with security.

  • Integrate turnstiles with access control
  • Implement visitor management that issues scoped credentials
  • Integrate elevator access for visitors and tenant employees
  • Train lobby staff on exception handling, not just normal flow

Phase 3: Expansion and optimization

Once the main journey is stable, extend integration to the “side doors” of the user experience.

  • Parking and garage access integration
  • Intercom integration with tenant directory and visitor status
  • Amenity access integration
  • Improved analytics and reporting, tuned alerts

Phase 4: Hardening and continuous improvement

This is where the program becomes resilient instead of fragile.

  • Regular tenant onboarding and off-boarding checks
  • Quarterly workflow testing during peak traffic
  • Vendor program improvements and scheduled access rules
  • Annual review of building standards, especially as tenants change

Common integration mistakes, and what to do instead

Mistake: Installing turnstiles without fixing visitor workflow
 What happens: visitors pile up, overrides become normal.
Do instead: define visitor rules first, then choose how the turnstile accepts visitor credentials.

Mistake: Elevator control that confuses users
 What happens: people tailgate into cabs or staff hold doors.
Do instead: design the user experience with signage and predictable steps, test it during rush hour.

Mistake: Tenants are not aligned on credential standards
 What happens: inconsistent badges, loopholes, constant exceptions.
Do instead: publish a building credential standard and an integration handbook for tenants.

Mistake: Integration creates alert floods
 What happens: the team ignores the system, manual checks return. Do instead: prioritize fewer, higher-confidence alerts, tie each to a camera view and a clear playbook.

Next Step

Make your access journey work as one system.

If you are evaluating turnstiles, elevator controls, visitor workflows, or tenant access, start with integration. A coordinated security ecosystem reduces friction for occupants and removes opportunity for misuse across shared spaces.

Request an Integration Review

Access white-papers & guides content:

Access our exclusive white-papers
Your message has been sent. Thank you for getting in touch with us!
Sorry, something seems to be missing. Make sure you have filled in all the required fields.

Related Blog post.

The Fraud Guide for Banking Security Professionals

Read Full Blog

Headquarters Facility Security Program:

Read Full Blog

Data Center Physical Security Layers: How Access Control, Video, and Procedures Work Together

Read Full Blog
Eliminate False Alarms with Video Verification

Reduce False Alarms & Costly Fees with Video Verification

Read Full Blog
24 hour Mobile Surveillance Vehicles

How a Mobile Surveillance Vehicle Can Protect Your Business, Job Site, or Event

Read Full Blog
PikoVideo Generation 6 Next-Gen Unified Security

PikoVIDEO Gen 6: Next-Gen Unified Security Platform with Infinite Scalability

Read Full Blog
Protect Your ATM Fleet from Security Threats

Protect Your ATM Fleet from Security Threats: A Multi-Layered Defense

Read Full Blog
Banking Innovation Digital Banking Podcast

How Collaboration Drives Banking Innovation

Read Full Blog
Data Center Facility Security Infographic

How CSG implements AI into your Data Center Facility Security

Read Full Blog
5MP Height Strip Camera

Benefits of revolutionary 5MP height strip camera with built-in AI analytics

Read Full Blog
One Hand to Shake with a Single Vendor Partner

Streamline Your Banking Operations with a Single Trusted Vendor Partner - One Hand To Shake

Read Full Blog
Hospital & Healthcare Security & Integrations

Hospital and Healthcare Security & Integrations: Best Practices, Trends, and Compliance

Read Full Blog
Glue & Tape Fraud

Glue and Tap Fraud: Protecting Your ATMs and Cardholders from Emerging Scams

Read Full Blog
Old Analog POTs lines

Old Analog POTs lines unreliable for Alarm Monitoring

Read Full Blog
Man in the Middle Infographic

Securing Financial Systems: Mitigating Man-in-the-Middle (MITM) Attacks

Read Full Blog
Defend Against ATM Jackpotting Guide

Defending Against Jackpotting Threats: A Comprehensive Guide

Read Full Blog
Deep Insert Skimming

Unveiling the Threat of Deep Insert Skimming: Safeguarding Against ATM Fraud

Read Full Blog
Simplify Video Analytics

Simplifying Video Analytics within your branch or facility.

Read Full Blog
CSG Integrations & Commercial Security Services

CSG Integrations & Commercial Security Services

Read Full Blog
CAD & Engineering Team

Inside CSG’s CAD & Engineering Team: Turning Security Designs Into Reality

Read Full Blog
All inclusive - No Contracts- 30 day out clause

No contracts, 30 day out, no penalty clause

Read Full Blog
Electronic Journal events to video

Associating video with electronic journal transactions has never been more simple & secure.

Read Full Blog
ATM Branding Screen Creation Service

CSG brings ATM/ITM Branding Screen Creation in-house

Read Full Blog
Piko Unified Security Platform 5.0 Update

Piko VMS 5.0: The best video management & surveillance system just got better.

Read Full Blog
DMP 3G End of Life Security Alert

Security Alert DMP - 3G End of Life

Read Full Blog
Piko Unified Security Platform leverages AI to catch criminals

Watch Piko Video Surveillance leverage AI to catch criminals

Read Full Blog
CSG squatch bbq sauce for tradeshows

If you like our sauce, you’ll love our service.

Read Full Blog
Fast Reliable Affordable Currency Counters

Affordable, reliable cash counters and discriminators

Read Full Blog
Night Drop fishing attacks

Night drop depository fishing attacks

Read Full Blog
Meet CSG Culture

Meet CSG Culture. Join our Team.

Read Full Blog
Meet RemoteView- CSGs Managed Services

Meet RemoteView…A powerful CSG managed services platform

Read Full Blog
Webinar- simplified technology delivers unbelievable service

Webinar: Simplified Technology Delivers Unbelievable Service!

Read Full Blog
CSG California Technology Summit Success

CSG California Technology Summit - Huge Success

Read Full Blog
Overcome ITM deployment

Overcome ITM deployment Time & Budget constraints

Read Full Blog
CSg wins NCR partner of the year

Cook Solutions Group wins NCR Partner of the Year!

Read Full Blog
Hook & Chain ATM attacks

Hook & Chain ATM / ITM Attack Update

Read Full Blog
Meet Piko Press Release

Meet Piko VMS. The best video management and surveillance system ever created.

Read Full Blog
CSG Press Release- CSG rebrands

Press Release: CSG Reveals Rebrand

Read Full Blog
Strategic Workshop & Executive Readiness Test

Strategic Workshop & Executive Readiness Test

Read Full Blog
7 Key Benefits of Teller Cash Management

7 Key Benefits of Modern Teller Cash Recycling Systems

Read Full Blog
Vendors should be compliant with a SOC2 Type2

Why should vendors hold a SOC 2 Type 2 compliance report?

Read Full Blog
How to convert your ATM fleets to Interactive Teller Machines

How to convert your fleet from ATM to ITM in 3 easy steps

Read Full Blog

Manage It All In One Place with Cook Command Center.

The Cook Command Center is a secure centralized web interface that enables you to view and manage your equipment and information anytime, anywhere, on any device.

- Access service history, preventative maintenance, & survey information
- View Real-Time Status and Electronic Journals with RemoteView ATM
- Request service for fastest response times
- User-friendly Case Management makes it easy to interact with law enforcement

Learn more about The Cook Command Center

Cookie Settings

We take good care of you and your data. You can read more about how we use cookies, the third parties who set cookies and update your cookie settings here.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Accept All CookiesSave Settings
cookie icon

We Value Your Privacy

This site uses third-party website tracking technologies to provide and continually improve your experience on our website and our services. You may revoke or change your consent at any time. By clicking Accept or turning an option on in Cookie Settings, you agree to this, as outlined in our Privacy Policy.

Manage Settings

Accept AllDecline All