OK, that's fair, I wasn't clear. Obviously the guards should be able to operate the functions required for their job.
I was trying to say that you can't assume malicious software doesn't exist on your network; i.e. you cannot leave out basic security controls just because the thing is on a ostensibly private network. No software should be able to open a door by, say, sending a simple ASCII string on the right port (I've seen that kind of stupid crap in other software). Why not specify that you need two-factor authentication to open a door? That would at least prevent attacks any kindergartner could perform.