One of the largest potential sources of return on investment for security systems comes from the integration of security with other systems. Integrating human resources systems with access control for time and attendance was one of the earliest types of integration. That was followed by the ability to use an external database as the source of cardholder information. That allowed, for example, HR to assign parking privileges in its own system, with the parking access control system immediately implementing the privilege assignments or cancellations.
The larger the enterprise, the more economies of scale can increase the financial benefits of integration. In 2004 Tatum Partners estimated that the payback from implementing common user provisioning for enrollment and assignment of initial access privileges for both physical and information systems was 18 months or less. That means that every year and a half the cost of implementing the system will be returned to the company. For a growing company, the return will increase as time goes on.
Other reports of significant benefits have many corporations eyeing such integration projects. In his Forrester Research Inc. report titled "Trends 2005: Security Convergence Gets Real," security analyst Steve Hunt notes, "In 2005, companies in Europe and North America will increase spending nearly threefold on projects that combine traditional physical security controls with IT security. That is, locks, cameras, entry systems, and even guard desks will be upgraded to work with the same computing systems that control computer and network sign-on, identity management, and security incident management."
That's integration far more extensive than what most security integrators have experience with. If convergence were moving at a slow pace, that probably would not be a significant issue. But things are not moving slowly, according to Forrester. The report states, "The market, currently described as the convergence of physical and logical security, is beginning to take off. Forrester expects private-sector spending to top $300 million in 2005 ... Total spending on convergence projects in the public and private sectors in North America and Europe will exceed $1.1 billion in 2005."
Some public sources estimate the project spending to be much higher than the Forrester estimates, due to projections related to government agencies and port authorities. But the Forrester report's rejection of these estimates hints at another significant aspect of today's integration projects: "Forrester does not expect actual spending to exceed this forecast because of political factors and the complexity of the proposed projects."
The Complexity Factor
Today's convergence integration projects are much different from those of the past. Several factors have added increased complexity to current integration projects.
- Today's integrated security systems are themselves increasingly complex, even without integration to business and IT systems.
- New security technology is constantly being introduced to end users via industry shows, media articles and direct promotion.
- Information technology is a much bigger aspect of today's security systems.
- IT standards play a big role in security systems networking and integration requirements.
- The IT landscape itself is evolving; this means that integrators now need continuous education on the IT aspects of integration.
- There is no one place that end users or integrators can go to get educated on the convergence aspects of integration.
- The pace of change creates information overload for both end users and integrators.
- There seems to be no way to leverage the sunk costs of legacy systems, many of which are still at the beginning of their operational life.
- Where technology alone drives the convergence, projects become late or stall completely, while people cope with fitting the enterprise to the project systems.