The cloud. The term is often misused and misunderstood. We’ve been using cloud hosting for many years with online banking, virtual conferencing and other tasks and services. Many companies today are no longer brick and mortar, operating primarily from a cloud-hosted infrastructure. Think Airbnb Inc. and Uber and how their successes continue to mount without a traditional business model.
Cloud computing, software-as-a-service (SaaS) and managed services continue to populate the physical security industry. And as integrators move into the area of networking and information technology (IT), embracing cloud hosting will be a top priority. Why? Because of the inherent efficiencies, safeguards, scalability and accessibility of this virtual physical security management system (SMS).
For integrators, using the cloud for access control is simply a better way to service the customer. It allows integrators to provide robust security, data protection and unfettered system expandability with little reliance on proprietary, outside hardware and services. Hosted access control is a SaaS model, meaning the database sits in a cloud like Amazon Web Services to bring true economies of scale and the ability to manage one to four door systems and multiple-locations without escalating tiered costs found in traditional licensed software products. This also gives the user the ability to scale up or down as necessary.
In addition, there’s a booming crop of managed services that can be expertly executed with the cloud – remote testing and maintenance, system resets, scheduling, lockdowns, SMS alarm and alert notifications - from any computer with an internet connection. These and other value-added services provide a fledgling opportunity for integrators and resellers to add new revenue streams with hosted systems. With the cloud and it’s always on, always accessible platform, systems integrators can become total solution providers and the indispensable integrator customers will count on for all their system installations.
Inherent Cloud Benefits
All the advantages of cloud computing for physical security management solutions are already part of the topography, but systems integrators need to be able to understand and communicate those benefits in order to more fully engage the end-user customer. With the cloud, access control solutions are easier to deploy, manage and scale up. An SMS hosted in the cloud is inherently secure and provides regular, automatic software upgrades. Daily database backups and full redundancy are inherent with cloud-hosted solutions, eliminating the risk of having all data stored on site. Offsite hosted systems are typically void of a dependence on proprietary hardware and integrate readily with open field hardware and non-proprietary controllers such as those offered by Mercury Security or HID Global. The cloud allows programs to run without servers and appliances on site, lowering the total cost of ownership for the end user. Maintenance is also achieved at a lower cost, as cloud computing eliminates costly refreshes of servers and hardware.
Systems integrators are embracing and taking advantage of cloud-hosted access control and security management programs for their customers, while adding new categories of remote services.
Addressing Cybersecurity
A trending topic of conversation revolving around cloud computing is the security of the environment. Cybersecurity is especially a primary concern of IT or network personnel with anything that may be riding on the network. Here is the value proposition of cloud computing and data security that can be communicated to prospects and customers:
- Security is entrenched – Using the cloud brings more cyber security and resiliency to specifications than traditional legacy, on-premises server systems. The cloud’s multi-layered design yields data security and data access with additional safeguards. Hosted systems often follow what Microsoft refers to as SD3+C: Secure by Design, Secure by Default, Secure in Deployment and Communications. Encryption further protects the transmission of data between the client and the cloud-based server using modern Secure Sockets Layer (SSL).
- Never default user names and passwords – Passwords and user names make systems vulnerable to cyber attack. Secure cloud-hosted solutions don’t use them and instead each hosted system is issued a unique password. Two-factor authentication, encryption and SSL certifications in cloud-hosted SMS make data even more secure. Two-factor authentication links user accounts with a second source of verification. Secure cloud-hosted deployments utilize IP Client, meaning that only outbound ports are needed to access the host in the cloud. Deployments that use IP Server open inbound ports, which also potentially opens risk. Finally, some hardware providers enable Transport Layer Security (TLS) encryption which allows the server and client to authenticate each other and to negotiate an encryption algorithm and cryptographic keys before data is exchanged.
- Disaster recovery – A SaaS access control solution can eliminate the threat of losing data due to negligence or being too busy to regularly backup the database. A reliable product will also provide Elastic Block Storage, meaning that multiple ‘write’ transactions are provided and in case the primary database goes down that data would exist at another location and brought back online. A second layer would be point in time recovery. If the user accidentally deletes records a quick tech support call is possible to roll the system back to a few moments before the error happened.
For systems integrators, the way to future-proof the business is to add cloud hosting to your services. You can offer to completely manage the service for the user at their location, with the client choosing how much interaction they may want with the solution. The client has access to all software functionality housed in the cloud and can select the portions they want to manage, such as databases, badging services and badge activation and deactivation. In a fully hosted solution, the access control is stored and maintained by the integrator or VAR performing database monitoring and device audit. The customer can still administer the system with their choice of connected device, including desktop, laptop, tablet or smartphone.
Integrators will further benefit from this business model by performing less maintenance and service on site, with online connectivity providing greater efficiency and profitability by being able to perform many routine tasks remotely without a truck roll or an onsite visit. In addition, the integrator doesn’t have to configure operating systems, databases and applications, adding to their overall productivity during installation.
Dealing with Legacy
There’s another bright spot in the cloud-hosting scenario. Although legacy equipment isn’t the safest access control environment, cloud hosting access control can actually help this equation by integrating with most existing equipment, fostering use of the secure cloud environment. Cloud-hosted access control systems are often hardware agnostic and can be configured for communication with many legacy devices on site, so the user isn't forced into a total rip and replace. In addition, the use of the cloud hosting sets up the user to deploy a variety of multi-technology devices and peripherals, so you can continue to add to the specification and expand your range of managed services.
Systems integrators are in a perfect position to take advantage of cloud-hosted access control and security management systems. Once they learn its nuances and embrace the concept, the world of managed services is open to them, and their future more secure and profitable.
About the Author:
Paul DiPeso is the Executive Vice President of Feenics, serving as the head of operations of the Ottawa, Can., cloud-hosted security management solution provider. He has over 25 years of top management experience in physical security with leading industry corporations, including Honeywell, Tyco and Lenel.
