According to a recent Memoori report, the physical security business has not suffered as severely as many others, partly because its products and services have been able to contribute to controlling the pandemic in buildings and the growing demand for delivering Video Surveillance as a Service (VSaaS) and Access Control as a Service (ACaaS). COVID-19 has driven growth in “building wellness” systems as building operators are now in the process of installing a variety of products in preparation to meet the new standards for opening up their facilities.
As both security technology solution providers and their end-user clients grapple for answers to meet current and future challenges, Security Technology Executive editorial director Steve Lasky discussed these issues with three major players in the industry that include Rick Focke, the Director of Product Management for Enterprise Access Control Security Products and Building Technologies & Solutions at Tyco/Software House; Ryan Hulse, the Director of Product Management for Exacq and Kantech Security Products and Building Technologies & Solutions; and James Wagner, Leader Security Technology, Risk and Compliance at Deloitte Services LLP.
Steve Lasky -- When talking to your end-user customers, what sort of security-technology related issues are keeping them up at night this past year due to COVID-19 and other socio-economic threats?
Rick Focke -- End-users are thinking about how they can get their employees back to work quickly, in the safest way possible and how can they maintain social distancing and meet all of the other protocols that are being put into place. Our end-users are also asking us for advice regarding touchless technologies that they can deploy, to help reduce the spread of the contagion. And, they have also started worrying about the effects of having a mostly vacant facility – will they see an increase in vandalism or theft, or cyber-attacks? How should they change their approach to make sure they don’t see an increase? Many of our end-users are also concerned that capital projects for security are now being delayed or even canceled, which forces them to adjust their long-term planning.
Ryan Hulse -- Issues around equality of law enforcement have intersected physical security with facial recognition technology. In early 2020 it was critiques of accuracy with dark skin tones. In early 2021 it is helping identify attackers at the U.S. Capital. These two extremes of negative and positive press illustrate why it’s possible to lose sleep trying to understand if such a technology is a boon or bane to an organization. Nobody wants the headline of the negative press. This is an area where JCI is busy behind the scenes working with outside experts and industry partners to work towards transparency and standards that ensure proper use of the technology and educating on the distinctions of frictionless access control and general surveillance applications.
James Wagner -- At Deloitte, we are rather blessed with a true enterprise system with redundancies at each crossroad. However, with mask mandates, we had an immediate impact on facial recognition for access control. Accuracy and speed were key to the program and of course we did not want our colleagues without masks. We believe this will be a challenge moving forward as we look for a workable solution for higher-end security solutions.
Lasky -- Security solutions providers have migrated new innovations into the market to address the pandemic challenge and increased health and safety compliance policy. What has been the process of your organization’s approach to meeting these challenges from a security and risk perspective?
Focke -- Our process has not changed during the pandemic, but it has become quicker and more agile. It starts with our customers – engaging with them to determine what problems they are experiencing, and to discuss possible solutions. We have an ongoing, active advisory council approach to customer feedback, which is combined with other ideas from customer meetings, integrators, and internally from tech support teams and applications groups. We work together to develop solutions in the quickest time possible, and we make sure what we come up with passes from a risk and cyber perspective. Finally, our marketing department makes sure that we communicate frequently and effectively our new technologies and innovations – quickly and in as many ways as possible.
Hulse -- I think this is one area where a manufacturer like Johnson Controls has advantages to a customer looking to minimize their risk. We’ve seen some products go to market very quickly to capitalize on fear and uncertainty, but we’re now asking …did the manufacturer develop a full solution that allowed integrators to deploy effectively? Was the integrator equipped to deploy in a way that meets accepted standards? Johnson Controls, as a manufacturer also working in a number of areas like fire detection and suppression, is experienced working through compliance, risk, and security challenges to bring safe, effective solutions to market.
Wagner -- Deloitte has had a great pandemic team to review business and regulatory requirements across the landscape. From risk, doctors (internal and external), operations, and down to physical security, we have an outstanding team to review the level of policy and procedure which in some cases includes new products. The most interesting piece in a regulatory sense is what we found of most importance was the ability to report across the landscape. Thanks to the ability of our Software House C•CURE 9000 system, at an enterprise level, we have shown our clients the ability to report access in correspondence to health declarations as well as ensuring occupancy levels are kept at a safe level.
Lasky -- As businesses plan ahead to avoid future interruptions post-pandemic, how can integrated access control and video surveillance solutions enhance the infrastructure of both physical and cybersecurity?
Focke -- Integrated access control and video systems have been around for many years, but the pandemic has forced end users to take a second look at their systems and demand more – how can I get more actionable intelligence out of the system I have? How can I optimize it, to reduce unnecessary alarms while elevating critical alarms and conditions? How can I use the combined information flow from video and access control to determine exact area-by-area usage patterns and distancing trends? We are starting to see more of a need for a holistic view of the complete building or facility, including cybersecurity – no more silos of information. And a closer marriage of access control and video information is key to providing that view.
Hulse -- Video surveillance has always been the knowledge multiplier to any physical security system. It informs human decisions. The emergence of AI-based video analytics, to recognize faces or behaviors of persons, creates a force multiplier that lessens the need for staff to have “eyes on” every inch of floor space. Any time you build interconnected systems you also have to consider cybersecurity implications at integration points. Access control and video surveillance systems that integrate natively and are manufactured by companies with strong cybersecurity programs can provide the best guard against cyber risks.
Wagner -- There’s one key point missing from this question. Integration must include monitoring both physically and logically as well. Integrated solutions with redundancy are the only way to ensure we are providing 24/7 answers as incidents arise and provide a more safe and secure workplace even in a limited capacity. Deloitte Security relies heavily on its cybersecurity colleagues as well to ensure the most secure products to access is at the highest levels. My final and keywords here are redundancy and working together with cybersecurity. In our program, this was key to our success and ensuring we didn’t miss a step in the home office turnaround.
Lasky -- How do you predict physical security will continue to evolve post-COVID to meet market demands?
Focke -- COVID has forced a reckoning on the physical security industry; it has compelled us to take a completely different view of what specific benefits our solutions provide to our customers. Customers are no longer happy just with access control “basics” – they are demanding more information, and in a faster manner. They are demanding more proactive versus reactive information – tell me when a door lock will probably fail in the future, versus telling me that it has already failed. They are demanding solutions that go beyond a traditional system, with closer integration to business and health monitoring, visitor and building management systems, and real estate/property technology platforms. And this lays the groundwork for an increased acceptance of true Open Standards in our industry, to facilitate this increasing information flow.
Hulse -- COVID has shifted the definition of a “protected” space to include the “health” of a space. We now think about the behaviors of people in the space in new ways like their distance from each other, what areas they’ve touched, and the density of the people in the space. This expanded definition of a protected space is changing the trajectory of physical security, the question is to what degree. I would predict that even past the COVID pandemic, the security industry will shift toward spaces that are as touch-free as possible for occupants, and AI video analytics will continue to evolve recognition of behaviors to develop an understanding of space’s aggregate hygiene.
Wagner -- In some ways we have the pieces to meet those market demands but there’s always room for improvement. Integrated solutions, again with live monitoring, places a key role in that success for a business. The cheapest product with free storage has to be highlighted for its potential cyber issues. Just read the terms and conditions of most of those products as I’ve pointed out to some of my friends. Touchless, quality and innovation which includes multiple-use products will be key. A quality camera that can provide the security view with mask, motion, heat, and other capabilities in one unit and report anomalies is one example. Now can we wall mount it and potentially have an intercom and reader all in one? I’ll let the smart people figure that one out. I have to repeat this due to its importance. The ability to change controls on the fly and report on the regulatory items is highly important for all businesses. Without this later item you may have some very smart pieces that might as well be seaweed if you can’t report on how well they work.
