• As a preview to Security Technology & Design's August special supplement, the Executive's Guide to Systems Integrators , ST&D sat down with four of the nation's largest integrators to examine their issues and challenges.
Participants in the roundtable discussion are: Steve Holmes , director of enterprise solutions for Securitas Systems USA; Nicholas Samanich , director of strategic product planning for ADT Security Services Inc.; John Fenske , senior systems marketing manager for Johnson Controls; and George West , vice president and division head of the security systems business for Siemens Building Technologies. Here is what they had to say:
ST&D: What has been the major impact to your company's approach to traditional security solutions given the evolving convergence of physical and IT risk technologies?
Fenske: There are two areas of convergence that we are seeing. First, we see increasing use of standard IT technologies in the implementation of physical security systems, from IP communications and network management protocols, to the use of XML-based data schema for streamlined integration between subsystems. The second area of convergence is in the credentialing and access control process between physical and logical security systems. That is, using the same issuance process, tokens, and PINs to provide access to a door as well as a computer or network. Johnson Controls has added IT experience as a hiring criteria for a number of roles and have also developed a centralized network integration services organization to handle the larger and more complex applications.
Samanich: The most significant phenomenon for us has been the migration of physical security technologies onto networks and COTS (commercial off-the-shelf) IT architectures. This is driving a need for us to extend our skill sets and capabilities from sales to design to installation and service.
West: The formation of customer risk councils has been the greatest impact to our approach. When we meet with our customers to discuss securing their business, the attendees often include representatives from security, IT, Human Resources, procurement and the legal teams. While in some instances this makes it more complex to define the optimum solution, it also expands the range of options.
Holmes: First, there are new, more sophisticated products in the market. Many solutions, especially larger solutions, ride on the corporate network, and this means that the in-house IT professionals are a part of the decision-making process. These solutions are often supported by the in-house IT departments and their engineers. And we're sharing information or data between security and other departments inside of these companies such as HR, facilities, management and the like. With this data, companies are able to make more educated business decisions. Securitas Systems has moved its back office IT management and support team out to the front lines. They're trained on our networked products and actively add direct support to our design and installation teams throughout the design and implementation process. We've had to hire or train IT-savvy techs at the field level as well.
ST&D: When we talk about integration from a physical security perspective, systems tend to be limited to more interfaced solutions than true open-platform options found in the IT world. Is this network-centric security migration going to make life better or worse for big-box integrators?
West: As a global integrator we do not necessarily see this as a “better or worse” situation, but merely a different situation. Up to now, the devices that made up a security system were network accessible, now they are part of the network. As a result, the choice of a security system is not necessarily made in isolation; instead, the security director and IT professional work together to ensure the components and architecture of a security system are in line with the company's overall strategic goals. With security systems having a much broader impact on the organization, our customers have broadened their definition of what constitutes an effective security solution. Additionally, as the entire market comes to understand that achieving security requires an ongoing effort, customers are increasingly making their purchasing decisions based on a longer-term perspective.
Holmes: It makes it better. It provides us with the ability to deliver more sophisticated technological solutions that provide our customers with better business insights. More data means more insight and a greater ability to make educated decisions that positively effect their business, employees, costs and profits. Systems may be interfaced today because there are not a lot of open platforms, but solutions will either become open or new middleware will be developed that will allow us to provide open systems.
Samanich: It is true that we are in the early stages of “open” environments within the physical security world and that patching together components is not “plug-and-play.” This means that in the near term, integrators can continue to add value by making components play together in systems solutions. However, as we go forward and open environments are realized, integrators will need to raise their game and provide value through higher order integration and professional service efforts such as enterprise application integration and business process improvement.
Fenske: Using prevailing standards, conventions and technologies from the IT world is the clear choice going forward, and any technology-limited traditional "interfaces" will be become obsolete. The traditional argument that a security system, by definition, cannot be "open" is false. Safeguards can and should be provided for authentication and encryption, particularly in an open architecture environment. The analogy is the Internet, where the unprotected open architecture environment is at high risk for intrusion, yet authenticated encrypted applications are used to protect global financial transactions.
ST&D: What are the key business issues that you see driving technology decisions from your end-user clients and why?
Samanich: We are in an era where advances in physical security technologies are represented both as improved functionality for loss prevention professionals (e.g., monitoring and forensics efficiencies) and as synergies for the IT infrastructure and security community (e.g., common backbones and management tools). The emphasis within a particular organization will depend on their risk environment, infrastructure footprint and the relative involvement and ownership from these communities.
Fenske: We see our security director clients being continually asked to provide better protection at lower costs. These costs come in two flavors: first costs and ongoing security operations costs. An open, IT-centric security platform addresses both by sharing IT infrastructure, IT service and maintenance, and by offering more COTS options when compared to a traditional proprietary architecture. The end-user may also see productivity enhancements with single sign-on authentication enabled from more integrated physical and logical security.
• Holmes: They want blended systems that provide more useful data, data at a better cost, and they are starting this process by understanding what they can ask for from each other. They are melding access to information from different sources as they realize there is no need for HR or facilities to each have independent systems. They basically want more information and they need cost efficiencies. Sharing data and systems is the obvious answer here.
West: Internally, we see end-user clients, much like ourselves, being forced to examine spending; even evaluating return on investments in order to make the best business decisions. Additionally, business are learning to work together internally with a combined effort from both the Security and IT teams. Externally, there are, of course, the regulations set forth by government that may impact a market segment directly (such as the impact of HSPD-12 on federal agencies, the Maritime Transportation Security Act on ports or federal regulations impacting the chemical sector). These mandates impact the technology decisions made and it is our role as integrators to understand this impact and guide the customer through the decision process.
ST&D: Do you feel that the rapid expansion of technology has overwhelmed both users and integrators? Why?
Fenske: We have seen three areas of rapid change resulting in some frustration and confusion. With video surveillance technology, there is a wealth of technology suppliers in cameras, recorders and analytic algorithms. Without standard benchmarks and measures, it is difficult, if not impossible to differentiate and select the best technology for a given application. Second, there is a rapid emergence of standards for both access card technology as well as the process for end-to-end credentialing. And finally, we see a general lack of knowledge in the security industry regarding IT technologies and standards. We have seen many of our security department customers become friends with their IT colleagues out of necessity. While some continue to have "turf battles" between physical security and IT infrastructure, the most successful teams are beginning to have lunch together.
West: Yes – one key difference in the market today is that the number of potential suppliers for any given technology is greater than ever. Also, as the technology crosses into a network-based architecture, an entirely new channel of suppliers is developing. We see this strengthening the integrator's position, due to the fact that many of our customers don't have the time or the resources to wade through the vast number of suppliers to determine which players are truly viable and sustainable.
Samanich: The technological advancements in our industry are progressing rapidly and are actually accelerating to the point where they are likely to outpace the ability of many users and integrators to absorb them. This is due to two primary drivers: First, IP solutions are reaching the tipping point where the economics is turning the corner and an increasing percentage of environments are now seeing positive business cases for IP/COTS solutions vs. closed analog environments. This will have the effect of further accelerating innovation as volumes grow. Second, as environments truly open up, they will be able to take advantage of the more sophisticated IT underpinnings and leap forward.
• Holmes: I suppose some are, but frankly, many of us are underwhelmed. We are ahead of what's available in the market – we are asking for things that no one can get.
ST&D: At the end of the day, what are the key issues that keep you up at night?
Holmes: Honestly, I sleep pretty well. But what frustrates us is that as an integrator, we are in the middle between the vendor and the customer and we need tools to help them with business issues that just aren't there yet. When we get up in the morning, our day is built around finding solution-oriented systems that will allow us to provide business drivers for our clients through converging security systems with the rest of their information platforms. Right now, the biggest drivers of this are those visionary clients who can envision an end result for their business by using a security system architecture that provides better gathering and dissemination of data. The security industry is on the threshold of making the transition from providing product installation to providing true integration. The next step is to get the developers of this technology to recognize this paradigm, and some do, and work with both the true integrators and their clients to develop the open security systems and products that will contribute to this vision and their business goals.
West: Ensuring that our business is aware of what keeps our customers up at night. We have to know and understand the overall trends of the market, as well as pay attention to the unique details of each customer's situation.
Fenske: Often, when there is rapid technology change and disruption in an industry, there is a potential for overzealous market hype. This can generate inflated expectations and resulting disappointment until the technologies "catch up" with the brochures. We recommend a conservative and even skeptical approach to evaluating new claims, and we suggest that the focus should always be on achieving end-results and not just on the cool gadgets that may help to get there. With properly applied technology, and properly managed expectations, the security industry is about to enjoy an exciting transformation.
Samanich: ADT is making significant investments to keep pace with the advances in the industry. As we move forward we are embracing many of the business principals that have long been a staple of the IT industry including an increasing focus on services, software, partners, etc.