Physical security professionals today have more (and better) tools available than ever before. And while it’s always good to have options, the wide range of innovative technologies and the speed at which they are reaching the market can be overwhelming. In a time of so many disruptive advances, it can be difficult to stay informed, distinguish hype from reality, and identify those that might actually make an impact on your risk, and your budget.
But even once you have determined that new technology can help solve your specific challenges, you may still face some subtly complex questions: Where do I start? How do I use it? How does it fit into my system?
By virtue of being “disruptive,” it may not be immediately apparent where and how some innovative technologies will fit into established physical security programs. They may augment and somewhat overlap existing resources, significantly expanding detection capabilities, deterrence, and intelligence, but they may not cover all of the critical functions that other systems – or people – are currently performing. Identifying an easy 1-for-1 swap of existing resources vs. new technology is not always initially feasible. Add budgetary pressure and the potential need for stakeholder socialization, and the question of “where do I begin?” can become even more challenging.
Users facing these challenges are primarily exploring three adoption strategies: test, augment, or integrate. These are not necessarily exclusive, but adoption paths typically center around one of these three approaches.
Test
Popular among organizations that may be somewhat cautious in their adoption of emerging technologies, “pilot” or “proof of concept” programs are often limited or restricted applications of new technologies. Usually implemented in addition to the existing security resources and structure, often at a strategically-identified facility or environment, a test deployment can be a low-risk approach allowing for socialization and evaluation, while minimizing the organization’s commitment or investment.
However, it is uncommon for a technology provider with successful commercial experience (especially if the innovation includes hardware) to provide a “free” pilot program of meaningful scale. Thus, there are often budgetary considerations for the user. And in a small-scale test program where potential ROI is limited (or non-existent), the opportunity to evaluate or realize the technology’s benefits can be somewhat tenuous. Thus, when setting up a testing application, it is important to work with the provider and establish clear timelines and success parameters.
Augment
Similar to a test application, the augment approach layers new technology on top of the users’ existing resources and structure. The key difference is that in the augment approach, deployment usually occurs in a “real world” environment to: 1) address an actual, known problem (coverage gap vulnerability, incident trend, etc.), 2) explore the additional capabilities of the new technology and evaluate how those affect overall security results, or 3) all of the above.
When justified by known risks and permitted by budget constraints, adding another layer to your security strategy can be an effective approach. Ideally you will be able to solve a known issue while evaluating the effectiveness of your new tool(s) in an operational environment.
The potential pitfalls of an augment approach may emerge well after the solution is deployed. How many of us have expanded our security resources to successfully address an issue, then experienced pressure to reduce our budget again once everything is “fixed”? When a new resource is “bolted on” and not built into the overall system, it becomes an easy target for elimination, which can result in the same issue recurring again. If you do plan to augment your existing program with new, innovative resources, it is important to collect data that directly supports attribution of the positive results to that investment.
Integrate
Where new technology has been commercially proven, the most effective adoption strategy has been to integrate the new tool(s) into existing programs. When done correctly, the new technology delivers greater operational effectiveness, often at a reduced overall cost. While it may not allow for all of the stakeholders to “kick the tires” in a protected sandbox, generating tangible results and ROI – demonstrating value for the organization – this approach generally satisfies all but the most ardent of change resistors.
But, as we stated earlier, it may not be initially apparent where it “fits” into a legacy solution or replaces an existing resource. So, how do we Integrate disruptive technology into our program?
Start with a blank slate.
Well, maybe not entirely blank. You are intimately familiar with your security program’s prioritized objectives. Begin there, and with the known risks and vulnerabilities that threaten the success of your mission. Then it’s time to allocate your available resources.
Start with the most restricted assets. That may include infrastructure that is permanently installed and cost-prohibitive to modify or replace.
After that, look at the new technology.
- What problems can it solve?
- Where can it operate?
- What support requirements (power, connectivity, etc.) does it have, and how does that affect applicability?
Chances are, the new technology will have super-human capabilities in a finite number of tasks and environments. It will be a specialist, so maximize its impact by assigning it first to the tasks and places where it will excel.
Lastly, build around that structure of permanent systems and new technology with your most flexible assets: people, and expansions of existing systems. Consider who, how, and when the data and alerts from your new technology will be received and interpreted. What response and intervention resources are needed? How scalable do your resources need to be in real time? What environments are not easily accessible, or practical for the old and new technology? What can only a human do (today)?
For example, let’s say you have three security officers on duty 24x7. One is stationed at a command center, one on continuous mobile patrol, and one assigned to an entrance (employee, visitor, commercial vehicle, or other). You have an access control system, and fixed cameras at the entrances. Your most vulnerable areas are the exterior perimeter and the employee parking zones. You might install autonomous, unmanned mobile patrol around the exterior to deter and detect intrusion, enforce parking policies, and send real-time alerts and video to the command center, which would continue to operate 24x7.
The patrol officer is mobile throughout most of the day, but the majority of events requiring intervention and response occur during business hours. Medical and life safety alerts, vehicle and parking issues, unauthorized personnel and other incidents are concentrated when the facility is heavily populated.
The heaviest traffic periods at your manned entrance are during business hours, but after-hours and weekend activity is intermittent. With a nominal investment (video, audio, other) these non-business-hours transactions could be managed remotely by the command center operator. Or, depending on a number of factors, you may simply be able to lock down that entrance temporarily if the officer had to respond, inspect, or intervene in an exterior incident.
The coverage plan could be reduced to three officers during business hours, Mondays-Fridays, and two officers after-hours and on weekends (one at the command center, and one at the entrance), and one autonomous mobile unity 24x7. This would increase the total coverage by 40+ hours per week.
The integrate approach to adoption gives you the best opportunity for positive results, including greater overall coverage, expanded capabilities and actionable intelligence, and lower overall cost. Of course, every environment is unique, and it does require more consideration as compared to a test or augment approach. But regardless of the outcome, periodically evaluating the alignment of your resources and objectives is a valuable exercise.
So, if you are considering any of the new and exciting security technologies available today, and you are not sure where to begin, remember that the most effective approach may not be the most intuitive. Strip away your resources, and rebuild your program with the innovation first.
About the Author:
Jason P. Hatfield is a Director of Client Development for Knightscope, responsible for sales and customer relationship management across the U.S. Jason has nearly 20 years of experience in sales, operations, and executive roles with the Security industry, including companies including Barton, Universal, Andrews and G4S. A graduate of Wofford College, Jason lives in Roswell, GA with his wife, Amy, and participates in ASIS International and a number of other professional organizations.
