Real words or buzzwords?: Shallow IT Adoption – Part 1

Nov. 14, 2023
It’s not just about being IT compliant, it’s also about leveraging IT capabilities to properly serve the needs and wants of today’s technologically savvy customers.

Editor’s note: This is the 71st article in the “Real Words or Buzzwords?” series about how real words become empty words and stifle technology progress.

One of my pet peeves about the physical security industry (as I have mentioned earlier in this article series) is what I call “shallow IT adoption.” But that I mean that bits and pieces of information technology are adopted for physical security systems, but not to the extent that they should be -- especially regarding the adoption of IT design, development and deployment practices.

This is why, for example, in 2004 if you placed IP cameras on a corporate network, and IT ran its usual network scanning tool “nmap” (short for Network Mapper), most brands of IP cameras would be knocked offline.

Axis cameras were the notable exception, but that’s because Axis is an IT company that expanded its focus to IP cameras, which Axis invented. Axis has always been the security industry exception in terms of high-quality product development. Did you know that two years ago Axis had over 1,000 people on its development team, and now plans to grow its team of engineers to well over 2,000?

In contrast to Axis, in the early days of IP cameras most security industry camera makers shallowly adopted networking technology because their legacy product thinking had always been focused on running a single cable (coaxial cable) from a camera to a central monitoring point.

Their developers, not being IT people, didn’t realize that cameras would be placed on a network containing many other devices and lots of non-camera network traffic. The cameras weren’t prepared to handle that traffic, and the level of error-trapping in their code was not up to IT design and development standards, and so their cameras crashed.

Technology Infrastructure

The camera makers’ failing in this example was a failure to see that cameras would be utilizing a common network communications infrastructure -- meaning that their product design would have to account for the requirements of that network infrastructure, such as tolerating irrelevant network traffic arriving at the camera and responding to queries and message from IT network management tools.  

Nowadays it is rare to find a physical security system product that doesn’t perform properly when it comes to the technical aspects of communicating over an Ethernet network. However, there is a lot more to the IT world than network protocols.

Data Ecosystem

The security industry didn’t soon enough become aware of the technology infrastructure into which its products and systems would  be deployed. Once again the industry hasn’t realized that security systems are now expected to be a part of an organization’s data ecosystem, providing not just security data but data relevant to business activities and operations.

This brings a whole new set of requirements into play for security systems, including scalability and adaptability in terms of the data it collects, generates and provides. That’s because today’s data ecosystems are not static pictures. They are built, expanded and evolved based on the needs of their end users and stakeholders.

The term "data ecosystem" refers to a dynamic, interconnected system consisting of various elements (devices and systems) that interact to collect, store, manage, and analyze data. That definition provides a technical description but doesn’t help us build a picture of a data ecosystem that a security system would be part of.

Actually, a security system can be a part of multiple data ecosystems: a smart building’s data ecosystem, the property management company’s data ecosystem, and the data ecosystem of the business or businesses occupying the building. That’s brings an array of new requirements – and opportunities – into the picture. No longer are the security system end-users and stakeholders limited to the security operations personnel and facility access credential holders.

Smart Building Data Ecosystem

A smart building's data ecosystem many elements, each playing a crucial role in collecting, analyzing, and utilizing data to enhance the building's functionality, efficiency, comfort, safety and security for its occupants. ChatGPT says that a smart building's data ecosystem can include the following components. 

·        Sensors and IoT Devices: They can include temperature sensors, motion detectors, air quality monitors, security cameras, and smart meters. These devices constantly gather data about the building's environment and usage.

·        Building Management Systems (BMS): A BMS integrates and processes data from various sensors and systems to control and optimize building operations like heating, ventilation, air conditioning (HVAC), lighting, and security.

·        Energy Management Systems: These systems focus on optimizing energy use, incorporating data from smart meters and sensors to adjust power consumption effectively, reducing waste, and promoting sustainability.

·        Network Infrastructure: This includes the wired and wireless networks that facilitate data transmission between IoT devices, sensors, and central management systems.

·        Data Storage and Processing Facilities: Smart buildings generate large volumes of data. Cloud or onsite storage solutions are used to store and process this data.

·        Analytics and AI Platforms: These platforms analyze the collected data to provide insights for predictive maintenance, energy optimization, space utilization, and improving overall building operations.

·        Security and Access Control Systems: Integrated security systems that use data from cameras, access card readers, and biometric devices to enhance the safety and security of the building. Author’s Note: Increasingly AI is used to develop camera and metadata useful to many stakeholders.

·        User Interface Systems: Dashboards, mobile apps, and control panels that allow building managers and occupants to interact with various systems, adjust settings, and get insights into building performance. Additionally, through systems integration, tenant experience apps are used to gain access to buildings, rooms and parking.

·        Integration with External Systems: This includes connections to external services like weather forecasting, emergency services, or smart city infrastructure, enabling the building to respond dynamically to external conditions.

·        Compliance and Privacy Management Tools: Ensuring data privacy and regulatory compliance, especially with the vast amounts of personal and operational data handled by smart buildings.

A Dose of Reality

In recent months, I mentioned a new Linux-based access control panel that could run scripts and containerized software applications to several integrators and security design consultants.

Each replied with statements like this: “Nobody in their right mind would want to run software on an access controller!”

Well, try telling that to the property management company who currently does run software on the board to send occupancy data from the Azure Access controller to an HVAC controller just a few feet away. Why send the data up to the access control server, over to the HVAC server, and then back down to the HVAC controller? Especially if one or both of the server applications are in the cloud?

A part of the data ecosystem picture is that the property management company has much more sophisticated software development capabilities than the typical security integrator has. In fact, that’s the case with most of the medium and large size companies deploying security systems. Their software capabilities far surpass those of most security industry manufacturers. And they aren’t confined to legacy security industry thinking.

In Part 2 of this article coming soon, I’ll provide additional examples of several new security products that account for the realities of the data ecosystems into which they will be deployed.

Ray Bernard, PSP CHS-III, is the principal consultant for Ray Bernard Consulting Services (RBCS), a firm that provides security consulting services for public and private facilities ( In 2018 IFSEC Global listed Ray as #12 in the world’s Top 30 Security Thought Leaders. He is the author of the Elsevier book Security Technology Convergence Insights available on Amazon. Follow Ray on Twitter: @RayBernardRBCS.