This article originally appeared in the November 2022 issue of Security Business magazine. When sharing, don’t forget to mention Security Business magazine on LinkedIn and @SecBusinessMag on Twitter.
It is the hottest thing going – just about every manufacturer, software platform, and service provider are figuring out how to convert their single item sales into “as a Service” recurring revenue models.
If you are considering this as a provider or an end-user, you will need to look beyond the sales pitch to see the true value – and the drawbacks – of this technology trend.
At first pass, the “aaS” model can be very annoying to me as a consumer. I used to go into a store or browse online at the software available and buy it outright. If I elected to upgrade to a newer version in the future I could, but my hand was seldom forced, and the power was all mine.
Now, you are hard-pressed to find a software platform that is not offered in some type of subscription or SaaS model, and this trend is moving from the software world to hardware, systems and services. It is like you cannot “buy” anymore, only rent, but is this all bad?
The Pros and Cons
Understanding some of the pros and cons of this trend can help you understand its value, both to yourself individually and to an overall organization. While there are many aspects of the “aaS” sales model, here are five considerations you should evaluate prior to making the commitment – keeping in mind that one person’s pro may be another person’s con. Thus, consider these points under your own application and circumstances.
1. Limits expensive server hardware: When using platforms like Ava Security, Brivo, OpenEye, IronYun, etc. certain configurations of these services can be cloud-based. This can reduce or eliminate the need for on-premises servers, which are costly and have a limited lifespan.
If your customer is considering a traditional deployment of security technology, they need to consider that the servers installed on premises will come at a high cost and will need to be replaced in 5-8 years. They will also need to consider that they will likely need a Software Service Agreement (SSA) and a preventive maintenance contract to keep the system updated with patches, fixes and version releases. With an “aaS” model, all of this is included.
2. CapEx vs OpEx: While evaluating “aaS” options, take into consideration how the customer will buy the technology. Many construction projects have deeper CapEx budgets to allow for the initial procurement and installation of expensive security technology; however, buying “aaS” typically gets expensed through OpEx budgets and is a recurring monthly or annual expense – which can be more highly scrutinized. Having a thorough understanding of how “aaS” is funded and working out the details with the end-user’s finance department is critical to resolving push-back regardless of what solution is up for consideration.
3. Critical facilities, SOCs and uptime requirements: For facilities that operate in a critical capacity and have an on-site SOC, GSOC, or other real-time point of aggregating security information, close attention to “aaS” features are mandatory. Most “aaS” offerings have some or all features that are entirely dependent on outbound network connectivity; therefore, if the network fails, the security operation loses the ability to access and use the “aaS” product.
When evaluating “aaS,” ask your customer very pointed and hard questions about what services operate and if there are critical services that will not work in the event that outbound network connectivity is severed.
4. Bandwidth and network: The “aaS” sales pitch is typically a good one when it is well-perfected and delivered, but there are some downsides to consider, and integrators will need the end-user’s IT department or a non-biased third party like a consultant to help navigate the sales pitch and dig into the tech requirements of the network.
Having 10, 50, 100, or 1000 cameras at a facility that are going to a cloud-based “aaS” will have big implications on network architecture and bandwidth. Be sure this is fully understood before making a commitment to the “aaS” technology.
5. Proprietary equipment: Some “aaS” platforms openly accept cameras and edge technology from multiple manufacturers; others have cameras that can be used on other systems should you elect to stop using those systems in the future. That said, be warned that this is not the case for all “aaS” providers; in fact, some providers’ cameras are as good as a brick should your customer stop using the “aaS” platform. This could be a costly and embarrassing mistake.
Best Practices
Here are key takeaways for considering any type of “aaS” model for software, systems, or services:
Thoroughly understand what your customer’s needs are before calling “aaS” companies in to do a sales pitch. Not having this will distract you with sales presentation sparkles, bells, and whistles that may be great features, but can deviate from the core performance objectives required to serve the business.
Understand the points of failure in “aaS” models and be willing to accept the risks they present. Knowing exactly where the points of failure are enables the integrator and end-user to build operational processes to stopgap the vulnerability should a failure occur.
Know the total cost of ownership (TCO) of both the “aaS” and traditional deployment of the software, systems, and services you are evaluating.
Don’t go it alone. Bring in IT, Finance, and other key stakeholders of the business to help evaluate the solution from their areas of expertise.
Paul F. Benne is a 35-year veteran in the protective services industry. He is President of Sentinel Consulting LLC, a security consulting and design firm in based in New York City. Connect with him at www.linkedin.com/in/paulbenne or visit www.sentinelconsulting.us.
