9 Rules of Security Integration
Jul 1, 2008 12:00 PM, By Michael Fickes
Emerging technology is rocking the world of corporate and institutional security directors.
Several years ago, security technology networks avoided the company computer network. Today, as many as 50 percent of companies with security technology systems have put those systems on the company network and more are on the way.
Cameras used to be analog. Now they're digital. Access control systems were mostly closed. Now they're becoming more open.
Demonstrating return-on-investment (ROI) was a problem for the business departments to deal with.
Now it's the security director's problem, too. In fact, security directors are discovering that it isn't just a matter of showing that a security initiative has an ROI; today they have to prove that their ROIs are better than everyone else's ROIs.
These changes have altered the world of security technology integration dramatically. Everything is different. The short reason is: the company network. As security technology goes to the network, it becomes more powerful, serves more ambitious goals and alters the nature of the integration.
What do these changes mean to a security director going about his or her job? What are the new rules that govern what you should and should not do?
We asked a panel of integrators and consultants with varied backgrounds to evaluate their recent experiences and formulate rules to describe aspects of the emerging world of security integration as they see them.
We winnowed the suggestions down to these rules.
Aren't there more than nine rules? Surely, there are - or soon will be. Meanwhile, commit these rules to memory because sooner or later, you will be tested.
- Choose network-savvy security integrators
It certainly makes sense to ensure that network-savvy security technology integrators handle network installations, but it will be even more important six months from now when the IT department changes a network setting or adds or removes a box from the network. As a result, a piece of the access control or video surveillance system could mysteriously stop working.
It takes a network-savvy technician to get to the bottom of such a problem, which can take a day or two to run down and repair.
SOURCE: Jim Coleman, president of Atlanta-based Operational Security Systems. OSS is a member of Security-Net Inc., a cooperating group of independent integrators that provide local and global support for customers by exchanging resources and sharing experiences.
- Make sure IT understands your business model and vice versa
IT directors buy equipment as boxes with small markups, maybe 10 percent. IT integrators make money on service, not markups, and they charge fees that are twice as much as security integrators, who tend to earn profits on larger markups. Generally, the security business model is evolving toward the IT model. The point is that security directors and IT directors must hash out their differences before the start of a project to avoid bickering when the integrator begins sending invoices.
SOURCE: Jim Coleman
- Introduce your IT manager to your world right now
Today, security technology is plugging into company networks. Trouble is, IT directors have never seen devices such as intelligent controllers, digital video recorders and IP cameras. If your IT director is running a Dell shop, he or she may not want anything to do with your non-Dell devices.
IT directors are responsible for data security and frown on unfamiliar devices with embedded software. They need to examine these devices and come to understand their purposes and capabilities, while figuring out what connecting them to the company network will mean.
Equally important, today's security technology can make use of databases managed by the IT department for various company departments. For example, human resources and payroll often maintain databases that contain credentialing information required by security when programming ID cards and badges with permissions. But those databases also contain private information such as Social Security numbers, home addresses, emergency contact information and, perhaps, information about a health problem.
The point is to give your IT director plenty of time to examine the devices you want to connect to the network and to set up safeguards in connection with the databases you will want access to. Waiting to get to know the IT folks until your security technology integrator wants access to the company network isn't a good idea.
SOURCE: Dave Aggleton, president and principal consultant with Aggleton & Associates Inc. in Tarrytown, N.Y. Aggleton is a consulting and design firm with experience in many business sectors including finance, manufacturing, research and development, education, health care, hotel/club, judicial/criminal, government, transportation and high-rise office buildings.
Want to use this article? Click here for options!
© 2015 Penton Media Inc.
Today's New Product
In support of the Privaris family of personal identity verification tokens for secure physical and IT access, an updated version of its plusID Manager Version 2.0 software extends the capabilities and convenience to administer and enroll biometric tokens. The software offers multi-client support, import and export functionality, more extensive reporting features and a key server for a more convenient method of securing tokens to the issuing organization.