9 Rules of Security Integration

Jul 1, 2008 12:00 PM, By Michael Fickes

         Subscribe in NewsGator Online   Subscribe in Bloglines

Make the IT manager your partner

For years, security directors have been under pressure to find ways to add value to their companies — to become a profit center rather than a cost center always in need of more money for technologies and people. Fact is, IT directors are feeling the same kind of heat. Both can help solve each other's problems.

A security director has many projects that can create an ROI for the company. He or she can find an integrator capable of hanging intelligent video cameras on the network; eliminating the cost of intelligent controller boards by installing readers that connect directly to the network; find ways to integrate access control and building systems so that the lighting and HVAC systems will power down offices of employees that have carded out for the day; or any of 101 other projects.

While security directors have lots of projects, they often find it difficult to get in front of the senior executives controlling the purse strings. Nor do they understand the complexities of terms such as internal rate of return (IRR), ROI and other business imperatives.

IT directors regularly meet with senior executives, and they have a solid understanding of IRR and ROI. A security director who partners with an IT director will, perhaps for the first time, find a way to get the ear of senior executives with presentations tailored to show how security projects can add value instead of cost money.

SOURCE: Tom Giannini, CPP, director of security and emergency communications marketing with Westminster, Mass.-based SimplexGrinnell. The company designs, engineers and installs fire detection and alarm systems, fire suppression systems, integrated security systems, health care communications systems and intercom and telephone systems.

Get ready to compete with other corporate ROI initiatives

Today's integrators view security as a profession with the role of determining how to provide security at an organization run by executives that have 10 other high priority projects to deal with. A strong integrator not only knows how to integrate security technologies with other corporate systems, he or she also understands how to put together a competitive presentation that makes the ROI case for the project to senior management. Just because integrators have never done this in the past doesn't matter. Today, a security director should expect this kind of work from an integrator.

SOURCE: Noelle Britton, director of marketing with the Security Solutions Business Unit of Siemens Building Technologies in Buffalo Grove, Ill. Siemens provides products systems and services that automate facility infrastructures and ensure they energy efficiency. The company's work encompasses comfort, life safety, security, energy efficiency, critical manufacturing environments and building operations.

Treat software as the new hardware

Think of all the upgrades and updates you do with your home computer: new antivirus applications every month or so; a new version of Turbo Tax every year, plus regular upgrades and security patches for operating systems and major software applications. Software has replaced hardware as the driving force moving technology forward. It is no longer about installing a system and waiting for it to break down. Today, it is about software-centered systems that continuously receive improvements in the form of upgrades. When managed properly, software can expand and extend the lifecycle of digital hardware. What kind of digital hardware? You name it: desktop and laptop computers, surveillance cameras, card readers, smart cards, network video recorders, access control systems, alarms, motion detectors, sensors and on and on.

SOURCE: Noelle Britton

Whenever possible, instantiate

“Instantiate” is a real word. It means creating an instance or taking an idea and making it an actual thing. IT people have adopted the word and use it to refer to setting up software applications to automate (or make actual) the execution of policies.

Suppose, for example, that a company requires that 20 percent of its workforce undergo drug testing every year. Individuals must be selected randomly and directed to undergo the test. If they fail to undergo their test within the allotted time, the software will notice and cut off access privileges. Those who take the test and fail will also find their access privileges removed. Employees who pass the test by the deadline will suffer no consequences.

Instantiation of any policy works similarly. Suppose a company requires certain employees to have a valid driver's license or to have passed a safety test in the last three months. An employee who loses his or her driver's license or fails the safety test will lose access privileges.

The process of instantiation often involves tying two unlike software applications together with a third application. For example, an enterprise system such as SAP contains policies in its human resources database, while an access control system contains access privileges. Companies such as San Jose,Calif.-based Quantum Secure make software applications that will receive policies from the human resources database, notify affected employees and enforce the policy by way of the access control system when necessary.

SOURCE: John Fenske, global director of product, programs and support for Johnson Controls Inc. in Milwaukee. Johnson Controls integrates safety and security systems, fire and life safety systems, HVAC systems and building automation and control systems.

Don't get caught up in the technology

There are lots of ways to do what security directors need to get done. Focus on what you need and deal with integrators that have a wide range of resources to draw on. For instance, the security director at a football stadium may want to use video analytics around the perimeter of the stadium, but that may be difficult to do cost-effectively. Because the perimeter of a stadium is so busy, it may take so long to calibrate out the false-positives that it won't be cost-effective. It may cost less to combine physical and electronic security.

SOURCE: Christopher J. Wetzel is executive vice president and founder of InterTECH Security LLC, in Warrendale, Pa. A diversified integrator, InterTECH designs and installs access control, video surveillance, fire alarm and residential systems and also operates a central monitoring station. InterTECH is also a member of SecurityNet, a consortium of privately owned, independent integrators.

Make sure you have “one neck to choke”

It's important to find an integrator that will stand up and be the one company you have to call to resolve a problem. That means doing your homework. Check out a prospective integrator's references. Think about who the integrators clients are. Are they demanding clients? Or are they the kinds of companies that just go through the motions. Don't do this by calling them. Go visit the company. Tour their facilities. Ask about service. Eventually, you will learn whether or not you're considering a company that is willing to take sole responsibility for making your system work.

SOURCE: Christopher J. Wetzel

Want to use this article? Click here for options!
© 2015 Penton Media Inc.

Today's New Product

Product 1 Image

Privaris Biometric Verification Software

In support of the Privaris family of personal identity verification tokens for secure physical and IT access, an updated version of its plusID Manager Version 2.0 software extends the capabilities and convenience to administer and enroll biometric tokens. The software offers multi-client support, import and export functionality, more extensive reporting features and a key server for a more convenient method of securing tokens to the issuing organization.

To

Govt Security


This month in Access Control

Latest Jobs

Popular Stories

Back to Top