How IST Is Thriving by Deploying Both Video Surveillance and Cybersecurity
Having rolled physical security into its IT business 16 years ago, Integrated Security Technologies is leading a new wave of network-centric integrators.
Do you do your own penetration testing on the systems you deploy or leave it up to the end user?
LANGHORST: It’s a mix of both. We have people on staff who do that. We can do that for government systems and for corporate systems. We do all the scans, and we also help organizations and agencies write their certification and accreditation documentation to get their Authority to Operate [ATO] with those systems on their networks. We’re heavy into that. But a lot of times those duties are stove-piped away from the security integrator, rightfully so in most cases, and done in dependently by the organization or an-other contractor. You don’t want foxes watching the henhouse.
RUDDO: That latter point is key. I think in a lot of cases the IT manager has a process, and because we know that process, we’re very easy to work with to support their process. On the federal side that can be extremely detailed. But we have the ability to really work with the client to get that ATO sign-off accomplished, and in most cases we’re not the auditor. As Jon said, that would be like the fox watching the henhouse. But we speak the lingo and can bring in the expertise to assist the process to make it much easier for our clients.
LANGHORST: In some cases, we’ll do the scans and prepare for the final audit by the third party. We’ll mitigate the liabilities as much as possible. Then let the other authority come in and do their scans and identify whatever vulnerabilities there are, some of which can be mitigated, and for some the agency or directorate needs to accept the risk. Some things can’t be mitigated.
Today, IST is 100 associates strong including representatives located throughout the Mid-Atlantic region.
Do you find yourselves having to go over best practices as it pertains to cyber with any of your end customers?
RUDDO: That’s part of the process, especially if it’s an enterprise-wide security management system. I alluded to understanding the network infrastructure that’s in place and that cyber piece is part of that understanding. Firewalls and security-related things put in place by the client all impact the ability of the system to potentially do whatever they’re trying to do. That’s an integral part of the conversation.
LANGHORST: That’s a good first conversation to have with the IT department. What are you doing now? How are you protecting things now? Do they have an existing access control system or video — more importantly because of its bandwidth utilization and the problems that can happen when an image or clip ends up on the Internet. How is that being protected now? If it looks inadequate or looks like it needs tweaking, then we make those suggestions and prepare options.
How far down market does IST go in terms of SMB customers, or is it more just enterprise-level clients?
RUDDO: We run the gamut. We have a number of large enterprise-level clients as we like to do that work. Obviously, it takes a unique skillset to play at that level, which we fit. But a lot of those same clients have very fundamental rudimentary applications. We do everything from a multimillion-dollar contract down to a $10,000 or $15,000 contract. We don’t really shy away from anything, quite frankly.
LANGHORST: Exactly. And to that point we have branched out quite a bit in our offering. We do a lot of things that other integrators do not do, for instance popup vehicle barriers and bollards. We do bulletproof booths. We do fences and fence protection. We have a door division that does everything around a door, even if it does not have electronic access on it. We get pretty broad in our offering. We’ve done that because we like to maintain the control over things in the field. When you subcontract out critical functions you may lose that control. That can go very badly on jobs. We have master electricians on staff. We have locking hardware-specific people on staff to deal with those things. We know we can control that quality.
Which of those areas of expertise are the most challenging to get good people in, and how do you recruit and hold onto them?
RUDDO: We value our team members.One way is to see that they are trained and certified. Some may say it’s a risk we take to keep our people up to speed at a high level, but adherence to quality and making sure you put your best foot for-ward when you’re in the face of the client is key. It keeps our reputation intact. But it’s not an easy task.
LANGHORST: It is a constant struggle. We’re always looking for good people. We’ve grown considerably over the years. We started the security division in 2002 with two people. We’re right at a hundred people now. People leave for various reasons. They move or whatever, but it’s hardest to find people who are IT savvy and security savvy at the same time. It’s always been two different disciplines. IT was one thing, dealing with servers, routers, switches and configuration of those types of things. IT/cybersecurity and physical security; those had always been separate. Specifically, on the engineering side, trying to find people who can cross those two together is the biggest challenge. We have a great team that does that, for example an IT person will train on all the security platforms and applications — access control, video management, intrusion, etc. We find it’s easier to take an IT-centric person and train them on the security programs than it is to do it the other way around.
IST offers advanced large security and safety systems, including integrated and logical access control, video surveillance, intrusion detection and safety incident and compliance tracking. It also helps mostly government, education and healthcare clients design, integrate, install and maintain their IT systems.
Let’s talk offerings. What recurring revenue streams are working for you?
RUDDO: We launched our S.H.I.E.L.D. [supporting, helping, informing, enhancing, listening, delivering] branding program in part to move our lifecycle support services more into a Cloud-based and managed services environment. We’re starting to get some traction. We’ve always been pretty good at the typical service, preventive maintenance type contract. Some people would deem that recurring, it gets down to semantics. We are UL 2050, so we have a number of SCIF [Sensitive Compartmentalized Information Facilities] monitoring contracts. Our shift is more toward a hosted, managed services type platform. We’re seeing that within the industry from even the manufacturer side. We saw the IP convergence coming back in 2002 and that next industry shift looks to be hosted/managed solutions. Adoption from an end-user perspective is holding it back, but I think it is the future. We’re geared for it. It’s a matter of time.
LANGHORST: You see the push. The Cloud is now a household word. You have companies like Ring with the camera doorbells. People are used to that kind of thing now in their homes. They’re somewhat used to it, or are becoming more used to it, at their businesses. It’s obviously coming. We are engaged with manufacturers in furthering our footprint there and developing new programs.
What is most engaging to end users; is it cybersecurity, business efficiency, security itself, risk mitigation?
LANGHORST: Each industry or entity has its own take on it, but all those things are important. Risk mitigation is a big thing. People expect a safe workplace. You’ve got OSHA regulations around safe work-places to comply with. Cybersecurity is obviously huge in government, for government attacks. Corporate, again, having some video clip end up on YouTube is deadly. It depends on the organization.
RUDDO: A lot of it hinges on who within the organization you’re collaborating or interfacing with. And it depends on the size and nature of the organization. Facilities is going to be more concerned with the business operation end of it and how is this going to impact me from a staffing perspective. It really depends on who you’re dealing with and if you’re at the proper level.
LANGHORST: We try very hard to get all the proper stakeholders in the room at the same time. You get to talking about system capabilities, and about video use, etc., and you’d be surprised at what can come out of the conversations. Collaboration drives more conversations and drives the budget.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
About the Author
Scott Goldfine
Scott Goldfine is the marketing director for Elite Interactive Solutions. He is the former editor-in-chief and associate publisher of Security Sales & Integration. He can be reached at [email protected].
Related Content
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.
A FREE subscription to the top resource for security and integration industry will prove to be invaluable.
