How NST Finds Success Blending Physical and IT Security

Can you talk to me about how you combine offering some of the physical security and cyber/IT elements? You offer managed services; is that only for IT and cybersecurity or are you offering it also for physical access control or video? What are a few of the offerings include physical security?

Pisano: I can give you a really great example from a real-world perspective of one of our school district clients. Right now for that district we are managing their SonicWall firewall environments, their server environment and physical security environment all in a managed services setting. The reason we’re able to do that now from a physical security standpoint is because of our connection and onboarding procedures with the network side. We’re able to monitor all the IP-based physical devices, which is all they have. There’s no analog there, and inform the client of their issues before they happen or before they know about it happening. That’s basically the premise behind the IT managed service.

Key set points are established as given data and when you put those data points together that equals an issue that might come a day from now so we can actually get in front of before it happens. Alerting from a virtual or network standpoint might be a desktop having a problem, a network switch that’s blipping or is down. We’ll get alerts about that, but now we’re also going to get alerts about video loss on a specific camera. Maybe we’re seeing a door that’s held open, not that we’re responsible for monitoring that, but we might let a client know of an ongoing persistent issue. Maybe it happens every day at a certain time, and it’s the door that’s having a problem, not that it’s being held open.

We are able to even detect if a camera’s been covered or misaligned in a certain way in certain situations that we can just dispatch a tech to automatically resolve that problem because of the managed services agreement. The client gets notified that we’re coming, but they didn’t even know they had the problem, and we are already there fixing it before it became a bigger issue. We’re able to take the onus off the staff that is not meant to be able to monitor these types of systems. We’re wrapping that all into one service offering.

Since its founding in 2001, NST has grown into a comprehensive provider of IT, productivity, physical security, cybersecurity, consulting and web services — or basically just about anything that touches a computer network. (Image Credit: Matt Greenslade)

That also then stems down to the new compliances that are coming from the states for personal information security, the PII security for the students. All of that trickles down now through network, data storage servers, firewalls infrastructure and physical security because privacy now is not only physical, it’s virtual. We’re able to wrap all of this together. The clients love that we’re able to give them an entire overview of this rather than having to point to three different vendors and then the client has to figure out how to put everything together.

Brown: Clients like having the right single vendor and ensure that this one vendor is taking care of everything for them. We love it when it comes to that, but there are scenarios where customers do have multiple vendors. One of our strong points is that we have a strategic team. One of their goals and roles is to ensure that we work with all of the client’s vendors as that primary contact to ensure all technology is working properly and securely, and that we all play nice together in the sandbox.

How do you determine the pricing structures? Do you have a menu of technology offerings? How do you present that to the prospect or client?

Brown: It varies depending upon client, depending upon industry and compliance needs. However, typically we’ll present a customer with our services. What that means is these are the services that NST is providing versus services that are now Cloud-based that the majority of customers use. A lot of the world is currently using Office 365. While that may be on an NST invoice, it is not an NST service. It is just a service that we manage. We make sure that we separate our services versus services that a client is going to use to make sure that they understand this is NST, this is Microsoft, this is Salesforce, this is any one of their Cloud vendors.

The reason why we do that is we want to make sure they can change, that when we do provide our services, this is what’s included in our services. We find some technology solution providers out there wrap every single piece of technology they can think of into one line item on their invoice. It’s really not fair to the customer because at that point the customer can’t negotiate pricing with Internet vendors or Cloud vendors or anything like that.

They’re literally stuck with their technology service provider. I don’t like to handcuff any customer. NST does have a menu of services. We lay out what our services are and our third-party services that may or may not be on our invoice. We try to explain that all to the customer, whether that’s our managed services, our physical security or our cybersecurity.

Do you believe your converged technology approach is going to be the model we’re going to see moving forward, with less separation of IT and physical security?

Pisano: Yes, 100%. That’s being driven by the industry-leading physical security companies. As those companies are adopting the new network technologies and the new cybersecurity technologies, the knowledge base behind those items is changing very rapidly. It’s leaving the analog world, and completely joining and integrating with the network environment. Any system that has any good inter-op capability and unified structure is in a network environment. What’s really amazing about what’s happening now is that there are physical security companies that only create and offer software. They don’t do anything physical whatsoever from a tangible physical device standpoint. They are a software vendor that unifies all of these open-framework physical devices.

As long as the devices are compatible with the software, the environment becomes converged, which is pretty wild because in the past there wasn’t a world where a physical security company was not making something physical and putting it out on the shelf somewhere. That is absolutely changing how the entire world’s operating, plus the fact that in an analog environment you are absolutely limited to a ceiling of functionality, interoperability and unification.

In a network environment and a unified world, you are not limited. Scalability becomes extraordinarily easy, the ability to bolt on these sites, bolt on new technologies. Even something like adding license plate recognition or facial recognition to an environment that already exists becomes a lot simpler than it would in an analog world.

Are most of the electronic access and video surveillance systems you’re deploying now Cloud-based?

Pisano: It is a hybrid. We are very much a solutions provider, which means we’re going to take a specific instance by itself and not really force a prem or a Cloud one way or the other. We are going to determine which is best for the client at that moment. For example, if you have smaller, geo-diverse office space that really only needs one or two card readers for in and out for employees but it needs to be centrally managed from a Cloud standpoint to make it easier to spin up new locations, we’re probably going to lean more toward the Cloud.

If you have a large environment that is heavy with unification, that has lots of doors, lots of cameras, we would consider a prem hybrid situation where the management might be done in the Cloud but the sites have their own prem-based modules that can operate even if Internet is down as well as take the load off the Cloud. You have to be very careful when it comes to Cloud and video. Video is very heavy on transit. We are limited at some of our customer sites when it comes to bandwidth with the Internet. We don’t want to bog down all of their bandwidth going back and forth just recording random video.

In that case, access and management might be done in the Cloud, but video storage would be done local with maybe an archive in the Cloud. It’ll duplicate after hours when the bandwidth load is less. For our purposes, it’s never a one-size-fits-all. We’re always going into our clients and looking at what they need specifically and making something for them in that instance.

As a physical security integrator today, what would you recommend to transition to more of a managed services model and also offering cybersecurity services?

Pisano: Process and infrastructure is key. Whether you’re doing an analog environment and you want to do a managed service or an IT environment and you want to do a managed service, if you don’t have the right foundation within your own organization to receive the information, log it properly, audit it properly and pass off workflows properly, you’re going to have a nonstarter. The reason why NST is and will be successful going forward with the managed physical security is that the managed IT service is already set up. Physical security was a bolt-on. It was a little bit of a pivot rather than an earth-shattering foundational shift.

Brown: When it comes to the cyber piece, it’s the same exact thing. You now have companies that have to meet certain compliance requirements, whether that’s HIPAA, DFS, PCI, all of those have to be met. We can now wrap them into a managed services offering that will include a logging tool, risk assessments, certain pieces of software that are required now, certain firewall requirements.

All of these things now can be wrapped in as well into a managed services offering that is really just an add-on to the existing managed services platform, which is your typical help desk and the entire system data direct and support that is already in play. We already have that offering, and there are lots of people out there tapping into that as well.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Related Content

Global Security Operations Centers: Trends and Opportunities in 2024 and Beyond

Security Customers Push Integrators to Be Long-Term Partners, Not Just Salespeople

Genetec Underlines Dealer Centricity, Hybrid Approaches at Global Press Summit ’24

Security Industry Forecast: Experts Chime in, Sharing Expectations for 2024 and Beyond