Convergence to the 2nd Power

Plethora of Convergence Drivers

The mother of all drivers in the convergence of physical and logical security may well be Uncle Sam. Spurred on largely by Homeland Security Presidential Directive 12 (HSPD-12), the order provided the thrust to increase government efficiency and protect personal privacy through secure and reliable identification.

To satisfy the technical requirements of HSPD-12, the Federal Information Processing Standards Publication 201 (FIPS 201) was developed to provide a standard that specifies Personal Identity Verification (PIV) requirements allowing for a common identity management system for federal employees and contractors. Those initiatives have now reached state and local governments, which have begun to plan, test and use PIV interoperable cards.

Still other government initiatives are promoting cross-departmental synergies, such as the Health Insurance Portability and Accountability Act (HIPAA), which mandates national standards for secure electronic health-care transactions. The momentum and proliferation of these regulatory compliances have served to educate and build an appreciation for the benefits and value of having proprietary and well-protected IDs.

Now it is commercial enterprises that are fueling the burgeoning demand for protecting assets and employee information, and it’s all tied to leveraging next-generation physical-logical applications.

“That is the real driver now,” says Rob Meyer, vice president of product management for ADT North America, the industry’s largest installing security systems operator. “It was first driven by the federal government, but that is starting to migrate very quickly into the commercial world in a big way.”

The Convergence 2.0 drivers serving to push the next generation of security and logical applicat
ions come in many flavors. For example, the Payment Card Industry (PCI) standard is a direct driver for retail institutions that process credit card transactions at point of sale (POS). Here, video surveillance cameras are leveraged to assure the retailer is protected against fraud as well.

Security and life-safety funding for universities is often tied to mass notification and video surveillance systems. In order to secure those funds, campuses must provide for a flexible and expandable emergency communications and video surveillance solution.

Organizations seeking a converged physical and logical access system are looking for a solution that provides ease-of-use, low total cost of ownership (TCO) and adaptability for diverse security requirements, according to Anthony Ball, senior vice president, Identity and Access Management (IAM), for manufacturer HID Global.

“They want extremely simplified deployment, administration and a use model that allows them to quickly recognize business value and return on investment,” Ball says. “Corporate enterprises, health care and the public service sector in general, are looking for the flexibility to deploy the most ‘risk-appropriate’ authentication method.”

In its most elemental form, next-generation convergence can be defined as being able to make the correct information available to the right person wherever they may be, says Bill Stuntz, general manager and vice president of the physical security business unit at Cisco.

“Being able to first collect all that data from multiple sources, figure out what is important to each viewer and get the information to them wherever they may be over the network adds huge value and provides a whole new level of safety than any of the individual components can do,” Stuntz says.

While high-end enterprise physical-logical deployments have fed off the interoperability needs of government, what about the majority of America’s smaller organizations? Is Convergence 2.0 poised to serve the security and information needs of the vast stratum of commercial markets that operate in the shadow of lofty enterprise and government projects? The answer therein explains why small to midsize organizations will likely one day have the option of considering the practical application of a converged security and identity information solution.

“We are going to see the ingenuity of scaling back solutions — through creativity to solve unique needs — and looking more definitively at the needs of small and medium businesses,” says Beth Thomas, a senior product manager for Honeywell. “You will still see improvements in analytics and data pushed at the high end, but you will begin seeing an emergence of point solutions in that middle to small market that can secure IT assets, physical assets or protect identity data at the low end.”

Thomas has described convergence as using data generated by physical security and IT systems to drive both business process efficiency and security, and its framework defines a migration path for organizational growth.

“You are going to see in the next generation more attention to process detail, requests by end users — and even dealers — as they look at better ways of how to roll out and achieve the integrations,” she says. “The key thing is the business processes and getting it down into the low, medium business market. That’s where I think you will see the biggest impact of 2.0.” Managed Services and New RMR

One avenue for systems integrators and dealers to extend physical-logical security and information services down to small and medium businesses is through managed services.

Bill Bozeman, CEO of the systems integrator cooperative PSA Security Network, points to the large manufacturers that are making products easier to deploy on the network as a facilitator of offering services based or recurring monthly revenue (RMR).

“There is a tremendous amount of progress being made there. This is going to really help everyone — the end user and the integrator — and it is going to open up the opportunity to offer these managed services.” (See “Falling Margins” sidebar.) Systems integrators are embracing a managed services model based on RMR as a means to stabilize cash flow and make a company’s financials more predictable — an advantage banks look upon favorably.

“We are having a blast right now with managed access control,” says Ed Bonifas, vice president of sales and marketing with installation/monitoring company Alarm Detection Systems Inc. (ADS) in Aurora, Ill. “We are finding it more marketable than what we even anticipated when we put it together more than two years ago.”

A Web browser-based service eliminates the hardware requirements for the end user and instead allows ADS personnel to manage a client’s badging and other access control data needs in-house at its monitoring station in Aurora.

“Many of our existing customers that had their own software, instead of taking updates to their software, as we go forward we’re moving it over to managed access control and taking care of that workload for them,” says Bonifas.

Beyond managed access control, integrators can look to diversify into multiple markets such as offering video for uses other than traditional physical security applications, says Axis Communications’ Surfaro. Where appropriate, installation companies can reduce the amount of hardware they put in a facility by deploying a small IP video system that can be remotely monitored in central station fashion.

“Integrators can allow that customer to get better information on a larger amount of their facility at a lower cost because there is less equipment,” says Surfaro.

To fully realize the potential for offering multiple types of managed services, a variety of IT skills will be necessary for integrators and dealers to compete. As these capabilities are consolidated, says Honeywell’s Thomas, security contractors should not assume that one IT skill set equals another because there is a whole range of proficiencies under the IT umbrella.

From a managed services perspective, dealers and integrators with IT skill sets will be better able to offer smaller end users one of the fundamental tenets of next-generation convergence — organizational efficiency. Beyond managed access control or remote video monitoring, small- to midsize companies that have been traditional security buyers can be sold on managed VoIP services for phones and have the dealer as a single source provider. Even basic computer services, including setup and maintenance, are oftentimes needed by smaller companies that otherwise do not have the infrastructure to manage their systems.

An RMR model could even work for protecting information assets.

“As the IT criminals have become more advanced — and there is going to be more controls and regulations on protecting people data — I could very well see there will be a need for [security contractors] who can provide cost-effective and efficient services at the small to medium business level,” Thomas says. “It could possibly be a great fit for people who are already providing other managed services to those same companies, those same accounts.”

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Related Content

Hardening Access Control With Biometric Multi-Factor Authentication (MFA)

On the RISE: Jonah Azarcon, Project Manager at M.C. Dean, Shares Her Journey

The Evolving Role of AI Embedded Cameras

i-PRO Now Supports Genetec Security Center SaaS