Manufacturers depend on consultants to get their technologies specified in customer projects. Consultants often depend on manufacturers to provide them current information about the technologies that are the building blocks of their projects. It’s a symbiotic relationship, but not always a perfect one. We recently gathered three consultants to discuss what they want from manufacturers, and a representative of HID Global to add a manufacturer’s perspective. Manufacturers also look to consultants to provide insights into trends they see among clients, and our consultant forum was outspoken on those points, too. Participating were Chris Grniet of Guidepost Solutions, Brandon Frazier of Elert & Associates, Terry Harless of Burns & McDonnell, and Harm Radstaak, HID Global’s Vice President and Managing Director, Physical Access Control. SourceSecurity.com: What do you look for in a relationship with a vendor/manufacturer? What kind of support do you look for from partners/vendors? Product Education And Communication Terry Harless: As a consultant, we are vendor agnostic. We have to specify several different vendors, different brands, manufacturers. When we do come upon a client that wants a certain manufacturer specified, we typically like a manufacturer to have customer service that we can reach out to and get an answer back in a relatively quick amount of time, for the simple fact that our designs are fast-track and we need to get them done. And not to tout HID, but they are typically very quick in responding to issues we have had in the past. We like it when they can educate us – come into our office or invite us to a consultant event and train us, instead of giving their sales pitch. There are several manufacturers who provide good education, and there are those that will just bring you in to give you a sales pitch, and you don’t really learn anything. "We typically like a manufacturer to have customer service that we can reach out to and get an answer back in a relatively quick amount of time" Chris Grniet: As consultants, we are constantly trying to learn as much as we can about every product out there. We try to be as agnostic as possible. We need to be apprised of what the latest and greatest is, how it’s functioning. And we need to access that information in a very simple way. Sometimes I’m on the fly. I haven’t sat down in my office more than three days in the last two and a half months. But I know I can pick up the phone or shoot a quick email [to Dean Forchas, HID Global’s Consultant Relations Manager in North America], and he will get back to me. He tells me what I need to know and when I need to know it to support my clients. We also need truth in advertising, the most critical component. There are things you can’t prove to me. You are going to give me the documentation and I will pass it along to the IT guys. I want to get the information they need to make an informed decision. It needs to be quick, and it needs to painless. I also want the truth about the release of products. I want to commit to things like frictionless access, and mobile credentialing for visitors, and the cost models. Please just tell me the truth. Too many times I hear “The release is Q3,” and in Q2 of the following year, the client is going “What are we going to do?” I also want clear and concise communication between my manufacturers for that fully integrated and unified platform. Brandon Frazier: The most important thing for me is education. Education about products, and future product roadmaps, and about concepts. Help me understand what we can do with this new product or this product that is coming. Don’t educate me because you think there is a project coming down the pike. Just educate me and support me. And just trust that if you educate me enough, and if I understand enough about your products, they will end up in the specifications. If you educate me enough, and if I understand enough about your products, they will end up in the specifications Understanding The Market Competition Grniet: I just want to add to be honest enough to know when your product is not right for an application or a client. Tell us “I don’t think that’s where we need to go.” And be educated about your competitors’ products. We’re just looking for help, and in a lot of cases we’re just looking for information, we’re constantly on the go, and we earn our living on a billable hour. My company wants me to have a lot of them. It has to be an honest relationship—and let me know if it’s not the right application. Harless: I would say be educated on your own product, too. A lot of vendors have no clue what their product does. Harm Radstaak: If you as a vendor say something wrong, you have to back-pedal and you lose trust. That is critical. We need to be understanding of that as a vendor and be responsible. Most professional vendors support consultants in their area. At HID, we also have an extra level in the community of consultant support around the world, in the UK, in India, in China. There is a lot of development going on all over the world. We have a role to bring all of that into the bigger mix. You are a consultant, and we consult with you in certain areas, but vice versa, too. You are the voice of the customer to us. We need for you to bring back to us what you see, which we can translate to product development. Grniet: We can’t expect the product to progress unless we bring to you our learning experiences. We get that. For years, I wrote product specifications to push the envelope of what products are capable of doing. To an earlier point about the future of products: As these get more powerful, we will expect more and more, and communicate to you when we need it. SourceSecurity.com: What are your priorities in terms of adding value to end-users in the realm of physical access? What trends have you been seeing among end-users when it comes to physical access control? What is at the top of your criteria list for either buying discussions or spec’ing out projects? Priority Considerations Frazier: I have seen a lot of desire to get to a more actively managed security system. A lot of these systems are at the 15- or 20-year mark, they have been passed on through many generations, they were never tied through active directory or auto services. They have an absolute mess of a system. So a huge trend is how do we actively manage it? We have to replace it. Looking at some cybersecurity, is the hardware going to be capable of being secured, or is it too old to handle some of the encryption that’s required? That’s driving system replacements. When you look at system replacements, you start talking about: How can we manage cards, visitors, user logins, access levels? How can we take that card and push it to other databases and non-security systems and get to that one-card solution? In other IT industries, there are maybe four, five or seven ways of identifying a person, none of them individually that secure, but the combination of all these elements will give you a very high security rate Radstaak: When you think about smart phones and iPads, we didn’t have these products nine or 10 years ago. So if we think through, our access control market is very heavily focused on card and reader and interface and software. If you talk with large corporates, they say: Explain to me how that infrastructure built up, because I am used to different network equipment, etc. They expect us to be more seamlessly integrated into their IT. From a security perspective, what will the topology and the infrastructure look like five to seven years out. I think it’s fair to say for all of us, we don’t know yet. Will there still be a lot of what we know today because we as an industry are not fast to adopt new technology? It’s fair to say that’s true. But if we were to sit down today and specify what an access control system would look like, I think we would come up with a different structure than we face today. Then there is the element of the cloud, which is going to increase as we have said. Also, most of our biometrics solutions are currently based on fingerprint or facial recognition. I think the evolution of camera technology will have an impact on security, and biometrics will have a different definition. In other IT industries, there are maybe four, five or seven ways of identifying a person, none of them individually that secure, but the combination of all these elements will give you a very high security rate, and also seamless and fast. "I think the evolution of camera technology will have an impact on security, and biometrics will have a different definition" Harless: My struggle is getting a lot of our current clients updated to more secure readers. We have tons of them still on prox cards and prox readers. When we’re upgrading facilities, it’s like pulling teeth to get them to use multiCLASS readers just to try to step them up to at least get them to a more secure platform in the near future. Another thing the industry is going towards is integrating all these systems together in some sort of GUI or interface, including access control, video surveillance, intrusion and then also maybe rolling in some building management systems, all of that, and what platform will you use to bring all that together? Some access control systems have that ability. Grniet: The primary factors of selection for clients are availability and support. There’s a lot of cross functionality out there, but I need local support. I need to make sure it will work for them, and continue to work for them with the support they need. The other factors, after I have narrowed the field, I look for systems that will give us the full interoperability, full unification, and seamless integration across multiple platforms of their environment. Whether it’s active directory management, identity management or human capital management, how do I do more with less because security is getting squeezed every day? In certain industries, there are still these kingdoms or fiefdoms of security organizations. And there may have to be from a safety or protection standpoint, but in most commercial applications in big cities, whether it’s a multi-tenant building or a financial organization, whatever it happens to be, they are looking to do more with less. Bringing in those other support organizations – HR and IT – lets us use the assets they already have and bring all of that to bear as a single process so I don’t have to hire another head to do system administration. That’s what’s important to these clients: How much can I save them on the opex (operating expense)? And they’re certainly concerned about the capex (capital expense). If I can integrate with other systems, I can also find ways to push costs out to other departments, like IT. “Yes, I need switches,” and then I just have to pay for cameras. “Yes, go run the Cat-5 cable.” My readers are going to do more for you, my mobile readers are going to do more for you than provide access to the door. We’re going to do multi-factor authentication to applications on your network. It’s a critical component of it. Once we can prove it to them, the integration goes much more smoothly. Read our Consultants' Forum series here
There are many challenges currently facing the security marketplace, and I asked several industry players recently to reflect on those challenges. Their comments highlight familiar subjects to us all: The need for education. The challenge to meet customer expectations. The dilemma of combining old technologies with new ones. Security Education And Training Education is a big issue, especially as it relates to the transition to IP systems. “I think there are a number of integrators who are raising themselves up by more education, more certification and training, looking at the world more from an IT perspective than a security perspective, and understanding that the two worlds have to come together,” says Dan Rothrock, Senior Vice President, Global Strategic Alliances, Vingtor-Stentofon. “If people are trained, educated and certified on the products they are working with, things are better,” Rothrock notes. “Installations are cleaner. For a lot of products on the market today, if they are installed and commissioned correctly, you can go a long, long time without any problems.” A challenge for customers is to compare products in the market, says Rothrock. What’s needed is a legitimate scorecard to enable products to be compared fairly based on specific criteria, he adds. In the case of audio products, for example, the scorecard might include factors such as intelligibility, simplicity, scalability, durability and reliability. Meeting Customer Expectations A central and ongoing challenge in the market is delivering on the customer’s expectations, says Tom Chamard, Executive Vice President of Sales, Salient Systems. “We know the customer’s expectations,” he says. “The integrator has to deliver on those expectations, and the manufacturer has to create the functional elements that will make the integrator look good and meet customer needs. We have a very educated customer, and I don’t think they present unrealistic expectations. The challenge is to ensure we are all on the same page relative to those expectations.” Once a solution is deployed, the customer expects the manufacturer and integrator to work in partnership to manage and maintain the deployment after the sale, he adds. “Credibility is a big piece of the puzzle,” says Chamard. Combining Old And New Security Technologies Another challenge is continuing to manage all the various technologies – the old and the new – in the changing security market. For example, after 25 years, wired Wiegand cards are still being used, even in our age of newer card technologies and even mobile credentials. “It’s a process of transitioning among generations of products,” says Dean Forchas, HID’s Consultant Relations Manager for North America. “We can facilitate that. It’s also very common that a company isn’t looking to do a technology upgrade, but they are buying and selling buildings, and some of them may have an older card technology. They don’t necessarily want to tear all that out.” HID’s transition path includes multiCLASS readers that handle a range of card technologies. “We have to show them a transition path, rather than a rip-and-replace,” says Forchas. “Technology is moving quickly, but there are still people out there selling 125khz solutions that are 25 years old,” adds Forchas. “And then there are the early adopters, although getting people comfortable with newer technologies is a challenge.” Clearly, challenges abound. What are some other ongoing or intractable challenges for the security marketplace?
ISC West is on the immediate horizon, and I asked several industry players what they expect new and different at the industry’s big show. The answers included buzz-worthy topics from Big Data to the Internet of Things, but also mention of a perennial industry theme – integration. Video Embracing Social Media? Tom Chamard, Executive Vice President of Sales, Salient Systems, expects social media to emerge as a larger topic of interest at ISC West, especially considering how social media might impact video systems. “When you couple social media data with video, you can become more proactive than reactive,” Chamard says. Analyzing social media activity can provide a useful new data stream to the command center environment. GPS functionality on smart phones enables social media posts to be isolated geographically; for example, tweets or Facebook postings can be compiled from the immediate area of a big event. “Analyzing social media and tying it together with video is a powerful combination of information flow in a command center environment,” says Chamard. “I wouldn’t be surprised to see something like that at ISC West.” Cybersecurity Trend To Continue The big show will likely also see more discussion than ever of the fast-growing arena of cybersecurity, says Kurt Takahashi, Senior Vice President of Sales, AMAG Technology. “I would like to see a closer tie between the cyber threat and the physical threat, and melding the two pieces of data to define more proactive activity, and understand human behavior,” he says. “When you talk about Big Data, all the experts are focused only on the cyber piece. They’re not combining it with what’s happening on the physical side.” Takahashi also expects discussion at ISC West to center around biometrics and mobile credentialing. Desire For Better IoT Innovations “I would hope to see more players in mobile access, more innovation in mobile devices,” agrees Dean Forchas, HID’s Consultant Relations Manager for North America. He notes that an ongoing transition to use of mobile devices instead of cards for authentication is the biggest change in the industry in the last year. The growth of integration and partnerships among manufacturers will be reflected at ISC with larger companies sharing their booth space with smaller companies with whom they integrate “I would also like to see what people are doing with the Internet of Things – it’s a big buzz, but so far it’s in its infancy,” says Forchas. “I haven’t seen a total home solution using IoT. I think it has potential, but I just can’t get my arms around it yet. I’m hoping people are making strides in that direction.” Has The Age Of True Integration Finally Arrived? “We are really now getting to true integration,” says Dan Rothrock, Senior Vice President, Global Strategic Alliances, Vingtor-Stentofon. “More parts are standardized, and we are working with more standards. Integration has finally accelerated to the point that we have worn out the term, and so we have moved to a new term – unification.” The growth of integration and partnerships among manufacturers will be reflected at ISC with larger companies more often sharing their booth space with smaller companies with whom they integrate. “You will see more and more people (at ISC West) with names of other companies inside their booth, saying, if you have this installed, if you’re using this and are happy with it, I can integrate with it,” says Rothrock. “And I can give you a path to integration. When other people thought they were locked into a proprietary system, you will see more people saying, no, you’re not. I have a solution.” “Nobody wants to do a forklift replacement,” says Rothrock. “If people are providing a bridge where you can go from one system to another, and do it smoothly and update the technology, what a great way to go.” ISC West, held from April 5-7 at the Sands Convention Center in Las Vegas, includes more than 28,000 security professionals viewing more than 1,000 exhibitors and brands.