Cloud architecture is streamlining hardware and software management for both the end user and the security dealer/integrator, offering impressive flexibility and scalability. It also has been able to generate user excitement; integrators say users are approaching them asking to go to the cloud. But at the same time, it can be difficult to navigate when cloud is fully effective, when an on-prem solution may be worth considering, and how exactly to configure a hybrid approach — which many experts indicate may truly be ‘the best of both worlds.’

Trends Taking Us to the Cloud

While talk of the cloud may seem decades old, the technology has really matured into viability only relatively recently. Bandwidth improvements may be chief among trends that have bolstered cloud’s practicality. “When I started, businesses still had 100-megabit networks,” recalls Christopher Zenaty, president, Turing AI, Palo Alto, Calif. “Imagine trying to stream multiple cameras to the cloud on that network. That would choke the bandwidth. It would end all other business activities — activities that would have been considered to be more important. Now, bandwidth capabilities are obviously significantly more. You can have multi-gig networks going to your house.”

The amount of data that can be processed in the cloud has increased and so have the capabilities of the camera. Laurent Villeneuve, senior manager, product marketing, Genetec, Montreal, says, “There was so much development in terms of what the cameras can do — the amount of processing power they have. They can now ingest so much metadata and give that to the VMS to get better results. That really helps in the transition. Initially, if you wanted to detect intrusions or to do things like ‘find the red shirt,’ it would be very complicated. You’d need a separate server where you would take all the video to be processed and sent back. And if you tried to do that through cloud services, it would completely overload the system.”

This increased bandwidth has also enabled camera resolution and capabilities to soar, but at an increased cost. “Today we see mainly 2-megapixel cameras, but image resolution is pushing towards 5-megapixel,” says Adam Lowenstein, America’s product director, i-PRO Americas, Houston. “That could be a challenge in some cases from a cloud standpoint, especially as some may be moving towards 4K and higher. So it just means you’ve got to be able to budget or manage the cost of the solution if you’re pushing that much video, if you’re storing all of it in the cloud.”

This cost can be prohibitive for some deployments, causing some integrators to be cautious about the technology, but this also presents an opportunity for manufacturers to continue improving. “I think the biggest change that will be coming will be on the video side,” says Louis Boulgarides, president and CEO, Ollivier Managed Security, Los Angeles. “Someone is going to figure out how to reliably get video to the cloud economically. At this point, bandwidth is still a concern in many cases. While edge camera solutions are a work-around, they corner the customer into working with a single company that may not be desirable for some. There are bridge devices that have greater flexibility, but again, bandwidth is an issue.”

Ultimately, Patrik Pettersson, senior manager, future business and strategic initiatives, Axis Communications, Chelmsford, Mass., points to end user excitement around cloud as an invaluable trend. “If you read any kind of cloud utilization reports, cloud has got people excited,” he says. “The expectations of our users are changing. They are getting more familiar with the cloud and they’re wondering, ‘Why can I bank, do my expense reports and my HR payroll on the cloud, but I can’t see my cameras or my system through the cloud?”

Why Cloud-First?

A cloud-first approach means designing the solution around the cloud’s capabilities. Systems and data are both processed in the cloud rather than by technology on-site. Justin Wilmas, executive vice president, sales, acre security, Plano, Texas, defines the cloud-first approach as, “Everything in the cloud, where there’s no need for any additional devices. You connect to an internet browser and everything’s there, just like we do with a lot of things today in our day-to-day life.”

And what are the benefits of going cloud-first? Wilmas says, “It’s very simple — it’s highly scalable, highly flexible. You can scale up and you can scale down as fast as you need to, because there’s no infrastructure required. And this is why IT departments really love it. Gone are the days of needing multiple servers and extensive IT infrastructure to support a system.”

Wilmas continues, “What does that really mean? Traditionally, you’d have your server that an access control system would run on, and then more than likely, you’d have the database of that system on a separate server — on a database server — and then on top of that, you’d have additional servers for redundancy, clustering, or high availability or fault tolerance. And all of that comes with a cost. And then, by the way, the servers only have a shelf life of three to five years. So guess what’s happening every three to five years? Same with your database, your software and everything else. So [with] cloud-first, just forget about all that. It’s just included in the price of entry.”

Put simply, Satish Raj, chief technology officer, Pro-Vigil, San Antonio, Texas, says, “Our preferred approach is cloud-first as it is easier to control costs and deployment: the cloud is essentially like renting resources that you can turn on and off as needed.”

There’s a simplicity to the cloud-first approach, and there’s also a flexibility in commitment to certain services and applications. “Let’s say that there’s an AI application — most reside in scalable data centers and in the cloud — that you’re interested in,” Pettersson explains. “Cloud allows you to adopt very quickly and test if they’re right for you. This could be an end user who’s self-developing something. This could be an SI who stands up managed services and they want to get statistics on their devices. In an intelligent way, you can very quickly test your solution and test its feasibility directly to cloud. And once you decide that you’re going to scale this, then you can move it to hybrid. What cloud-first allows you to do is to try something quickly. You can turn on and off services very quickly before you commit; and you can make sure it’s right for you before you do any on-prem investment.”

Cloud-First Hesitations

There aren’t many downsides to cloud-first, but they’re worth mentioning. On-premise technology has its strengths and its limitations as does cloud-based, and for that reason experts may err on the side of a hybrid solution. “People thought they could do everything in the cloud, but they are realizing that it sometimes can be cost-prohibitive and they want to move back to on-prem,” Pettersson says. “I would advise that when you’re picking a vendor, pick somebody that has that flexible capability in their offering, meaning they can take that journey together with the SI.

“Do you want to be all cloud? Perfect. I can give you that,” Pettersson says. “But once you buy that hardware, if you change your mind and want to go hybrid, can that technology go hybrid? Finally, should you decide you don’t even want to be hybrid and you want to be just on-prem, then can the technology you already have installed go to just on-prem?”

There are also two old fears haunting the cloud-first approach. The first one is internet connectivity. “Obviously you’re dependent on internet connectivity,” Wilmas says. “In today’s world, that’s really not that much of an issue, but it can be. Look, if the internet is down for too long, there’s probably bigger issues in the world we’ve got to be worried about.”

The other is the cybersecurity of the cloud (see sidebar, “Cybersecurity Concerns”).

On-Prem, On-the-Edge & How They Fit In

It seems that definitionally, on-the-edge — or on-the-device — can be splitting hairs between being an on-prem or a hybrid solution as the storage of video on-the-edge or the processing capabilities on-the-edge can potentially fit into both an on-premise solution or into a hybrid environment. I-PRO’s Lowenstein elaborates, “Some solutions store the video on-the-edge. And we understand that they may have some cloud archiving capabilities. But really, I would call that a hybrid solution. I think it depends on how each person would classify that. I would call that a hybrid solution because it’s a cloud-managed device and it’s cloud-accessible through a web browser.

“But video is being stored really at the edge in that case,” Lowenstein continues. “So I don’t know if that’s cloud at-the-edge. I would call that a hybrid approach. That’s an interesting approach because you don’t have centralized video. And there could potentially be some downfalls where if a camera goes down, you potentially may lose that video. There are arguments for a centralized approach fully in the cloud. If you’re going to go to the cloud, manage your video in the cloud.”

Boulgarides agrees that at-the-edge most closely resembles a hybrid approach — with its own pros and cons. “Cloud at-the-edge is similar to hybrid but would be a case where a camera, for example, had 30 days of storage on it and then it can be viewed in the cloud. This is great from a reliability standpoint, since each camera is basically its own NVR. If one goes down, the others continue to record. The con to this is that these systems tend to be proprietary, so using one technology would not allow for the use of a best-in-class camera by another company, for example.”

The hope with on-the-edge solutions is that the device would be an all-in-one solution — which is quite similar to an on-prem solution. “There’s edge computing, and we want to make sure that we have the most powerful device as far as analytic capabilities at the edge,” Lowenstein says. “And then there’s edge recording. We’ve got a lot of people coming to us right now and they want to make the camera pretty much the complete device with the VMS on the device.”

Mark Barbaric, senior vice president, technology integration, Prosegur Security Integration, Herndon, Va., offers his perspective on edge devices. “On the edge device, all the computing power is there on the device,” he says. “The data isn’t being sent halfway around the world to a virtual server or … actual server and calculated and then sent back. The processing is happening at the edge. There are some pros and cons behind that, but again, it goes back to the IT infrastructure and the bandwidth availability that the customer has on site. All of this has to be considered with edge devices.”

Ultimately, there are gaps in both the cloud’s capabilities and the device’s capabilities. Dean Drako, CEO, Eagle Eye Networks, Austin, Texas, says, “Some realize they can’t do AI on their on-prem system practically — it’s too hard. It takes too much hardware. [they] can’t maintain it, and it turns into a big mess. Many have tried.”

There’s also a small, sometimes overlooked, pain point. “It can be pretty painful to pull the footage if it’s on-the-edge storage,” Drako adds. “You sometimes have to drive there in order to do it.”

Because of this, many experts agree that a hybrid approach offers the most comprehensive, complete and flexible solution.

The Hybrid Approach

Finally, we arrive at hybrid. This approach can leverage the strengths of both on-prem solutions and fill in some of its gaps with the benefits of cloud environments. “The hybrid approach could be cloud in one instance, and then maybe an on-prem solution in another instance, but it would still be one solution,” Wilmas says. “There are some pretty interesting reasons why you would set up that way.”

Lowenstein says i-PRO is embracing both sides — or the hybrid approach. “What that means is flexibility for the end user,” he says. “Some customers want to continue to invest in an on-prem solution, but are looking for cloud features. They want a remote management tool or something where they can access that video easily without punching a hole in the firewall. And they want to be able to see all their cameras globally at their fingertips. Some are just looking for cloud archiving. I’m going to have 30 days on site and I’m going to store the rest in the cloud because I have a six-month retention policy or something like that. So I’m going to do cloud storage by offloading my video more long term.”

When our customers — especially our commercial customers — contact us and say they want to be more secure, they’re looking to us for advice almost like a doctor. So when we go with a cloud or hybrid cloud, they know that they can trust that recommendation and that we can explain to them why that monthly fee makes it better for them.

Zenaty agrees, saying Turing AI also embraces the hybrid approach. “We went to a hybrid model where you could have local storage for the 24/7 recording, but all the analytics are done in the cloud because the processing power and capabilities of the cloud far exceed what you could do locally.”

Boulgarides cautions, however, that there are two potential “cons” in this case. “One is that there is a need for hardware and potential failure of that hardware at the client’s site and the need to make sure client-side hardware is cybersecure and that all patches have been updated. The other constraint is bandwidth. While storing video on site reduces that need for bandwidth, requests to view video live can tax that available bandwidth of the on-site systems.”

Hybrid opens the door to scale up and scale down, and it unlocks the freedom to increase or decrease user reliance on the cloud. “The biggest pro I see is the increased compatibility and a much smoother transition to cloud — to SaaS technology really — at your own pace,” Genetec’s Villeneuve says. “That’s why a lot of customers are asking us about our hybrid offering. They’re looking for that because they have things they want to keep in place, but they’re opening a new site in Ireland, and they want maybe an appliance there, a camera here, and minimal pain.”

As integrators work with end users, the hybrid approach can get a bit complicated. This leads to an increased responsibility for the integrator — and an increased opportunity for continuing support that can be leveraged as an additional source of income. “Hybrid is more of a blend of technologies,” Villeneuve continues. “You’re looking at connecting some on-prem systems to some cloud applications dedicated to certain operations. If you look at your entire deployment, maybe you’re going to pick and choose what works best at every point in time for every location and every department. So it can get pretty complicated. I would say in terms of the architecture, making sure that everything’s going to work for each location is something that requires a lot of help from your channel partner or from the tech provider.”

Where’s the Data Stored?

There are standards, regulations and legislation determining where the data is actually being stored, because — as Wilmas puts it — the cloud is not magic and that data is somewhere. “General Data Protection Regulation (GDPR) is a big trend,” he says. “Cloud can have challenges depending on how the systems are set up and where that data is being stored, because you have to be able to keep that data somewhere.

“That’s what people don’t really think about,” he says. “They use this term cloud, and people often look up to the sky, and they think it’s like magic. It kind of feels that way, which is really cool. But at the end of the day, all that data still exists in data centers. And those data centers are all over the world. So how do you make sure that the data that you have is being stored in the right location, in a data center inside the country of origin?”

GDPR is a law in the EU that — among other things — regulates that data should remain within its country of origin. Wilmas continues, “In the United Kingdom or in Canada where GDPR is really strong, the data can’t leave that country. You may have an on-prem solution running that same cloud software and connected through the internet, but the data for that country is staying within that country.”

In part 2, we will look at who’s going to the cloud and how to generate RMR with cloud architecture.