UNIFICATION: Bringing Security and Operations Together With PSIM
As security technologies become more robust, and as more and more security and non-security devices are being connected to networks, managing all that “stuff” can be quite a burden. It’s no wonder, then, that the market for physical security information management (PSIM) solutions — which are designed to simplify the process — is growing.
PSIM software provides a single, unified platform that communicates with a number of systems, including video, access control, intrusion, analytics and other security and non-security systems, to gather the data it needs to perform six main tasks: collection, analysis, verification, resolution, reporting and auditing. The centralization and simplification of these tasks for security staff is what makes PSIM solutions most attractive.
Currently, there are a number of developments within the PSIM space that can and will have an impact on integrators’ ability to differentiate, select, sell and deploy these solutions. Herein are some of those trends, as well as tips from industry experts to ease the evaluation and sales processes.
The most prevalent trend in PSIM is the drive to integrate a larger number and greater variety of systems into platforms, particularly those that are more operations- than security-based.
“Even though the ‘S’ in PSIM stands for security, PSIM is just as much about promoting business continuity and managing operations,” says Dr. Bob Banerjee, senior director of training and development for NICE Systems’ Security Division, based in Paramus, N.J. “Management consultants, rather than security consultants are using PSIM to streamline operations. This is attractive because it impacts the bottom line more visibly than an investment in security. It addresses questions such as: ‘How can we minimize costs associated with security breaches or other disruptions by returning to normal operations faster?’ and ‘How can we reduce the amount of time a store or branch is closed following an incident?’ and ‘How can we remotely gather enough information on an oil rig that has paused drilling to quickly get it back up and running?’ Leveraging PSIM to improve operations has phenomenal ROI potential.”
Organizations are leaning on PSIM solutions to collect and analyze data from disparate systems to deliver situational awareness and insight into historical trends. The result is intelligence about security and business operations that an organization can use for investigation and developing and/or enforcing stronger policies and procedures.
“The very concept of PSIM is about bringing all controls to a single interface so that you can use technology alongside historical data to analyze, predict, and respond to security threats,” says Tristan Adams, director of business development, Bold Technologies, Colorado Springs, Colo.
The saying that information is power certainly applies to both security and operations, so it should follow that the more information an organization has available, the resulting improved security and operational practices will help security management achieve their core objectives more effectively, says Francis Lachance, director of product management for Montreal-based Genetec Security.
“Deepness of unification is very important,” Lachance says. “Solutions need to go beyond security into the operations of a customer. At the end of the day, security officers are not looking at a camera to open a door; they’re looking to manage risk for an organization.”
In fact, Banerjee says, while the term “incident management” means different things to different people, that concept is at the heart of PSIM. (For a look at the basic areas incident management includes, see “Just What Does Incident Management Mean?” on page 78.)
“Integrators who understand this and are able to help customers improve their management of incidents and operations through the use of PSIM will be better equipped for future success,” he says.
As a result of the move toward increased integration and unification of security and non-security systems, the PSIM space has also seen growth in a number of technologies designed to improve these solutions’ ability to provide situational awareness. Adding to this awareness is a significant move to adopt mobile technology, cloud computing and social media tracking into PSIM, says Brian Lettiere, vice president of product management for Melville, N.Y.-based Verint Systems. All of these technology changes add up to enhanced value for end users’ businesses and security systems by reducing overall costs, in addition to enabling more efficient incident response and improved compliance, he adds.
“Security leaders are expected to be able to collect all of the data that is given to them through different systems, such as video surveillance, access control, analytics, geo-mapping systems and more, and transform it into actionable intelligence,” Lettiere says. “For example, a financial institution can incorporate data from multiple points such as keyword searches through social media, watch list tracking and police reports, to take additional security measures should security personnel see trends develop or escalation in activity.”
Weighing the Options
For integrators, the ability to sell PSIM to their customers is important; but before that’s possible, you have to evaluate their PSIM options. Given the multitude of solutions, each with its own unique set of features and functionality, selecting a solution is no easy task. That’s why Adams advises narrowing down those options to tried and true solutions.
“A platform that is well-tested, mature, and agile will give you the greatest leverage to offer to your clients,” he says. “The right partner will lend their experience by asking questions that you may not have thought about. They may offer creative solutions to problems that are seemingly unsolvable. The right partner will work with you and ensure that your business is reflected in the best possible light to your customers.”
Deploying a PSIM solution can be incredibly complex because of the level of customization a customer might require. Therefore, ease of installation has to play a major role in the selection process, says Robert Hile, director of enterprise command centers, SureView Systems, located in Tampa, Fla.
“It’s important for systems integrators to pick a PSIM platform that is easy to install, commission, start up and maintain. This is easier said than done in today’s rapidly advancing market,” he says.
Hile suggests starting with the pricing model. If it is complicated and/or hard to figure out, explaining it to an end user will be difficult or impossible, which is a good sign to start looking at a different provider. Second, a PSIM provider should offer training on directly deploying and supporting their solution. If that isn’t available, “there is probably a good reason why they don’t or won’t offer this level of training,” he says.
Most importantly, Hile says, is to talk with the provider’s systems integration partners and end users and ask them whether their system is installed and operated as advertised.
“If the provider won’t give you their entire list of integration partners and end users to call, then you have the answer you need without even asking,” he says.
Once the possibilities have been narrowed down, hands-on experience is the only way to make the most informed decision.
“On paper, a solution may look very sexy, but the best way to get a complete understanding of what it is all about is through a trial or pilot testing one solution versus another,” Lachance says. “It’s very important to have the experience of trying to connect multiple systems before making a decision.”
As with any technology, a PSIM solution has to meet the specific requirements of a project or customer. In considering this, it’s important to look at a solution’s scalability in terms of the ability to add new sites and/or to integrate additional systems as needed in the future. For example, says Adlan Hussain, vice president of marketing for CNL Software, Knaphill, Surrey, U.K., video systems can be challenging with PSIM solutions.
“Scaling with multiple CCTV systems is an issue and special attention needs to be paid to how a PSIM provider handles this,” he says. “Management of PTZ through web clients in volume can be unacceptably slow, especially in pure web-based products.”
The ability of a solution to understand an organization’s need for a unified system that will integrate with both legacy and new technologies and systems should also be a factor, says Andrew Elvish, Genetec’s vice president of marketing and product management.
“It’s very important to answer questions about backward and forward compatibility of the system,” he says. “You need to have a very clear vision of the integration architecture, including the timeline, scale and needs, so you have to bring all the players to the table.”
No matter how difficult it may be to make a final decision on which PSIM to choose, it’s in an integrator’s best interest to see the process through to the end, Hussain says.
“A PSIM product is a large undertaking, so you are very unlikely to want to carry more than one,” he says.
Making the Sale
Once you’ve done the work and made your choice, that’s when the selling can begin. For integrators who currently offer or are planning to offer their customers PSIM solutions, there are a number of considerations that can increase the effectiveness of the sales process. For starters, no matter how exciting a solution may be, resist the urge to jump head-first into talking about the solution itself.
“The most important advice is, ‘Don’t start by pitching the technology,’” Banerjee says. “Instead, begin by understanding the true customer need. For example, how have incidents evolved in the past and how could they have been managed better? How could PSIM have delivered better results? This might seem like common sense, but I frequently encounter situations where system integrators and consultants discuss which systems to integrate and how much the solutions will cost before they even have a clear understanding of the customer’s needs or problems.”
Because PSIM solutions have potential applications for many parts of an organization, another helpful tip for integrators is to think beyond security when pitching solutions.
“Systems integrators need to be able to sell the operational benefits of centralization and the savings it enables as well as understand how SOPs (standard operating procedures) can be managed from different locations and why,” Hussain says. “This is substantially more consultative-led than current SIs normally have to manage, so an education process is taking place in the industry.”
Technology, capabilities and how PSIM solutions can address customers’ challenges are the main selling points, but it’s also crucial for integrators to understand an end user’s organizational structure when pitching PSIM.
“Today, multiple stakeholders are responsible for the subsystems that will be integrated,” Lachance says. “Because there is not one person with singular authority, there are political challenges as well.”
As security technologies continue to evolve, PSIM solutions are no exception. As a result, there should be a number of developments — in technologies, applications and best practices — in the coming months that will affect integrators and their ability to work with PSIM.
“As companies are deploying their PSIM solutions and are becoming proficient at the management of their systems, there will be a growing need to continually push the boundaries of what it can offer,” Adams says.
The biggest trend in the near future will continue to revolve around integration, as well as the expanded role of security within organizations.
“Over the next six to 12 months, expect to see more integration and compatibility with business and risk mitigation processes,” Lettiere says. “Security is being asked to play a larger role in the overall success of a business, so security leaders will be asked to correlate security data with business data to have a comprehensive view of an organization’s entire structure.”
The good news for integrators and end users alike is that the ability to integrate even more systems shouldn’t lead to more complexity in deploying and configuring PSIM, Lachance says.
“In my opinion, there is going to be more standardization of connectors, so I see integration more easily done in the future,” Lachance says. “Standard communication between systems is going to make interoperability and interconnectivity much easier.”
The sheer volume of data generated by the increasing number of systems and devices that are connected to networks should translate into the continued expansion of the role PSIM solutions play in security and operations for end users.
“As we look ahead, it is apparent that this market segment will only continue to flourish,” Lettiere says. “New enhancements and technology will continue to be introduced to help users make more sense out of the data they are collecting on a daily basis. This trend of ‘big data’ will only expand in the coming years as users find new ways to use data to help improve operations.” n
SIDEBAR: Changing the Terminology?
The continuing trend toward more sophisticated big data analytical technologies and visualization models, coupled with an increased focus on business processes, could have an unanticipated implication for PSIM — specifically what these solutions are called, says Dr. Bob Banerjee of NICE Systems.
“PSIM is not the right term for where we’re heading; PSIM is the wrong terminology for the right technology,” he says. “Until the industry comes up with a better term, there will continue to be confusion about what PSIM is and isn’t. I wouldn’t be surprised if a new term emerged within the next six to 12 months.”
Genetec Security recognized this eventuality early on, choosing to shy away from the term PSIM, calling its offering a unified security platform. Genetec’s Francis Lachance says this distinction goes much deeper than a simple name change, but also reflects a philosophical and technological difference.
Traditional PSIM solutions, he says, mainly serve as a layer on top of systems that are often not standardized and are often older legacy solutions an organization doesn’t want to rip and replace. In these cases, a PSIM solution becomes a layer on top of these older systems, which can lead to ongoing issues with compatibility as individual systems are updated.
“What we propose is a unified platform that is not only a top layer, but also adds core information into that platform to remove the complication and complexity,” he says.
Regardless of what these solutions are called today or in the future, it’s clear that their role in both security and operations will continue to expand, making PSIM (or whatever its name becomes) a valuable tool for both integrators and end users.
SIDEBAR: Just What Does ‘Incident Management’ Mean?
According to Dr. Bob Banerjee of NICE Systems, incident management is “the essence of what PSIM solutions help an organization do.” The concept of incident management often varies from person to person or organization to organization, but regardless of how the term is defined, he says, there are six main categories these solutions encompass:
- Better awareness:Having a more timely and accurate understanding of a situation and making sure that all stakeholders are updated.
- Faster response:Reducing the critical lag at the beginning of an incident and resolving it faster.
- Efficient use of resources:Acknowledging and optimizing use of limited resources.
- False alert reduction: Using alarm correlation and improved situational awareness to eliminate false alarms.
- Handling consistency: Ensuring compliance and adherence to carefully crafted standard operating procedures (SOPs) for each incident.
- Learning and improving: Conducting careful and thorough forensic analysis of past incidents to identify all “what if” scenarios and adjust SOPs as necessary.