Managing security operations for large enterprise organizations takes a certain skill set — and integrators can play a major role in helping these organizations identify and meet long-term security goals.
These enterprise organizations come in many shapes and sizes, but often share a common set of challenges — of which the C-suite is becoming increasingly aware. Risk management demands that the scope of security is widened beyond simply premises security to that of the entire business. This is where integrator relationships are strengthened and security plans are developed that meet the unique needs of these enterprise organizations.
The Enterprise Defined
Primarily, enterprise organizations are thought of as profit-making commercial businesses and while true, cities, counties, universities and healthcare facilities also face many of the challenges of enterprise organizations, such as:
- widely distributed facilities across geographic boundaries — even globally — that need to be linked together;
- disparate systems that need to be integrated into a single, consolidated operations solution;
- completely distributed network topologies; and
- a number of smaller operations centers that are in place.
These enterprise organizations seek to solve a number of requirements for a new product solution, including a need for consolidated operations, greater situational awareness, enforceable standard operating procedures, reliable reporting capabilities and more efficient security operations. Above all, a clear return on investment (ROI) for all capital expenditures is central to delivering in this market sector, and ROI is driven by the speed of deployment and a low cost of ownership, including ongoing maintenance and support.
Integrators can become an integral part of identifying the unique needs of these enterprise organizations, and have the responsibility of recommending innovative technology and software that can meet these needs. Integrators must be able to identify software that is agile, robust, scalable, extensible and simple to deploy and use operationally.
PSIM for the Enterprise
Traditionally, physical security information management (PSIM) systems have been designed to serve the needs of the large critical infrastructure market sector, such as energy, transportation, water, oil and gas. Typically characterized by a single large location, these projects integrate with highly customized systems that are unique to an industry, with large capital budgets, generous timescales and funding that often is subsidized through government initiatives.
Typically, integrators have identified a client/server system design that has usually been successful; however, this architecture has been far less successful in addressing the needs of enterprise organizations, where a cloud-based architecture better fits the operational, networking and IT strategies in place.
Today’s PSIM software for the enterprise no longer just tells security professionals which door is being opened, it also tells them everything they need to know about the entire security system in one easy-to-use platform — and this changes the approach for integrators who now need to become the experts on IT networking and the needs of these complex organizations.
Today’s integrators must focus on improving operational efficiencies and situational awareness, and to do so, must be familiar and comfortable with PSIM that has been designed specifically for the enterprise market. But how is this architecture different?
What a PSIM Should Offer
Many similar characteristics present in a PSIM platform for the enterprise are also present in some of today’s enterprise-grade cloud solutions, such as Google Apps for business, Microsoft Office 365 and Azure, as well as salesforce.com. This is not coincidental, but a reflection of how manufacturers are evolving their products to meet developments in organizational structures, as well as the IT and networking technologies that support them.
Architecture creates the basis for the eventual success of the system, as these characteristics are not features and functions that can simply be bolted on to an existing infrastructure. To deliver a performance-based and maintainable system, these architectural characteristics need to be part of the system’s basic DNA.
More specifically, PSIM software for the enterprise must contain the following characteristics to be successful and help these organizations achieve ROI:
Scalability: For PSIM software for the enterprise to be successful, it must be scalable — that is, it must have the ability for the application to grow and adapt to the needs of customers. Related to enterprise applications, this means the system must provide redundancy to protect from system failures, as well as the ability to extend capacity as growth demands. One way this is achieved is by building the platform to run in the cloud, developing a database structure that supports a multi-tenant framework that enables data separation to be enforced throughout the system. This means that separate divisions and groups within an organizations have the flexibility to run their own independent system, while still leveraging the common infrastructure of the main platform.
Extensibility: As an enterprise organization grows — whether locally or on a global scale — it is imperative that a PSIM platform be extensible to customize the system with this growth. Extensibility enables customers to begin with a pilot deployment and then roll the system out across a large, widely distributed organization. Additionally, it allows support for a range of different systems that go beyond typical physical security systems, including situational awareness platforms. Finally, it allows the customization of the system without creating a one-off version, which can be expensive to support and maintain. Instead, the basic platform is built on an application program interface (API) that ensures customizations are supported as an integral part of the overall system. APIs provide the instructions to integrate a range of systems from traditional physical security systems, to situational awareness platforms, incident management and even “home-grown” systems customers have developed specifically for their businesses.
Agility: To complement scalability and extensibility, PSIM software for the enterprise must also be agile — that is, a system that is quick and easy to deploy, maintain and adapt. To answer this, the platform should be a Web-based system, which eliminates the high IT costs to maintain and deploy, especially in large, complex organizations. These systems should allow for centralized management of all updates, which means that as new features, functions and integrations are added to the system, all users, no matter where they are located, have access to the latest version. By standardizing everything to the Web, the management of the system is simplified and provides another level of flexibility in controlling access to the system. It no longer has to be solely operators in the command center who have the client application installed on their machine; logins can be created for management, key vendors such as integrators, field security officers and law enforcement.
Operational Elegance: The design itself of PSIM software must meet the needs of an enterprise organization while still being easy to use and maintain. With a minimal amount of training, a user should be able to log in and use the system. Additionally, only the proper amount of information should be available to a user — that is, the information presented to an operator is very different than that presented to a manager, or the information presented to a law enforcement officer. This greatly reduces the training burden on individuals, while increasing the adoption and collaboration of the system across multiple business roles. Operational elegance also outlines how the system interfaces with others and how complex tasks are automated to eliminate time-consuming manual operations.
IT Expertise is Key
As integrators are tasked with identifying the right platforms to meet the needs of an enterprise organization, they must consider a number of unique challenges. Implementing PSIM software designed specifically for the enterprise space gives integrators an opportunity to form relationships with customers that help address not only basic product offerings, but how these products can best fit the security needs of the client.
This means that ultimately, integrators must be IT-savvy to deploy a successful PSIM software platform for the enterprise. Working with both security leaders and the IT department is essential to gain a full picture of the challenges these organizations face.
Simon Morgan is the Chief Technology Officer for SureView Systems.