Extracting value from security

July 2012 Integrated Solutions

We have all heard that spending money on security is a grudge purchase for business executives who prefer to spend money on things that have a direct impact on the bottom line – or on a golf membership. Of course, living in South Africa means that, grudge or not, money must be spent simply to ensure one’s company can keep on functioning.

This situation is the one most companies and residential committees deal with each time they consider installing new or updated security systems. You spend money to try to keep the criminal element out, and that is where it ends. This is not a necessary situation, however.

When done correctly, and with the correct partners, security can work to keep the bad guys out, but also to provide measurable support for the goals of the business.

Hi-Tech Security Solutions invited four industry players to join us around our boardroom table to discuss the idea of gaining a return on investment (ROI) from security installations, and to tell us about real-world examples they have been involved in.

Our attendees were Neil Cameron from Johnson Controls Africa, Edward Agostinho from Cisco SA, Kelly McLintock from UTM Group and Gus Brecher from local surveillance equipment manufacturer, Cathexis Africa.

Kelly McLintock, Edward Agostinho, Gus Brecher, Neil Cameron
Kelly McLintock, Edward Agostinho, Gus Brecher, Neil Cameron

While security globally may still be much of a grudge purchase, Cameron believes that trends are different in South Africa as people can “touch and feel danger and threats on a daily basis” and people are very aware about their safety. “What people are doing though, is they are looking for more than just opening and closing doors and capturing footage you can look back at to see an event happening.”

Neil Cameron, Johnson Controls, Africa
Neil Cameron, Johnson Controls, Africa

Brecher agrees, noting that while security may be a grudge purchase in Europe where the crime situation is under control, when it comes to integrating different aspects of security to achieve a greater business goal, there is more cooperation between the various members of a company.

Gus Brecher, Cathexis Africa
Gus Brecher, Cathexis Africa

“In Europe and in the UK specifically, you find the communications between different divisions within a company is a lot better, there are fewer divisions between the divisions, so to speak,” Brecher says. “If you wanted a system that could service more than simply security, you can get the people talking a lot easier, whereas locally there still seems to be little pockets or silos you need to overcome. The IT guy does not want to talk to the security guy, the security guys do not want to talk to the finance guys and the logistic guys and so on.

“To deliver an integrated system in South Africa, the challenge is getting those people talking and working together to provide a solution for the whole company.”

ROI in retail

Brecher provides an example from a Cathexis client in the UK, a retail outlet that sells electronic goods and cellphone contracts and so forth. It was using an entry-level surveillance product, had disparate access control systems in use with a selection of time and attendance and other related solutions.

The company used security systems when it felt it was necessary, but was not really interested in paying top dollar when less costly options were available. In various discussions with the client, they discovered that the company had booths where mobile phones and contracts were sold. Due to the nature of the products, a security camera covering the area was a reasonable idea – to deal specifically with security.

The installers came up with the idea that, using a system with a camera and a microphone and recording the conversations between sales people and customers, the company could actually use what would simply have been security footage to assist in training staff.

“So now they record the conversation, play it back with the sales person afterwards and discuss his/her performance, offering advice as to what they could have done differently,” explains Brecher. “Immediately you are incorporating the training department, which could contribute to the cost since the footage is invaluable for on-the-job training.”

The retailer, which has around 2000 branches, is very strict on its point of purchase advertising and marketing placement within the stores. The traditional approach was for the marketing team to conduct spot checks at random stores around Europe, which is time consuming and inefficient.

Using the basic foundation of having effective security cameras in place again, the marketing department can now dial into various stores and do an assessment from head office. It saves time and money, without reducing the effectiveness of the process.

Cathexis was also involved in other areas, such as integrating logistics systems to ensure goods coming in and out are scanned, with video verification on each transaction.

“By the time we finished, instead of just a security or risk budget, you had marketing, training and the operation’s people onboard with the security team, and suddenly that product did not seem so expensive. So it was not so much of a grudge buy.”

Agostinho recalls a similar project with a mobile service provider where they required the audio of transactions for cellular contracts. “When taking out a contract, customers tend to say one thing in front of an agent and then on paper it is something completely different,” he explains. “So for them, the crucial part was the actual audio of the transaction between the customer and the agent helping them.”

Neil Cameron, Edward Agostinho
Neil Cameron, Edward Agostinho

Another crucial area for the company was the placement of marketing material. They wanted to conduct marketing analytics on the flow of traffic into and around their stores. Does someone first go to this counter, or do they first go to this display, so that they can strategically position their marketing content. “I have also seen things like mining sector: guys that want to be able to count how many people are actually going down the shaft. So your security footage is not only there for security, but for intelligence and safety.

Is retail leading the way?

McLintock’s experience in the retail and pharmaceutical sector also points to a growing trend to looking for benefits outside of security-only issues. He says there is a growing shift in thinking to look at what else they can get out of their surveillance systems as opposed to “the guy jumping over the wall, or coming through the window”.

Kelly McLintock, Gus Brecher
Kelly McLintock, Gus Brecher

He says, “We currently work with retail clients who utilise CCTV for merchandising on a national basis. Among the areas in which they use their surveillance solutions include feet mapping, store design and so forth, as opposed to watching people coming in and out of the door.

“We even have a retailer analysing the demographics of customers entering their stores. We can determine the average age of the person coming into the store, what their race is, how many children tag along, how many women, how many men etc. So now they are stocking their stores according to the demographic in that specific region as opposed to the specifics determined by a national committee.

“Analytics has become a lot more mature and if used in the correct manner, as opposed to where it was just looked as a bolt-on to what you had in the past, it can deliver amazing results.”

To achieve these integrated solutions that deliver benefits to different areas within a business, however, one needs a security team that understands more than security.

Selling the business case

Brecher says selling customers on the idea can be difficult. You have to sell the business case, highlighting the business benefits rather than the traditional security outcomes – which you still need. Of course, it does not help if people leading the various departments are not open to doing things differently.

The convergence of IT and security is definitely helping to push the ROI trend, because risk and security managers are becoming more sophisticated and they are opening up to the possibilities that are available within the technology field.

Agostinho adds that while IT, security and other divisions have separate budgets, when you approach the different managers with a value proposition that solves a problem or meets a need they have, they are often open to supporting the project. However, they are not going to do this if you cannot demonstrate how the final solution will deliver what they require. If you can do this, it will mean a larger budget for the project, since everyone benefitting will add to the pot, resulting in the availability of enough funds to pay for a top-notch solution.

Of course, you still get the leaders that are totally focused on protecting their turf and are threatened by anything new or that they do not understand.

McLintock adds that as companies break down the traditional hierarchical management structures and create flatter organisations, communications between divisions is improving, supporting integrated projects that meet the needs of multiple departments. Perhaps because there is less place to hide when all the hierarchy is gone?

Driven by technology

In addition to a business case, Cameron adds that as technology advances and more companies are able to consider integrating multiple platforms and systems, the ability to add value to various segments of the business will naturally grow.

“As little as five years ago you installed a CCTV system, an access control system and so forth, and they were all independent solutions that did not talk to each other without some intricate integration efforts or expensive management platforms.

“Today’s technology enables them to be pulled together far more easily. And we are still in the beginning phase of this integration trend. In 10 years or so, it is likely there will not be a platform that cannot be integrated with others. And then people will have to talk to each other because it will be easier to see the benefits available from whatever platforms and systems one chooses.”

Both Agostinho and McLintock note that the move to IP has been a significant milestone in the trend to integrating different systems. Voice over IP (VoIP) in particular broke the mould and taught businesses a lot about the potential of IP and all the different functionality you can include on a single platform. As the security industry converges to IP, which it is, no matter what some may say or wish for, the same principle will apply.

“The more open the manufacturers become, the lower the costs will be and the better the benefits will be to the end users because they are not actually bound to a specific brand in order to rollout across the board,” says McLintock. “With an open platform, I can use whatever I need to be on that platform and all the devices speak to each other. Then I am not making a decision based on a brand or product that I am forced to use, but the solution best suited to what I need.”

While there are a number of people who still opt for ‘everything from a single supplier approach’, there is a growing crowd who want to select the right tool for the job, no matter whether their supplier approves.

“They do not want to be dictated to,” adds Brecher. “They want to purchase a solution that meets their needs now, and if in four years they want to add in the latest camera, it is a simple process to do it.”

Depends on your installer

All the round-table participants agree that just as the ability to integrate security systems and platforms effectively depends on the installer or integrator, the same applies to cross-departmental security installations designed to deliver value to the business, and perhaps even more so when the results are measured in rands and cents.

Here again, as noted in our integration round-table some time ago, the problem of installers that have made a name in the world of analogue technology and have not educated themselves effectively in the IT (including IP) world comes up. While it is true that analogue systems can be integrated into IP systems, to take the integration further up the ladder to delivering business benefits needs an in-depth understanding of IP as well as local and wide-area networking – as well as South Africa’s blight, bandwidth.

If you are installing a four-camera IP system, it is a simple enough task with basic IP skills. But in the business world, with multiple cameras and other systems that need to be integrated, you cannot operate by the seat of your pants.

Agostinho adds that when it comes to analytics, the quality of installers is more crucial than ever as these systems are complex to set up. To be accurate and deliver meaningful information, the installer needs to not only understand technology, but also camera placement, lighting, environment etc. And some installers just do not have the skill to know what to look for.

“Particularly for outdoor projects, you have got different light conditions, morning, afternoon, night and the different seasons when the sun is in different places – do you know what impact the shadows would have on your desired outcome?” asks Brecher. “For many installers, it is just not worth the effort to do it right.”

Agostinho adds that Cisco measured the time involved in an installation and found that setting up the analytics took about 70% of the time. Installers who are not skilled in this line would not be able to even guess the cost and time involved with any accuracy, potentially leading to unhappy clients faced with a bill far exceeding their expectations.

“I think South Africa is full of fantastic sales people,” says McLintock. “We have got fantastic sales people, we can sell ice to Eskimos, but when it comes to your standard integrator, what the salesperson sells does not always happen in reality.

“And this will get worse as more non-security service providers see security as an easy add-on to their current business that will improve their margins. Putting a camera on a door or a biometric access control system cannot be that hard, according to them. The problem is they have the ear of their customers, until their systems stop working and then it is the fault of the product or ‘immature IP technology’. ”

Finger pointing

Another problem with large installations that require multiple skills and products is the lack of a single leader. Cameron points out that often subcontractors are used and when something goes wrong, the finger is always pointed to someone else.

What is required in all projects is a single source of responsibility, someone who will take the problem and follow it through to resolution. This can sometimes be a consultant, but it must be a person who knows enough about the whole project that he/she can troubleshoot the issue and assign the right person to fix it. It also needs to be someone that has the authority to overrule contractors who want to pass the buck.

He suggests retaining a single technology contractor that is responsible for the integrated installation from start to finish. Larger companies have better skills on board to fulfil multiple project requirements. However, whether the single contractor uses multiple subcontractors or its own people is irrelevant, its responsibility is to deliver what the customer requires without being able to pass the buck.

Another critical issue is that of cost. All too often, the costs the customer expects to incur meet expectations initially, but seem to soar over the life of the installation, especially when they want upgrades or extensions to the initial specification. Moreover, maintenance is an often forgotten or underrated aspect of a project; even the seemingly insignificant costs such as keeping cameras pointing in the right direction, focusing and cleaning the lenses can cause problems down the road if not included in the initial estimate.

Experience is the best guide when looking at the installations cost over a project’s lifespan. However, experience in a single product range, as happens with many consultants can be a trap when the customer wants to add in products from other manufacturers.

There is no easy solution to this problem, but the starting point is to ensure the initial project is based on real open standards (not the badges manufacturers can stick on their products that mean nothing), but standards that are enforced and allow true integration without reinventing the wheel. In instances when this approach is mandatory and the products involved tested to ensure they are open, diverse products that meet the needs of the company and not the manufacturer can be brought in as required. This will provide the customer with the security that, even should a manufacturer decide to introduce a new range of products that are incompatible with everything it has done before; other brands can be chosen and slotted into the platform.

Openness is more important than many people realise. McLintock notes that South Africans are generally quick to adopt technology, but in some cases will hold onto that technology and bleed that asset until there is nothing left. In these instances, open standards are crucial to ensure the long-term viability of the project.

Brecher notes that Cathexis is involved in a mining installation where the oldest cameras on site are 10 years old, and still work with the latest megapixel IP cameras and control room software.

Who is the decider?

The topic under discussion can and did include much more information, and could have continued for much longer. However, space restrictions prevent us from printing more of the information imparted.

To end the conversation, we asked the participants to identify the person who makes the decisions about what products, systems and platforms are to be employed in a project, specifically on that which delivers business value. Obviously, the final decision must be made by someone in the customer’s employ, but who gets the job?

The scope of integrated projects extends beyond the job description of the traditional security manager, and also beyond the knowledge of the IT manager who knows little about security. More importantly, as integration and ROI become the norm in a few years, who will be making the decisions then?

Cameron expects to see more people in the role of risk managers making decisions than security managers. These risk managers are not people with police or military experience, but are more business focused.

Brecher expects it to be the financial manager or someone responsible for managing the entire team, such as a divisional MD or operations director.

McLintock agrees with both. He expects the decision maker in the near future to be someone in a new position covering risk and finance.

Agostinho expects IT to have a greater say in things, but admits that IT lacks the security knowledge. “They know how to make systems work, but they do not know what to look for, how to handle situation, or how to react to an incident. Having said that, I expect IT will move from an infrastructure support perspective and climb the ladder … not because they necessarily want to, but because they have to.”

While asking the question about how security installations can deliver business value, it seems our conversation has reverted to a few of the topics we see a lot of in the security technology world: integration, IP and open systems.

And once again, the idea that the security manager is a dying breed has come up. It is not so much that the security manager is going extinct, but rather that the job is evolving to include other aspects of risk involved in securing the whole company. And a good dose of business smarts and financial insight will not hurt either.



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

A contact-free hotel experience
Issue 7 2020, Technews Publishing , Access Control & Identity Management
Check-in and go straight to your room without stopping at the reception desk at Hotel Sky in Sandton and Cape Town.

Read more...
Management of PPE allocation made simple
Issue 7 2020, Powell Tronics, Technews Publishing , Editor's Choice
Of all the roadblocks and challenges COVID-19 has introduced us to over the past few months, one of the tasks organisations have to manage is the issuing of PPE to staff.

Read more...
No downtime for transport security
Issue 7 2020, Secure Logistics, Technews Publishing , Logistics (Industry)
After a brief downturn in crime due to the COVID-19 lockdown, the transport sector is once again at the centre of a crime spree.

Read more...
Warehouse security and the pandemic
Issue 7 2020, Technews Publishing , Logistics (Industry)
The warehousing industry is under intense attack from organised, armed criminal syndicates following the lockdown.

Read more...
From the editor's desk: Waiting for PoPI
Issue 7 2020, Technews Publishing , News
A while ago we heard of yet another cyber breach, this time from Experian.

Read more...
An exciting journey in security
Issue 7 2020, Technews Publishing, BTC Training Africa , Editor's Choice
Errol Peace describes his 40-plus year career in the security industry where he was and is a great proponent of training as an “exceptionally exciting journey”.

Read more...
Secure IoT devices and networks
Issue 6 2020, Technews Publishing , Cyber Security
Check Point Software’s IoT Protect solution secures IoT devices and networks against the most advanced cyber-attacks.

Read more...
Keep your distance with PeopleCounter and DistanceGuard
Issue 6 2020 , Integrated Solutions
Using 2D and 3D LiDAR sensors from SICK, people can easily uphold the recommended minimum distance in public and pre-defined spaces.

Read more...
From the editor's desk: Covid consolidation
Issue 6 2020, Technews Publishing , News
The global security industry has seen quite a few high-profile mergers and acquisitions over the past year or two, with an even greater number of smaller companies that don’t get the headlines also merging, ...

Read more...
Critical control management
Issue 5 2020 , Integrated Solutions
The critical control management process is an excellent practical approach to ensure effective controls over potentially catastrophic events.

Read more...