Management platforms in view
April 2017, CCTV, Surveillance & Remote Monitoring, Integrated Solutions, Security Services & Risk Management, Products
It goes without saying that the VMS is critical to surveillance installations. However, which VMS to choose is always an issue. Some are saying that the days of the smaller VMS solutions are over because you get a free VMS with almost every camera, although the capabilities can be somewhat limited.
If you look at the larger VMS solutions, open systems seem to be key, but no-one wants to be too open as that restricts your ability to charge – although there are open source options that do it all for free (almost). Hi-Tech Security Solutions approached some of the leading VMS providers and asked them for their input into what’s happening in the world of video management platforms.
Our interviewees are:
• Brent Cary, regional sales manager, Genetec.
• Gary Scagell, MD, Visec International.
• Graham Goldridge, regional director, Middle East and Africa, NUUO.
• Peter Ainsworth, director of EMEA marketing, Tyco Security Products.
Hi-Tech Security Solutions: Would you agree that the VMS market is being divided into the free solutions provided with cameras for a limited number of cameras with limited functionality, and the large systems able to handle enterprise projects? How do you see the VMS industry evolving over the next couple of years?
Cary: We expect 2017 to see a continued rise in the importance of subscription and managed services, with end-users in security placing emphasis on term, or outcome-based ownership versus perpetual licences. In addition to the significant cost savings and flexibility associated with this type of ownership, moving more data and computing to the cloud will allow organisations to transfer a big piece of their cyber security risk to companies who have global teams dedicated to maintaining data security.
Also, with the rise of cyber security risks affecting the physical security market, organisations will put more focus on establishing rigorous risk assessment and product lifecycle programmes in order to benefit from the latest technology available to counter those risks. Organisations will then be much more demanding on manufacturers and system integrators regarding the solutions they are installing on their network.
Scagell: There are two main categories. VMS solution providers (software vendors) who provide specific VMS solutions based on licensing, and seats of use. The second solution is camera and hardware manufacturers who provide simplified or specialised solutions specific to their camera hardware.
Goldridge: Yes, I definitely agree that there is that distinct division within our market. However, even though the initial outlay is at times a lot less going the ‘free’ route, there are significant downsides too. Firstly, being stuck with a specific brand, which may not always have the technology needed for all your needs. Secondly, a lot of ‘free solutions’ allow for certain other brands to be pulled in at a cost, but only allow for ONVIF support, which, let’s be honest, isn’t always the best and most reliable solution, especially if its paid for.
I see that there is a growing demand for these free solutions and they will keep a specific portion of the market. Due to the unique and specific needs of this region, there will always be a need for open paid platforms in which different brands and specialised solutions can be added and incorporated seamlessly with true integration, and not haphazard ONVIF support.
If more time and effort is poured into free solutions, only then I believe it will be a true threat to the paid solutions, especially to solutions that do not yet have their own cameras to offer.
Ainsworth: Sort of, but I see it being three tiers. Free software, a basic appliance/box, or highly scalable/federated server solutions. At some time in the next 12 to 24 months, I also expect cloud offerings evolving to where they will serve the mid-tier (basic appliance/box space).
Hi-Tech Security Solutions: The two options users seem to have in the VMS market is either a system that is designed and developed by a single company, or one that provides a basic solution with the ability to plug in third-party applications for whatever functionality you require. Which option do you see as the best and why?
Cary: Over the years, Genetec established strong alliances with like-minded technology partners who equally thrive on innovation. Our technology partners build products that enhance and maximise the features of our video surveillance and access control systems, so that together we deliver the best solutions and offer boundless application possibilities to various markets.
Each customer comes with unique security requirements. When leading organisations partner to enhance existing product offerings, we open doors to new applications and infrastructures that answer these needs. Our customers benefit from the largest selection of integrated best-of-breed solutions, trusting completely in the reliability and performance of our joint offerings.
Scagell: The solution that works for the end client is the best solution. In the beginning, a short and simplified lower-cost solution may be better and reduce the barriers to entry. However, a customer may graduate from this lower cost basic solution to a more enterprise-level solution.
Goldridge: Hands down, the company that focuses on what they know, being the VMS solution, and integrates with other third-parties that specialise in their own field is the best solution. My opinion is based on experience in the trenches. I find that the VMS platforms that don’t try to spread themselves too thin trying to develop a million different solutions and rather focus on what their own solution can offer are far superior and provide a better solution in totality. This also allows for a better offering and experience, and opens doors for better and new ways to integrate.
Ainsworth: I would opt for a hybrid of the two. Proprietary end-to-end is no longer acceptable. Customers demand a flexible, yet tailored solution. This means that you need to build it with end-to-end in mind, but be open enough that you can incorporate best-of-breed or niche solutions. Designing with end-to-end in mind ensures a tight user experience, but flexibility allows the freedom to adapt off-the-shelf products to be customised as required by end-users.
Hi-Tech Security Solutions: The problem of cyber security and the dangers of undefended IoT devices has received a lot of attention lately. What does your VMS do to deal with the potential cyber security threats they may face? Or, is this something the device manufactures need to deal with?
Cary: We believe that cyber threats will continue to be one of the biggest challenges the industry will be facing in the next year. The fact is that we have more IP devices and systems that are improperly secured and the responsibility for cyber security doesn’t fall only on IT departments. Every player in the physical security market, from manufacturers, to consultants, integrators and end-users will have a part to play.
So, the challenge is going to be one of education: we will need to inform customers on what is insecure, teach them how to avoid pitfalls and how to protect themselves, and show them how to better manage the risk of deploying non-secure security devices and systems.
2017 will also be a year of awareness about cyber accountability. The burden of responsibility needs to rest with the people who make us think we are secure when in fact we are not. Rising cybercrime and its increasing threat to businesses has organisations taking direct action to mitigate their risk. As a result, we expect to see a greater demand for cybersecurity malpractice insurance in the physical security space. This will become ‘table stakes’ for integrators who are working on projects in critical infrastructure, large-scale enterprise and government projects.
Scagell: For IoT to be successful, there must be a strong level of consumer confidence. Without this confidence, the technology will not be adopted. The top problems we see with IoT are:
• Ubiquitous data released from these devices.
• Personal identifiable information (PII) from consumers easily accessible.
• Increased security risks.
A successful IoT solution requires not just the IoT manufacturer to secure the device, but companies, including VMS providers to build security into their VMSes and network interfaces that connect to IoT devices. A great example is the payment industry.
In the credit card industry, for example, it was found that many supporting ancillary devices from routers, to terminals themselves were often set with the default passwords without being changed. This setup was then replicated into multiple stores countrywide (in some cases thousands of stores). Breaking into these stores was as simple as using the default PINS or passwords.
Visa’s response to this was to create a Qualified Integrator & Reseller (QIR) programme. Basically, anything relating to the credit card network now requires a certified integrator approved in the QIR programme. The programme focuses on many items with security and good practices from configuration of equipment to managing day-to-day security. This programme ensures the installer is well aware of the latest standards.
The IoT may evolve to similar certifications one day where businesses, for example, may be required to have certified partners and installers before these devices can be deployed.
Goldridge: NUUO has been at the forefront of the embedded Linux market for many years, and this is one of the many reasons we have focused our efforts on our Linux solutions. Most end users and VMS manufacturers put all their focus on internal security and completely forget that there is a far more serious threat externally. Our Linux offering is designed with that in mind, leaning on the power and extremely high security within Linux. Coupled with our proprietary software and encrypted Linux chip, we make sure our data is protected from within and above all, from any external attacks.
We have taken great lengths to keep our Windows offering as secure, supporting all major firewalls and protection software, but SIs are still relied upon to implement such measures. I do believe that the industry needs to take a page out of our book and take a more serious look at this problem.
Ainsworth: We use a six-step development-to-commercialisation methodology which not only ensures that we do not make avoidable mistakes from product inception, but also proactively notify customers (who choose to know) when vulnerabilities are announced on what/how/when they are affected, the possibility for workaround and expectations for resolution. [Tyco’s cyber security programme is discussed in another article in this publication.]
Hi-Tech Security Solutions: What mobile access do you provide to your platform? What features or functionality do users want via their mobile devices? Is it as secure as access via a control room?
Cary: Responding to incidents or emergencies in the field often requires operators to be away from their workstation. Security Center Mobile equips security personnel with unified mobile applications for their phones and tablets, allowing them to remotely connect to their security system and receive instant event notifications at all times. No matter their location, security personnel can monitor their video surveillance and access control systems, receive and acknowledge alarms, and even stream live video from their phone back to Security Center, effectively extending their capability to react to any situation.
Like desktop applications, mobile and web apps are increasingly prone to cyber attacks. In defining your mobile device strategy, advanced encryption for communications and video streaming, user authentication, and detailed authorisation mechanisms need to be readily available to ensure that hackers do not get access to your sensitive data and video. In addition, the ability to pull user and device activity reports and remotely disconnect devices will equip you with additional tools to safeguard against loss or theft.
Scagell: Mobile devices are clearly taking over. In fact, most people coming online for the first time are doing so from a mobile device. Visec has built all interfaces in a responsive manner, utilising the latest bootstrap framework (which allows web pages to render in a friendly manner on their devices), we are also working on new mobile-friendly apps.
Goldridge: We have both iOS and Android offerings available, covering just about everything: live view, playback, push notifications, I/O control, PTZ control, audio etc. Security is essential and tight user rights can contain it, but using advanced routers with proper routing is essential to become truly secure. As for data protection, unfortunately, if rights are given there are leaks which cannot be protected against for any VMS.
Ainsworth: They range from apps that connect directly 1-to-1 to NVRs, to apps that connect to your entire Victor ecosystem and see all the NVRs.
Hi-Tech Security Solutions: What are the latest developments in your VMS platform that have been recently released or are going to be released soon?
Cary: In January, Genetec introduced a Retail Business Intelligence system that will offer insightful people counting, flow-management and customer retention data. Significantly, the system will include analysis features that provides end-users with easy-to-read reports on their business.
In 2016, Genetec released Mission Control, a decision support system that will meet the industry’s continued need to support security professionals in an increasingly complex world. Mission Control provides excellent operational intelligence by offering a clear path to better decision-making with tools that analyse and qualify data from thousands of sensors and security devices in real time.
Mission Control is designed to help security professionals be professional and calm when dealing with incidents, unplanned events or emergencies, by taking human emotion out of the equation in high-stress situations. The system can integrate standard operating procedures (SOP), and will play a big role in offering each company its own customised way of managing unplanned events. We have already moved well beyond the paper-based instructions usually found in a large binder. Mission Control will offer methodical and automated benefits of integrated SOPs, which will continue to advance in the years to come.
In addition to work efficiency, cost and compatibility advantages to be gained when an SOP is integrated with a decision support system, Mission Control can also measure reaction time and monitor how precisely the security operator followed SOP guidelines, to help learn from operational experience as a key advancement in security and business intelligence.
In addition to Genetec Mission Control, Genetec also released a new evidence management system. With the amount of digital content related to security operations and increasing at an exponential rate, security departments and law enforcement are always looking for tools that help them manage and share data, and this need will continue and expand. Genetec Clearance, a cloud-supported subscription system will help meet this need in 2017 and beyond.
Genetec Clearance helps manage the increasing amount of digital case evidence from PDF documents, audio recordings of interviews, captured video from surveillance and body-worn cameras, and the many additional digital assets shared by public and private contributors. It allows for the secure collection, management and sharing of evidence from different sources. And it facilitates collaboration between security departments, outside agencies and the public to help law enforcement overcome issues relating to sharing and protecting data, and also speeds up investigations in a cost-efficient manner.
After 20 years of innovation, Genetec remains an independent, private company committed to providing our end users with intelligent, unified solutions that help keep their assets, people and information safe. By helping them to ‘harden’ their systems against criminal cyber activity, protect privacy, develop business strategies that utilise the data collected in their systems and collaborate with other organisations, we will continue to support all our end-users as they protect the things that matter to all of us.
Scagell: Visec has built the first African cloud linking cities into an easy-to-use surveillance system. Our growth has been enormous and it brings with it challenges of technology, big data and machine learning. As such, Visec has assembled a global team of the brightest to create powerful technology on the back end, yet simplified user interfaces on the front end. The end users have no idea of the CPU and processing power of what happens when an event is triggered. They just know everything works and the system can be trusted.
Goldridge: Some of our latest features include NUface facial recognition, VM Crystal and cost-effective storage solutions, and up to 80 TB of storage (NUUO Storage). We are also focusing more on third parties this year, so we tied in Lenel, Tyco, Gallagher and Paxton to offer clients more from one solution.
Ainsworth: We have recently made new products available in the fields of LPR (licence plate recognition), SD Card Trickle/NVR backfill, and more PoE NVRs.
For more information:
Tyco Security Products: www.tycosecurityproducts.com
Refer to Hi-Tech Security Business Directory ( www.hsbd.co.za) for further details on these companies.