printer friendly version

The changing face of the commercial customer

The convergence of electronic security onto enterprise networks is turning IT managers into systems integrators’ primary point of contact for corporate accounts. Find out how this dynamic is playing out and the secrets to ingratiating your company with these customers.

It is dizzying at times. Change is happening so fast we can hardly keep up with it. Two years ago it was the new technology entering the marketplace. Then, at about that same time, the economy began to rapidly change in the wrong direction. There is yet another change the security integrator needs to heed: the changing face of the customer.

In years past the security director ruled the roost. He was in charge of risk assessment, manpower and technology. He had the buying power and the authority to make decisions. That was then, this is now.

There is a new sheriff in town. He holds the purse strings. He approves the technologies. He is the gatekeeper. He is the IT manager. Understanding his world, concerns and needs are essential to long-term success as an installing security systems integrator.

Security is important, IT is critical

The IT manager has naturally assumed more and more control over core business systems because his environment is the core business system. Remember life before the network? Back in the day, the central communications hub of a major corporation was the mailroom. Now it is the main distribution frame (MDF).

Whether it is e-mail, Websites, instant messaging (IM), customer relationship management (CRM), databases or video security, the network carries it all. The IT manager needs to keep it all running. He needs to make sure a distributed denial of service (DDoS) attack on the corporate Web site does not take down the e-mail servers. He needs to ensure that the new video camera system does not prevent the CEO from getting his e-mail. He is tasked with, literally, keeping the business running.

It is not that security is not needed anymore. To the contrary, it is more important than ever. But that need, like everything else, is changing too. While businesses are still vulnerable from internal and external physical attack, the threat of an intruder on the network has grown exponentially.

In the past, it used to be relatively safe to assume that a small, unknown company would be safe from most network attacks. Such a company had to be more concerned about a burglar hopping over the wall to steal physical assets. This was where the security manager got to shine. This was his turf. Now, though, random hacking and virus attacks can hit anyone, and an increased knowledge of networking and network security is required, no matter how large or small the company.

If someone breaks into the back door of a company, it will cost money and time to replace equipment, to repair damage. It will hurt. But if a company’s entire database is wiped out, or if the supply chain network link is broken, or even worse if private customer information is stolen in a network break-in, the company could be completely taken down to its knees. The damage could be severe and irreparable.

Do you envy this person yet?

IT manager as gatekeeper

Because of the responsibility of keeping day-to-day operations of a company going, the IT manager has been given unprecedented authority over his domain. He needs to establish rules and standards for every device that touches the network. He needs to set procedures for how much and what kind of information gets sent over his network. He alone can determine how many employees get to access the network remotely, and for what purpose.

As our security technology has migrated more and more onto that same network, he also has been thrown into the position of deciding which of that security equipment is acceptable or not. This poses new challenges for the integrator; or at least the integrator who does not know how to interface with that person.

A new breed of integrator

This challenge has been a difficult one for the security industry. With some exception, it has been like turning the Titanic. For the security integrator and manufacturer, change has come slowly.

A hole was created. The security industry did not move fast enough to fill that hole, and a new breed of integrator and manufacturer moved in. Nature abhors a vacuum, which is what we had. The state of the security manufacturer is a discussion for another time. Here we will focus on the integrator.

The new breed filled that hole quickly. These companies were IT-centric. They had been supplying the IT managers with product and services for some time. They spoke the language, understood the culture. They were already in place doing other work, so why not provide security as well?

One such company, Ojo Technology in Fremont, California, has been very successful focusing on the IT niche, and for the most part foregoing the analogue world altogether. “We specialise in IPVS [IP video systems] deployments. Analogue systems are typically less profitable, and oddly enough we fail to win the projects that are analogue-based more than IP-based,” says Bob Kusche, vice president of sales for Ojo.

The key to being successful with the new IT gatekeepers is understanding what makes them tick. In the early days of the convergence wave, the IT administrator was very wary of putting a large number of streaming video devices on his network, worrying about the impact on daily traffic. When asked if this is changing, Kusche says, “They seem to be more comfortable with the concept than they used to be. We get very little resistance once we establish the concept of a VLAN and how it protects the customer’s business data from conflicting with video data.”

Relating to the IT manager

There are many differences between the IT manager and the traditional security manager. One of the biggest differences between the two is the inherent understanding of technology.

While the security manager was concerned with guarding assets, technology was only one option. With the IT manager, it is all about the technology. This fact must be recognised when approaching this person. It must be remembered, however, that beyond this person, as you approach the higher echelons of management, the technology becomes less important and things such as budgets and return on investment (ROI) need to be focused on. But for the IT guy, it is the parts and pieces.

Some IT managers see all the appliances on the network as just that, an appliance. They do not care if it is sending video, phone calls or e-mails. Any service is like any other service. And at the network level, that is true, although the impact of video services on the network is something with which he may not be familiar. There is actually a great disparity between the knowledge levels of IT managers throughout the industry. The current experience level of the IT manager you are dealing with must be determined in order for you to know how best to approach them.

Vern Gillespie has been teaching networking concepts and certification classes for years. He is currently a network trainer for Pelco and holds several networking certifications (CCSI #32830, CCNA, MCSE, MCP+I, Security+, Network+, A+).

“I think we are seeing more IT admins opening up to the idea of adding a number of services to the network including video,” says Gillespie. “Over the years IT has gone from simple networks to very complex networks that support not only computers and the flow of data but phones, HVAC, access control, e-commerce and video. Most admins see this as an advancement in their careers because of the added responsibility. Others may fear it because they lack the proper knowledge to make it work.”

Shifting budgets favour IT needs

Along with the movement of responsibility from security to IT, budgets have also seen a similar shift. Because so much is riding on the reliability of the network, no expense is spared in keeping it running. In these tough times, you may often find that the only person with any money to spend is the IT admin. Unfortunately, this shift can cause some measure of conflict between security and IT, with the integrator caught in between.

Recalls Kusche, “We installed a leading-edge IP system at a museum, and there was quite a competition, fight might be a better word, over who would ultimately own the solution. Being uncomfortably stuck in the middle, we observed the verbal exchanges and tried to stay as neutral as possible. Bottom line is that the CEO finally sided with the IT department, both because of the technical nature of the solution and because the majority of the budget came from the IT side, although it was split among both.”

There is one important fact to remember. Network folks love new gear. Instead of worrying whether or not the budget will be available for your system, impress upon them how the new system may require them to upgrade and justify the purchase of that new switch they have been looking at.

Security industry needs to step up

Network- and IP-centric integrators and manufacturers are making a big splash in the market today. This is causing a great deal of unnecessary confusion and panic among traditional security players. Some simple changes to the selling philosophy will go a long way. Preach convergence, not product; solutions, not sales. You cannot fight on a strictly technology playing field anymore.

The education is out there. The personnel are out there. It is time for the old school to join the new school. There is still a lot of analogue business out there, for sure. But the IT manager holds the keys to the future.

'The Changing Face of the Customer' originally appeared in Security Sales & Integration magazine and has been reprinted with their permission. Steve Payne is a network/security system sales engineer. He can be reached at stevp51@gmail.com

Share this article:

Further reading: