As with all industries, terminology develops over time, often without a clear definition. Everybody starts using the terms.
The pictures in the minds of the audience can, however, vary substantially. This is particularly difficult when the client and service provider have a different understanding of the term.
So what should the term ‘Integrated Security Solution’ actually mean?
The development of the security arena over the last 20 years helps to provide an insight into the term.
Back then, if you needed security, you hired a security guard. Need more security? Get more guards.
With the arrival of the electronic age, and particularly the relatively low cost of technology, the technocrats started trying to replace the security guard with technology. To this day we sell the technology where possible, on the promise that a reduction in manpower cost pays off the technology cost. Technology doesn’t sleep while on duty, strike or ask for increases. The sales pitch was – and still is – good, and the demonstrations of the amazing things technology could achieve were – and still are – appealing. Then came the big step where the different technologies were able to work together so that information about one particular incident could be gathered from different sources, for instance the access control and CCTV installations. This is ‘Integrated Technology’.
The guards still couldn’t be totally replaced, so the question became how to use these two systems to complement each other. Someone had to know how to get the information from the system. Technology can measure and record, but the human needs to watch, evaluate and react.
The technology still needs human input, and so this was a good time to involve the guarding fraternity, and we created the controller or control room operator.
This is what we started to refer to as ‘Integrated Security’.
Is this ‘Integrated Security’?
No, it is not.
We have successfully left behind our PsiRA-graded security staff member, who is now the control room operator facing a room full of technology and being asked to operate it and access information from it. This is way outside his training and experience.
This human has been left behind in the massive technological advances. He finds himself with challenges in equipment operation that need proper training, not the two-hour handover training. The same problem is faced by the management staff, who possibly have even less training and very little exposure to the technical world.
The challenges, suggested solutions and points to ponder in this puzzle are dealt with in depth in my book, Security by Design.
Some of the key points are:
There are probably five main centres of knowledge that are vital to the success of the security solution. They are best shown in diagram form:
My book deals with all of these subjects in depth.
The bottom line is that if you truly want ‘Integrated Security’, you must:
- Know what your problem is.
Don’t be ‘blown away’ by amazing technology – match the solution to the problem.
- Continually re-evaluate everything. Remember that the target is always moving.
- Train and manage the people so that you have the right person in the right job and the right number of people.
With changing risk and therefore changing reaction, the only answer is that the core design must be flexible enough to allow for the changes that could occur. A good design should have competent reporting structures that give management the information to make the changes when the risk changes. Good reporting becomes part of the intelligence, and so the game of cat and mouse goes on.
Eventually, the inevitable happens: the crooks get around the ‘carefully planned integrated security solution’. You are then saved by a system that is truly integrated.
Your carefully trained personnel will be able to provide all the evidence needed from the carefully integrated technology and be able to present it to the investigation team in the best format possible so that the issue can be solved and the way ahead re-evaluated.
Note the terminology used – not ‘react to what has happened’, but rather ‘re-evaluate’, starting with ‘Have the risks changed?’
And so the cycle goes.
After all that, the security solution is like playing a musical instrument. You will be continually fine-tuning it to get the best result.