PSIMs in the age of acquisition

Aug. 16, 2017
The highly customized PSIM platforms of old are not well-suited to meet the needs of today's enterprises

Mergers and acquisitions are a common event in today’s fast-moving markets. We have seen this phenomenon in our industry as well, as some of the largest names in the market have merged while others have grown rapidly through acquisition.

For businesses evaluating the impact of a merger or acquisition, the security department is often last to be considered. This presents security managers with a number of challenges in protecting the personnel and assets of the enterprise.

The initial promise of physical security information management (PSIM) systems was to have a single operating view integrating diverse systems and standardizing response for all systems being monitored. Traditional PSIM platforms were developed for critical infrastructure environments, where highly customized solutions were required for particular customers and applications. However, for dynamic enterprises attempting to deploy a PSIM, the challenge was finding a way to integrate a highly customized PSIM solution with the diverse security systems which were already in place in new companies they acquired. Not surprisingly, this can be expensive and has long been a pain point for organizations whose growth strategies involve acquiring other companies or facilities.

Acquisition often introduces new and different business and security systems into the overall enterprise, meaning that even if the parent company has standardized on one or two different systems, that number can easily increase to 10 or more. Introducing this many highly customized systems into a dynamic, changing enterprise, is simply not feasible. Communication between these systems is all but impossible, making management expensive, time-consuming and highly error-prone. The alternative, ripping and replacing non-conforming systems in an effort to maintain platform and system standardization, is rarely practical as it requires an even greater investment in cost and time.

Fortunately, with technological advances come new PSIM offerings that provide a standardized integration model which scales seamlessly as businesses grow. The new-generation solutions are flexible, scalable and fully functional for a wide range of commercial applications. These new platforms and integrations are delivering new capabilities to the security operations center (SOC) that improve both proactive and responsive security.

Integration and Standardization

Without question, one of the most attractive capabilities of PSIMs is the ability to integrate multiple systems into a single interface. The most effective PSIMs offer open architecture that makes these integrations simple, easily maintainable, cost-effective and scalable. This flexibility to seamlessly integrate virtually any solution from a wide variety of manufacturers, including legacy systems, saves money while also streamlining operations and providing more complete information for incident response.

New PSIM solutions offer greater effectiveness by also standardizing functionality across different classes of systems, eliminating the costly custom solutions common in the past, and delivering a consistent user experience. When integrated with a PSIM, every access control or video surveillance integration, for example, should perform the same, regardless of manufacturer. This ensures security personnel can follow established response procedures no matter what system they happen to be connected to.

Simplicity

When responding to any incident or event, time is crucial, particularly for high-priority or potentially dangerous situations, and the key to ensuring the most consistent and effective response is simplicity. Operators should have fewer and simpler steps to follow, and ideally, they should never be required to make decisions or learn new software procedures on the fly. This only increases stress, which can negatively impact their ability to quickly respond in the most appropriate way and can make an already volatile situation even more so.

Creating and leveraging a high level of standardization between systems, regardless of the type of alert, alarm or event, PSIMs reduce the potential for human error or overreaction by providing easy-to-follow workflows that guide operators step-by-step through the proper standard operating procedures (SOPs) for a specific incident using simple yes/no questions, directing them what to say and do and providing quick links to prompt necessary actions like triggering a building-wide mass notification. The answer an operator provides for each question determines the next step to significantly speed and simplify the process and ensure effective response in a crisis.

Automation

To simplify response even more, advanced PSIM solutions utilize automation to perform many of the more mundane and less critical manual tasks associated with response. The steps these solutions can remove from the process might include marking the time of the event, Active Directory user login, GPS identification of an incident’s location, finding the nearest camera and more based on an organization’s established SOPs. Often this can reduce what would otherwise be a 30-plus-step manual response to just a handful of critical tasks that require human intervention, such as determining whether a person seen on video represents a potential threat, along with other factors that are key to identification, situational assessment and proper response.

In addition to standardizing the entire response process, automation also enables PSIM to standardize the creation and initial completion of audit, legal and compliance reports within an incident management system. This creates massive savings in time and cost and ensures consistent outcomes, correct reporting and reporting that adheres to established company standards. Without an open-platform PSIM, this would likely require manual processes for each disparate system – an extremely expensive and time-consuming prospect.

A final and crucial consideration with any software deployment is cybersecurity. This is particularly true in complex enterprises where openness, collaboration and flexibility are fundamental to the value of the software system. Closed client server applications may reduce risks but are not always appropriate for dynamic corporate environments. Security managers need to ensure their software platforms have strong built-in cybersecurity measures that have been tested and verified by both automation and humans at accredited cybersecurity companies. Securing the application is only half of the equation – it is equally important to secure the infrastructure, server and networks your applications run on. Therefore it is critical to engage early and often with your IT and network teams to ensure that your systems are secure from end-to-end.   

In the current era of fast-growing and acquisitive businesses, the next generation of PSIMs has evolved to address the often painful challenges organizations encounter when incorporating new businesses, facilities and systems into their overall enterprise. The architecture of these systems offers the flexibility and scalability to bridge the gap between a vast range of integrated solutions, allowing for easier growth, expansion and adaptation – without sacrificing the high level of effectiveness and efficiency that PSIM solutions promise for increasing security and streamlining operations.

About the Author

Simon Morgan | Chief Product Manager, SureView Systems

Simon Morgan is the Chief Product Manager of SureView Systems, a provider of PSIM platforms. He earned a bachelor’s degree in business/marketing from the Queensland (Australia) University of Technology and has over 30 years’ experience working within a diverse set of roles to include management, marketing, sales, IT and software development.