Susan Brady: There are tiers when it comes to commercial security (from the simplest systems to the mid range level and on to enterprise solutions). Describe the level of technological expertise needed by dealer integrators at each level?
Jim Lowder, MDI Vice President of Engineering and CTO: There are basically four tiers of integration in the industry.
The first is Discreet. This is where everything runs separately: access control, video surveillance, alarm management, etc. Most are direct connect analog systems and do not require any networking or database knowledge by the dealer or the user. Training is required to gain knowledge of each component.
The next level is INTERFACED. An interfaced system requires some technical knowledge as it brings in and communicates with each disparate security product to form a system. An interfaced system is NOT an integrated system. The interfaced system requires some basic knowledge of working with technology connections as well as some programming skills, database skills and video knowledge. The integrator will be working with video and network switchers for simple video on alarm capabilities. Command strings will need to be written and TCP/IP knowledge is required.
The third tier is INTEGRATED. An integrated system is able to bring together multiple discreet systems with bi-directional integration. The integrated system is what is being promoted heavily in the industry today. Although many systems manufacturers have the right idea, most integrated systems today require customization at the field level in order for a new product or sub-system to be integrated. Integrators must be adept at networking and have a working knowledge of programming languages.
These types of integrators are generally known as Security Technologists. This is where the basic locksmith type installer gets separated from the true systems integrators. Here, system installation training on software and hardware is critical to success. True integrated systems communicate via the network and bring in remote locations seamlessly for the ability to command and control. Door hardware must be intelligent enough to operate on its own and make entry and exit decisions if communication to the “head end” is unavailable.
Although technical knowledge is key to proper integration, a true integrated system makes it easier for the integrator to add products and sub-systems. The key to seamless integration in a system in this tier is the two manufacturers working together. There are elements on each system that represent each other.
The top tier is UNIFIED. In a unified environment, there is one interface for the user to learn. The level of knowledge needed by the integrator, although still high, is minimized due to the fact that everything that is presented to the unified system is learned by the platform and will never need to be re-coded again to work. Once it is in the platform, it is intelligent enough to auto-recognize the product and bring it in as part of the ecosystem. The system does the work for you. The unified system at that point becomes adaptive.
The integrator now works in a plug and play environment as the data is uni-directional. The entire platform is open architecture and integration becomes data driven. The data is the key factor. An example would be a unified system which brings in a video surveillance piece. If a camera is changed on that video system, the integrator will need to change it within the video system, then again within the integrated platform. With a unified system, the camera is changed and recognized throughout the system and platform, and it is business as usual.
Brady: Are government standards having an effect on the level of security required by commercial clients? If so, what markets will be the most logical to pursue?
Michael Garcia, MDI VP & Chief Marketing Officer: Dealer integrators should consider the vertical markets in which there are deadlines to meet, mandated by the federal government. These markets include:
Banking and Financial – The GLBA act is putting pressure on banks and financial institutions. Depositor data must be protected. Convergence is inevitable. Video and access are a big part of keeping compliant with GLBA.
Healthcare – The most regulated market to date. HIPAA is the act that has changed the way hospitals protect patient data. Anyone associated with them needs to be compliant. Hospitals have to exhibit best practices and due diligence across the entire operation. Knowledge of OSHA is also essential.
Sarbanes Oxley (SOX) – Public corporations must comply. A GAP analysis usually dictates what needs to be done. These GAPs usually include security under section 404. Security is a key component of SOX compliance.
Others include: California SB 1386, FISMA, ISO 17799, Basel Accords (international banking), Canadian Privacy (PIPEDA), Patriot Act, and SEC regulations.
Advice to integrators is to choose a regulated industry, become an expert in it and understand how the service you offer will assist these industries in becoming compliant. This requires understanding the security requirements within each mandate. When government standards become best practice, security is always at the forefront. Follow Information Security & Privacy Standards, regulations, legislation and pertinent legal cases to stay abreast of happenings within the industry.