Security Technology Executive magazine recently had a conversation with STid CEO Vincent Dupart. He is a graduate in Management and Strategic Marketing and took over the management of STid in 2012. Under his leadership, STid is diversifying its activities and expanding into the United States, the United Kingdom, Latin America and the Middle East.
His mission for the company is to develop technologically advanced, high-security systems that are intuitive to use thanks to their interoperable innovations and flexibility. As proof, STid has developed the widest range of award-winning, OSDP-Verified readers on the market, which will soon be joined by the new Spectre and Spectre Nano range, allowing dual vehicle and driver identification.
Tomorrow's Security Must Be Agreed Upon By All
Today, technological security is a crucial issue for businesses facing cybercrime, and securing access control is a priority in ensuring operational continuity. As the market evolves, offering simple and innovative solutions tailored to the specific security needs of businesses is the key to success. In this interview with Steve Lasky, editorial director of the Endeavor Business Security Group, for Security Executive’s Industry Influencers, Dupart discusses the need to focus on innovation and interoperability to meet the challenges of tomorrow's security. The French company has made this approach its creed by offering customized solutions that eliminate the constraints perceived by users and comply with international regulations and standards.
STE: Tell us about STid?
Dupart: STid is a security company with expertise in contactless technologies (RFID, Bluetooth, and NFC), focusing on access control and industrial traceability. These two markets can regularly converge, as is the case for armory management. For example, our solutions allow the French Gendarmerie to know, in an automated way, which agent took what weapon from an armory, while verifying the necessary authorizations. It should not be forgotten that despite our start-up spirit, STid has over 25 years of experience in the security market.
STE: Why is security technology crucial today? And why turn to STid?
Dupart: Technology is used everywhere, all the time. STid's strength is in going against the grain of what other market players with proprietary technologies are doing. Our philosophy and approach are different, our solutions are based on open technologies. We favor openness and interoperability to offer solutions that are most in line with the specific needs of our clients. The security market has historically seen little evolution: it was held by giants whose policy was to make their clients "captive" to a solution. Today, it is our approach that is more sought after by users.
STE: Is it realistic to aim to become a market leader?
Dupart: In the high-security market, we are behind a large American group. STid plays in the same field but not necessarily with the same weapons. Yet, we’ve managed to gain market share. This year, STid will undoubtedly become the leading European manufacturer of high-security readers. The next step is to succeed in challenging the American leader. We have another asset in addition to interoperability, which is innovation. Our agility is a clear asset: the simpler a solution is, the more easily it is adopted by everyone.
STE: Being a French company, how do you attract American companies?
Dupart: By showing that STid is a pioneer in streamlining and simplifying access control usage.
It all depends on our offer and our philosophy. The main challenge is to rally around our security policy. By eliminating, for example, the constraints - real or perceived - of a classic access control system. Most security breaches are caused by humans. If badging becomes almost a "pleasure" with your smartphone, the process becomes intuitive. By streamlining access control with dematerialized solutions, no one will be tempted to use a stone to keep a door open. Badging with your phone may seem to involve a "gadget,", but the ubiquity of everyone’s phones streamlines the user experience and allows employees to adhere to the company's security policy.
STE: It seems extremely strategic
Dupart: And here, I am only talking about the user aspect. But on the client side, for managers who will administer security, the argument mainly lies in the fact that we do not "lock them in." Everything revolves around interoperability. By choosing our products, our clients can gradually migrate to higher levels of security at their own pace.
STE: You say that STid's strength lies in its independence. Why is this so important?
Dupart: Our independence is sacred. Other groups have chosen to make their customers "captives." This is not STid's vision. Therefore, relying on an industrial or large investor is difficult. Furthermore, the more interconnected we are with market solutions, the more we can guarantee this independence.
Today, our level of efficiency, performance, and profitability also allows us to forego investments. Our growth plan is around 50 million euros (almost $54 million U.S.), self-financed at 90%. If STid wants to reinvest all of its net profit at the end of the year in R&D, we can do so without being accountable to anyone. We have no shareholders. The only decision-makers are me and the management team. This allows us to implement a strategy that is our own with a long-term vision. This is also why our customers choose STid.
STE: Wouldn't some current or potential clients feel more reassured to know that STid is backed by a large group or investor?
Dupart: Perhaps that was the case five years ago, but it is no longer the case today, especially since STid is financially strong. Our independence is our greatest pride, and it guides us on a daily basis and allows us to define our offer. It is this long-term vision that reassures our customers and attracts prospects.
STE: STid is a French source of pride. And now, you are targeting the U.S. market. Is Asia potentially an attractive market for you?
Dupart: Today, we are focusing on several markets, but our number one priority remains the United States, where we have been investing for more than three years. This year, we tripled our workforce to support this growth, always placing proximity and customer service at the heart of our offer and strategy. That's why we continue to recruit to strengthen our team of experts. We are present in all territories to support our international clients, including Central and South America, as well as the rest of Europe, North Africa, and the Middle East. We have also started to look at the Asian market, particularly Southeast Asia, a dynamic market that offers many opportunities. Even though we do not yet have a great deal of expertise in the Chinese market, we are aware of its enormous potential and know that it is a market to build.
STE: Do you impose your standards depending on the countries where you are located, or do you comply with local rules?
Dupart: Currently, two "blocks" are "opposed." A European block that is essentially based on SSCP technology. It secures communication between hardware and a system. This technology is opposed to an American technology that is OSDP. STid offers solutions that adapt to geographical areas and their standards, without compromising the values of openness and interoperability.
STE: In a globalized market, how do you keep control over your production chain?
Dupart: This is not a concern for us because R&D, which underpins the development of our product ranges, is carried out at STid headquarters in France. Furthermore, almost everything is manufactured in the European Union: 95% in Portugal. And the remaining 5% is divided between France and Tunisia. "Local production" is a priority for STid. As for components from other sources, we have processes in place to inspect them to ensure that they are compliant and do not integrate any back doors. We are convinced that this is a real competitive advantage. Today, few players in our market are able to guarantee such mastery of their production chain. The notion of trust remains a major asset in the security market, and this necessarily involves complete control of our supply chain and manufacturing chain.
STE: Are businesses adequately aware of technology security on a daily basis? Isn't it a portfolio where they can cut costs?
Dupart: It may have been the case in the past, but it is now becoming less and less so. The first reason is the sharp increase in cybercrime that affects almost all companies today. The easiest way for a hacker to penetrate a system remains physical intrusion, which is called a hybrid attack. In this context, the market increasingly understands that access control security is the priority for ensuring business continuity.
The second reason is that we are entering the era of smart buildings, where we need to evolve in an interconnected universe that adapts to our needs throughout the day. This is true for users (secure access to parking, building, printers, canteen, etc.) as well as for system managers who are able to adapt their security level to ensure its effectiveness.
Today, the market growth is strong, and budgets, despite what is being said, are increasing. Companies are becoming more sensitive to our arguments and proposals, and it is easy to get an appointment at the headquarters of a large corporation quickly.
STE: Because the risk is becoming increasingly present?
Dupart: Today, out of 10 installed readers, seven are based on obsolete technologies. It's like having Windows 95 on your PC with an antivirus from that time, without ever having updated it. A product becomes obsolete as soon as its technology is cracked.
We can draw a parallel with the banking sector. For your card, threats are growing every day. However, we will assume that the current standards for bank cards allow for secure responses to the challenges for a few more years. It's the same for access control. It's a question of the degree of cryptography and security keys. We ensure longevity for about 15 to 25 years or so.
STE: What is the future of technological security?
Dupart: The security of the future will rely on digitization and will be optimal when it has eliminated the constraints perceived by users. Security also needs to be agreed upon by everyone, hence the crucial role of certification. I am particularly thinking of the GDPR in Europe or the NDAA in the United States.
Today, everything is still too "local." European initiatives can oppose American initiatives, while we are in a global market with players present in both Europe and the United States. Today, we equip large groups, such as Michelin, which has around 40 sites around the world. Our role is, therefore, to know how to respond to these global challenges while having a local vision, with different recommendations from one country to another. STid's success lies in its ability to create solutions that eliminate "perceived" constraints and adapt to the regulations and standards of the targeted markets.
STE: Beyond the design and implementation of technology, does STid have another mission?
Dupart: There is a very important aspect today: education. It is crucial to understand the importance of having healthy, stable and approved products in which our clients have complete confidence. And it is up to us to raise awareness among different actors, whether they are private or public companies, administrations, or governments. For example, we are a partner of the National Agency for Information Systems Security. The ANSSI regularly relies on our expertise to draft its white papers. So today, we work hand in hand with the government. Ultimately, it is the fact that we have a really broad range of skills and expertise that makes STid interesting and attractive.