RiskUKApril2017

More documents

Recommendations

Info

Physical Security Information Management is a category of software that provides a platform and applications created by middleware developers specifically to integrate multiple unconnected security applications and devices and control them through one comprehensive user interface. Stephen Smith outlines why the end user buyers of such solutions need to consider not only the technology itself, but also the ongoing costs involved PSIM: Only Fools Rush In... Of late, there has been a fair degree of focus on how Physical Security Information Management (PSIM) solution developers are planning to offer integrated security systems aimed at the growing needs of large-scale enterprises. They would be doing so while also offering advanced functionality for more stakeholders and providing greater control from one central location. Within the world of PSIM, certain matters are crucial for the future development of our industry. One such is about understanding and resolving problems associated with the increasing geographical scope of clients, while adhering to a multi-tiered hierarchy – a socalled ‘federated’ system – wherein total control is centralised, but allows individual sites to maintain local control. Providing more powerful systems is undoubtedly important. Perhaps more important, however, is the scalability of the solution, from a single PC through to those ‘federated’ solutions that afford end users the power to match risk with budgets. It is indeed the case that big is beautiful up to a point, but what’s considerably more attractive, I would strongly argue, is the ability to scale a solution according to need. This will allow more businesses to realise the considerable advantages PSIM solutions can deliver. Also important is the issue of connectivity and, to be more specific, the subject of connectivity failure. It would seem obvious that, in locations where there are known connectivity challenges, and where connectivity failure is therefore a distinct possibility, the ability for a system to work in a standalone mode is essential. It would seem similarly obvious that managing an enterprise-wide PSIM-based solution doesn’t create huge volumes of data. Distributed architecture The distributed nature of the architecture within certain PSIM solutions means that each Control Room is autonomous. This in turn means that, if a connection is lost to the others, it will continue to run without interruption and monitor the systems assigned to it. To that end, it’s a genuine ‘hot reserve’, as opposed to being a ‘fail-over’ Control Room that has to be switched on and booted up. In my opinion, data bottlenecks should never be used as an excuse for a system going down, nor for creating a lack of ‘control’. It’s disingenuous to suggest otherwise. PSIM technology should have an efficient alarm escalation functionality, which means that if there’s a problem, the operator still knows exactly what to do should a critical event occur. For their part, operators must have access to all of the data, information and systems at their fingertips. None of that information should be ‘lost’ in the event of a connectivity failure, or while waiting for the back-up to warm up. While some are seeking to develop more powerful solutions for ‘federated’-level security across larger organisations and smart cities, others are already being deployed throughout the world, from the UK to the United Arab Emirates. While some manufacturers appear to focus on the past, the more forward-thinking among us are already operating in the future. PSIM technology is of course capable of managing large numbers of systems – and not just video – from a single platform across multiple sites. This allows end users to manage incidents according to standard operating policies set by the customer or based upon best business practice, mitigating risks to life, security and assets accordingly. Importance of reputation Reputation is important in any industry and for any technology. Frustratingly, PSIM is already one of those technologies that has a poor reputation. It has come a long way in a comparatively short space of time, but such rapid evolution has been an element of the problem. This is partially because PSIM can be misunderstood and grouped erroneously with security management systems, but also partly because, in my opinion, some PSIM solution developers are misleading the market. 24 www.risk-uk.com
PSIM Solutions: Procurement Advice for End Users They seem to be doing this in two ways: first, in regard to what their technology is capable of achieving and, second, in relation to how much their clients should pay for the pleasure of having a PSIM solution installed. Indeed, this is the other great challenge and the other great myth: lifecycle costs. I have a genuine fear that these hidden costs, with particular regard to software licenses, combined with the lack of an adequate support service – or one that’s ludicrously expensive – are problems that continue to be unexplained and do our industry a tremendous disservice. This was certainly evidenced in the survey we ran in conjunction with Risk UK last year. Depending on the specific PSIM system and its manufacturer, these costs can be highly fragmented and split into many different ‘parts’ or stages. This may be confusing to the end user buyer, since they can include the physical equipment cost, installation, initial software licenses, training packages and project management services, etc. What’s most alarming, however, is that these are only the ‘initial’ costs and don’t take into account factors such as annual licence fees, future upgrades and renewals which, when you think of the initial capital expenditure for implementing a system and the number of years you expect it to be functioning, could run into the many thousands – if not hundreds of thousands – of pounds. Specification: key points In specifying a PSIM solution, and identifying a reputable manufacturer with whom to work, what should the end user be looking for? Ensure the companies that are pitching to you state, in writing, their annual fees for the renewal of your licence and, if technical support is provided, what it entails and what it costs over a five-year period. Find out whether you will be expected to pay for system updates, too, and if so, how frequently these updates will occur. What are the fees? Is the cost a percentage of the initial capital outlay? Given the level of investment you’re making, insist that the software will be supported for a minimum of ten years or longer if possible. Sweat the small print pre-contract so you don’t expose yourself to risk that could well end up having a catastrophic impact on your organisation somewhere down the line. A small number of software providers are still known to build a ‘timer’ into their software. Worth bearing in mind, as this automatically shuts the software down if, for any reason, your annual renewal payments haven’t cleared. “Ensure the companies that are pitching to you state, in writing, their annual fees for the renewal of your licence and, if technical support is provided, what it entails and what it costs over a five-year period” Don’t evaluate a project based solely on the initial capital cost. What might appear to be a competitive initial cost could actually be the tip of a very big iceberg when you rack up the other additional costs for updates, licence renewal and technical support. Work out the lifetime cost. Don’t discover when you’re too far down the line that the cost of installing the system is lower than the ongoing annual costs. A decision was taken early on in our commercial history that we would never place clients in the unenviable position of budgeting for a capital expenditure only to find a raft of renewal and licensing costs emerging. Cost, of course, cannot be the only driver, but the danger is that the cost a client is quoted isn’t the ‘true’ cost that they end up paying when ongoing outlays are then taken into account. Transparency is paramount Over the years, I’ve lost count of the number of red-faced security managers berating a PSIM solution provider for metaphorically holding a gun to their head and, in effect, telling them to ‘pay the ongoing fees or we will not support your system’. We certainly know of cases where public bodies are now having their PSIM systems ripped out because they cannot afford to maintain them from revenue budgets. PSIM solution providers must be 100% transparent and fair or otherwise risk going out of business on the back of an army of disgruntled customers. Short-term opportunism and narrow-mindedness could seriously impact the industry’s long-term credibility. PSIM is very much the system of tomorrow that’s already being used to great effect in the ‘here and now’ today, but not always to the extent that it should, or indeed by the businesses that could benefit from it the most. Buying a PSIM solution can be fraught with difficulties, many of which are of our industry’s own making. It must be said that buying on initial capital cost alone is certainly a dangerous way of doing things. My best advice would be to conduct your due diligence very thoroughly indeed. Consider the technical implications of the risks to be overcome and the lifetime cost of a system rather than rushing unexpectedly into a brick wall of hidden fees or false promises. After all, only fools rush in where angels fear to tread. Stephen Smith: Managing Director of Intergrated Security Manufacturing (ISM) 25 www.risk-uk.com
Page 1 and 2: April 2017 www.risk-uk.com Security
Page 3 and 4: April 2017 Contents 35 Smart About
Page 5 and 6: Editorial Comment Don’t just stop
Page 7 and 8: News Update National Security Inspe
Page 9 and 10: News Analysis: National Surveillanc
Page 11 and 12: Opinion: Physical Security as a Ser
Page 13 and 14: Always a suitable solution with the
Page 15 and 16: Opinion: Security’s VERTEX Voice
Page 17 and 18: BSIA Briefing Last year, the Nation
Page 20 and 21: ERM and ESRM: Can They Continue to
Page 22 and 23: Status Symbol: The Chartered Securi
Page 27 and 28: The Insider Threat: Technical Surve
Page 29 and 30: Institute of Risk Management Are yo
Page 31 and 32: Education Sector Safety and Securit
Page 33 and 34: Education Sector Safety and Securit
Page 35 and 36: Access Control: Integrated Business
Page 37 and 38: 4 July 2017 Hilton London Canary Wh
Page 39 and 40: Risk Management in the Construction
Page 41 and 42: CCTV and Surveillance: HD Technolog
Page 43 and 44: Power Supply Continuity and Managem
Page 45 and 46: Insurance Rewards for Managing Secu
Page 47 and 48: Because one size The most compreh
Page 49 and 50: The Security Institute’s View cla
Page 51 and 52: In the Spotlight: ASIS Internationa
Page 53 and 54: FIA Technical Briefing: Fire Detect
Page 55 and 56: Security Services: Best Practice Ca
Page 57 and 58: Cyber Security: Mitigating Risks Po
Page 59 and 60: Training and Career Development str
Page 61 and 62: Risk in Action Porthcawl’s RNLI:
Page 63 and 64: Technology in Focus Disruptive tech
Page 65 and 66: Appointments Joey Hambidge Skills f
Page 67 and 68: 20 - 22 JUNE 2017 EXCEL LONDON, UK
Page 69 and 70: CCTV CONTROL ROOM & MONITORING SERV
Page 71 and 72: SECURITY CASH & VALUABLES IN TRANSI

RiskUKApril2017

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?