More than a Handshake:The Security-Integrator Link
As a security director, I’d like my security integrator to:
“Send me ‘out of the box’ ideas.”
“Learn my business.”
“Save me time and money.”
“Stay in touch with me on a monthly basis.”
“Only send technicians to my site who are familiar with our system.”
As a security integrator, I’d like my security director to:
“Focus less on the technology itself, but instead, on the desired results.”
“Want to have a long-term partnership with us.”
“Let us know how we’re doing so we can fix any problems.”
When it comes to the security director – security integrator relationship, it can often look like a “he said/she-said” situation. The phrase “There’s two sides to every story,” applies as well. In fact some – not all – past relationships have been just that. A little friction here over pricing, a little friction there over miscommunication or no communication at all, some instances of installing a product that didn’t work, some stories of not “doing their homework” and a lot of “not going the extra mile” comments.
“Sometimes system integrators seem to be extended sales reps for specific companies,” shares John Williams, CHPA, public safety manager for Prince William Hospital in Manassas, Va. “Although in reality they are sales reps, their focus should be on what the end user wants to get out of a system. They need to have a broad view of what systems and capabilities are available in the industry and put forth several options for the end user to make a selection. They should be knowledgeable and responsive to our needs. Also, they should only recommend products from companies that have an excellent industry reputation for customer service and quality.”
Adds Jeff Schoepf, CPP, security manager for a metals manufacturer in Pennsylania: “We’ve used integrators who were not representing their product or brand name acceptably, and we’ve eliminated those relationships and partnered with other people. The relationship is important, but sometimes I don’t believe that they [integrators] know it unless there’s a problem. I hate to pull in the markers, but I’ll do it to ensure that our security program is up to our standards.”
What’s the real story? Is the security-integrator relationship stressed, strained, even broken?
Our Needs, Your Needs
“It has to be a business partnership that includes working together towards best solutions and results for both parties,” stresses Mark Gaudette, CPP, LPC, director of loss prevention for Big Y Foods, Inc.
“The most important aspect of our relationship with our current integrator is their proven integrity,” says Al Segal, director of security for Williamson Medical Center in Franklin, Tenn. “Our integrator is a critical part of our security team. That’s why integrity is such an important issue. They are responsible for incorporating the sum of our security devices collectively to ensure that our systems function as a whole unit. They must understand our functions and needs in order to accomplish this task. This requires a large amount of trust in our relationship.”
The majority of security executives we spoke with echoed comments from Eric Smith, CPP, security director for Exempla Healthcare in Denver, who said, “Sometimes the relationship can make or break a security program – or at least part of it. I want to have confidence that the integrator is on my side and not just trying to sell me something.”
And what they don’t want: “Don’t sell me something I don’t need,” says William Wilkins, regional security operations manager for Valeron Energy Corporation in San Antonio Tex. “I have sat in far too many meetings where a product is demonstrated only to have the integrator close with, ‘Now where do you see this product fitting into your organization?’ This approach is contrary to the basic principles of project management,” Wilkins says. “An integrator should be aware that the products they deploy and vendors they represent are a direct reflection of their organization. If an integrator is not confident in the performance of a product, don’t sell it – regardless of the margin to be made. Many customers don’t discern between manufacturer, distributor and integrator – and frankly, they shouldn’t. If you are willing to install a product, you should be willing to accept the issues that arise from the product’s performance.”
There are success stories out there and signs of relationships that are working. There’s a “meeting in the middle” in many relationships that we are happy to share with you, including Christie’s and Diebold.
When Christie’s, a leading art business with global auction and private sales totaling $3.3 billion in 2009, needed a security infrastructure upgrade at its North American headquarters in New York City’s Rockefeller Center, it entrusted integrator Diebold to look at its overall business process and design solutions around not just security needs, but also business demands.
Christie’s received a new command and control center that houses auction rooms, viewing galleries, secure storage areas, training facilities, warehouse operations and offices, in addition to an upgrade to its site video surveillance and access control systems. The project integrated new technologies with legacy systems, helping Christie’s centralize its security operations, reduce risk and improve response times to events across multiple sites. “We have an extremely complex and unique business, and Diebold understands that,” says Steve Wrightson, vice president and director of security, Americas for Christie’s. “We knew they were going to come in with the knowledge, expertise, passion and dedication for what we needed to do with this project.”
The new command and control center design replaced a cumbersome monitor rack with a video wall featuring four, 42-inch monitors; six, 19-inch monitors; and two additional monitors. In the new room design, security operators face their computer screens and the video wall, ensuring that every visual is in their field of view. The new system gives operators the freedom and flexibility to change monitor views based on security needs, which can change daily or hourly, as camera feeds fluctuate in importance. During a morning gallery viewing, for example, control room operators may fill the majority of monitors with camera views from that gallery, while relegating a limited number of monitors to areas with lower foot traffic. Operators can then mix and match views throughout the day to accommodate changes in visitor flow.
Diebold also helped Christie’s increase the retention time of its video storage capabilities. Previous equipment had limited capacity for storing archived footage, which made it difficult to review potential evidence from past events. The new capabilities allow Christie’s to view footage as far back as 12 months, enabling security personnel to review a wider range of video when conducting investigations.
New motion detectors installed in select areas of the building also improve security response times, while an updated access control system allows the company to add more card readers nationally.
“This process opened our eyes to how equipment can change how we deal with the physical aspects of our security. The redesign allowed us to rethink our staffing and retrain our supervisors and the personnel in the control room,” says Wrightson. “That was a benefit I didn’t foresee when we undertook this project.”
Above all else, Christie’s has reduced risk for its business and its clientele. This focus resonates with the company’s insurers, which have used Christie’s new security operations as a case study platform for other clients.
The Benefits of One?
Similar to relationships that we have in our everyday lives, some security-integrator relationships are new; others are well established. Some security directors prefer to work with multiple integrators, while others prefer to work with one.
“I think it is healthier to have more than one integrator in the stable,” says Jeff Karpovich, chief/director of security and transportation for Highpoint University in High Point, N.C. “Competition and choices breed higher energy, reduce complacency and keeps costs in line.”
He adds that a good integrator is paramount to a professional protection plan. “Few organizations are large enough to enjoy an entirely proprietary physical security team. At High Point University we feel blessed to have developed symbiotic relationships with small, medium and large integrators that we consider trusted partners. Without them we could have never built the award-winning, protection program that we enjoy today.”
Progress Energy (PE), a Fortune 500 energy company in Raleigh, N.C., uses a contract preferred vendor agreement with one integrator – Intelligent Access Systems, Inc. – to supply all of the company’s security systems equipment, installations and service. This is a single source agreement that contracts all PE security system installations and service calls to IAS without going out to bid. The contract is a multiyear agreement that holds IAS to predetermined fixed equipment and labor pricing and response times. “We are very pleased with IAS as they are truly an extension of our corporate security department and take personal ownership and pride in our security posture,” shares Brian K. Smith, CPP, CHS, lead security specialist for Progress Energy’s corporate security department.
In addition to the integrator’s commitment, Smith tells Securitymagazine that he appreciates the consistency given by IAS in philosophy, methodology and approach throughout the Progress Energy enterprise. “We know what to expect as opposed to some of the larger integrators, which varies significantly from branch to branch. They invest in their employees to keep them at a higher level than the average integrator and Progress Energy benefits from that commitment by IAS,” he says.
Smith truly values this relationship. “The environment we live in today as a company providing a vital piece of the nation’s critical infrastructure is tough. We’re seeing increased regulatory pressure to protect that infrastructure and our security integrator is a vital partner in making that happen. It takes commitment by everyone to meet all these requirements so it’s important that we partner with the right integrator.”
Darren Morgan, director of security, safety at San Antonio Community Hospital in Upland, Calif., appreciates his integrator’s working knowledge of the hospital environment and history. “It makes it much simpler to have new installation work completed and expedited when necessary,” he says. “The integrator has a broad background in IT, which is a plus when working with our in-house IT department. They also have a history in our region, which is good for comparing performance notes with other similar end-user clients.”
On his wish list for improvement? Staying in touch on a monthly basis and only sending technicians that are familiar with his site to service his systems. “If the integrator is not familiar with our security and hospital operations, it is difficult for them to address our needs or anticipate them,” he says. “We have a construction project in progress right now, and if our integrator isn’t on site regularly they will miss opportunities for increased business. I believe that an integrator can be our best ally or biggest adversary based on the relationship we both need to maintain, however if they want my continued business they need to be at my door and ready to serve.”
Another healthcare facility that has benefited from integrator knowledge of its environment is Hoag Memorial Hospital, a west coast not-for-profit hospital, which has been in business for 60 years and serves more than 370,000 patients every year. Hoag had some security systems that were operating independently, which created additional work for the monitoring officers when an alarm was activated. When an alarm became active the operator had to take three steps: identify the alarm, select the associated camera and then review the video. This prevented the security team from efficiently capturing all the necessary data to respond appropriately to the alarm.
The Cost Versus Value Equation
What’s better: lower cost or the value you’ll receive with your integrator relationship? “As with most organizations, we have placed a great deal of emphasis on cost control while operating under the current economic climate,” says Wilkins of Valeron Energy Corporation. “However, we appreciate the difference between ‘cost’ and ‘value.’ Costs are easy to quantify when developing contracts, but that does not directly relate to the value of field performance – which may skew potential savings. For example, an integrator may charge $5 less per tech-hour for installation or service, but if an installation requires five more hours than a competitor due to training and/or resources, their selection has offered none of the savings I anticipated.”
That mentality has helped the relationship between Wilkins and Convergint, his integrator. It’s a solid relationship and one that has been nurtured throughout the years.
“Convergint’s organizational structure is relatively flat, which makes them highly agile – placing decision makers closer to the customer and thereby allowing them to respond to requests immediately,” Wilkins says. “This advantage has been demonstrated a number of times, most notably following during hurricane recovery operations, where technicians provided on-site support for repairs less than 24 hours after landfall.”
On a more personal note, company values are aligned. For example, Convergint supports Valero’s Benefit for Children Golf Classic and homebuilding as volunteers with Habitat for Humanity.
“As a customer, I would recommend that security integrators make a concerted effort to understand the industries they are catering to,” Wilkins adds. “While the tenets of physical security design are generally universal, having an appreciation of the challenges that face a particular market is critical to how we approach design,” he says.
For example, the energy sector includes a broad scope of business models, and making generalizations to the sector as a whole demonstrates market inexperience, Wilkins notes. “This is a perishable skill as our industry in continually in flux. As new regulatory requirements are adopted or existing policies are reinterpreted, the direction of the organization must redirect their priorities accordingly and a professional integrator must have the flexibility to adapt to these changes.”
Second, Wilkins stresses that an integrator never underestimates security’s technical competence. For example, Valero’s Security Projects group is composed of personnel who have a strong physical security background balanced with IT experience and education. “An integrator who puts a representative in front of our group that lacks the ability to intelligently discuss infrastructure, database architecture, or true network impact of IP-based applications will be woefully unprepared,” he says.
The Personal Relationship
When all is said and done, security executives and their integrators really can’t know enough about each other. The relationship can fail or succeed based on that tried and true fact. “Integrators should find out if their region has a hospital organization that the local hospital is a member of,” recommends John Williams of Prince William Hospital. “This is a good place to introduce new equipment and systems, especially if the hospitals work together to purchase similar equipment to reduce costs and integrate this system for emergency response. They should participate in more local and regional security equipment shows or sponsor more events themselves. Many of us cannot afford to attend the high priced annual security events.”
“When I was in the police department I had a sergeant who always said, ‘communication, coordination and cooperation’ were the keys to good police work. It still applies on many levels,” adds Mike McCarthy, director of safety and security for St. John Fisher College in Rochester, N.Y. “I think the best relationship with the integrators is having a personal approach based on trust. Trust that I can explain a problem and know that I am getting the best advice on solving the issue regardless if there is a financial benefit to the integrator or not. The personal relationship means that I get to know them and they know me, thus we can bond on a unified approach to our security needs and not worry about over-purchasing or at the opposite end, a lack of concern or response to the campus needs.”
The Tables Turned: How To Make the Relationship Work For You. Advice from the Security Integrators
In addition to polling many security executives, Securitymagazine spoke with some top security integrators and asked them for their thoughts on the security-integrator relationship.
Security magazine: Beyond asking end users to communicate with you and to involve you more, what advice can you give them to ensure that they are installing the correct technology, that it will work and you will have a successful long-term partnership?
Carey Boethel, vice president and business unit head, security solutions, Siemens Industry, Inc.“The best advice we can give is for the end user to not focus on the technology itself, but instead focus on the desired results. It’s never about the product; it’s about the utility it provides and, as a result, the value it creates. Too often end users get wrapped-up in the features and functionality, the product brand and the nuts-and-bolts of the solution. What gets lost is the desired outcome, particularly when it comes to potential business productivity gains. A good integrator can translate business needs into technological solutions that create real value for the end user.”
Tom Giannini, CPP, director of security and emergency communications marketing, SimplexGrinnell:“Customers should request that integrators provide references, so they can get direct input from other end users who have installed solutions similar to what will be deployed at their site. Receiving direct feedback from another end user is very impactful when a customer is trying to decide on a solution. When an integrator takes the lead in facilitating these discussions, it provides credibility and demonstrates the willingness to develop a long-term relationship with customers.”
Ed Meltzer, national director of system management, Niscayah: “Over the last several years security and the mitigation of corporate risk have moved to the highest levels within the corporate “C” suite. Security directors have moved their offices from ‘behind the first floor staircase’ to the highest floors that represent the true governance of the corporate entity. Long-term partnerships mean that the integrator must be committed to move in lock-step with his client’s long-term corporate roadmap rather than install a piece of hardware to solve an “immediate” problem or security threat. The first order of business for the integrator is to ensure that he is evaluating his clients’ needs for the long term, and providing solutions that will stand up to his end user’s future needs. Only in this manner can he ensure that he will also be there with that client for the long term.”
Ed Pedersen, vice president custom solutions, Stanley CSS: “There are a number of different ways to ensure customers are receiving technology that best fits their needs while fostering a long-term security partnership. First, it is most important that customers select an integrator that is a true solutions provider; a provider that is focused on finding the best solution from both services and technologies. A true business partner will build a long-term consultative relationship not just provide product. It is also important to choose a provider that values transparency to the customer. Open sharing of account information details in installation, service, monitoring, billing and account management as well as providing a forum for customers to openly share feedback is a best in class customer service program. From a technology application standpoint, it is equally important that a chosen security provider have proven expertise in the industry. Once customers have selected a security partner, they are then encouraged to balance their appetite for “bleeding edge” technology with more pragmatic considerations such as cost and performance of those technologies. Customers should take comfort in the product or service being offered – that is has gone thorough testing and analysis by a product review committee as will be deployed in a logical way to maintain service quality expectations. A final, important bit of advice is for customers to share their security growth plans with all other departments in their business. This is important as changes in everything from facilities to marketing to legal to HR may be important in their platform growth strategy.”
V. John Stroia, vice president, enterprise security solutions, Diebold, Incorporated:“When Diebold serves as an organization’s security partner, one of the most important ways we work to ensure success is to develop an understanding of the end user’s vision for the security implementation. We urge our customers to think beyond the type of system they want to procure. Instead, they should start by considering what they want the system to accomplish today, and in the future. Diebold has often talked about the six-step process for ensuring the success of an integrated security system. At the core of these six steps is an understanding of the vision for the system – what it’s ultimately intended to accomplish. These steps continue to apply in today’s security environment. While end users may not be able to predict with certainty the impact emerging technologies such as cloud computing will have on their security operations 10 years from now, they can specify security systems with the future in mind. As technologies do change, strong internal alliances will become even more important to the success of the security operation. That’s why Diebold believes security is no longer a departmental function. Instead, it has become an enterprise-wide responsibility. End users must work to develop meaningful relationships with internal partners. Such relationships will be integral to achieving the security vision. The bottom line is that the security operation can no longer exist independent of the rest of the enterprise. To be successful, it must instead become part of the culture, the fiber of the organization.”
Tony Varco, vice president of security for Convergint Technologies:“I recommend finding an integrator that is collaborative. For example, there are a lot of integrators who don’t believe that a manufacturer belongs in front of a customer. An integrator should have a collaborative spirit and allow the manufacturer to be a part of the process. I also think that the end user needs to have a role in the process. I want them involved, taking an active role and owning it. Also, we’re not interested in bleeding edge technology – I don’t care that a product can do a triple back flip. We want to use the technology that has the best track record of success. So end users should ask for the references and interview other end users about past problems and solutions and find the deliverables.”
Security magazine: Is there one sector of the industry that is more dynamic than others, that is easier to work with, and why?
Carey Boethel, vice president and business unit head, security solutions, Siemens Industry, Inc:“Customers that see the value in leveraging security technology to improve their business performance are fun and easy to work with because the benefits of the solution are tangible and real. Loss prevention is a tough sell and the benefits are not always immediately apparent; however, business productivity gains can be easily quantified. These progressive and dynamic customers most often work collaboratively with their integrator to develop innovative solutions that pay for themselves in relatively short periods of time.”
Tom Giannini, CPP, director of security and emergency communications marketing, SimplexGrinnell: “The optimum situation is to work with decision makers in a customer organization that have experience in purchasing integrated security solutions. These customers have a good background in using proven security technologies, how to integrate various security technologies, and how these solutions fulfill or support their security programs.”
Ed Meltzer, national director of system management, Niscayah:“Those industries governed by regulatory mandate or oversight present dynamic and relatively easy organizations to work with. The reasons for this perception is that the mandates are required and typically include formally outlined requirements. This provides commonly understood ground between the end user and the systems integrator. System requirements are less likely to be subjective and that allows a streamlined process for project lifecycles. Time frames by which to implement projects are also mandated in some industries which allow both the customer and integrator to share a sense of urgency. Budgets are also usually established well in advance and available for the project. Industries that fall into this category may include governmental, healthcare, energy; utilities and transportation, just to name a few.”
Ed Pedersen, vice president custom solutions, Stanley CSS:“We find retail customers to be one of the most dynamic. Retailers are constantly trying to find ways to improve their bottom line through shrinkage reduction, reducing liability risk, and improving employee productivity. Technology, especially video technology, has had the most enhancements and offering to address these needs. The good news is that with the move to IP, many products have built in intelligence that makes installation, service and remote diagnostics more efficient and effective. Retail is also one of the easiest sectors to work with because they have the largest and most mature loss prevention departments with internal processes already in place for getting departmental approval, funding, employee training.”
V. John Stroia, vice president, enterprise security solutions, Diebold, Incorporated:“All sectors are dynamic and bring their own set of unique challenges. The critical infrastructure sector continues to experience rapid evolution and substantial regulatory change that is forever altering the way it looks at security. But even amidst this evolution and change, the most significant security challenge facing the critical infrastructure sector today is anticipating and responding to the threat environment. The continued proliferation of technology – which is bringing us innovations such as mobile, cloud computing and more – provides both opportunities and challenges to the security operation. While technology enables us to enhance and strengthen security across the enterprise, it is also makes systems more vulnerable than ever before. And the threat to the critical infrastructure sector is arguably more significant than in any other market. Critical infrastructure sites house some of today’s most sensitive assets. Threats to these assets can also represent threats to national security, life safety and the ongoing operation of our nation’s infrastructure. We must pursue innovative ways to mitigate risk, anticipate vulnerabilities and secure the vital assets within this sector.”
Tony Varco, vice president of security for Convergint Technologies:“We see significant growth in the petrochemical area. There are a lot of compliance issues and regulations that they deal with daily. In addition, the economy is starting to pick up. The end users in this particular industry are very educated, and we like educated customers. These end users pride themselves on technology and industry trends and how they can apply them to solve the challenges that they face. It speaks volumes when they are willing to educate themselves.”
Partnership Strategies that Work
Securitymagazine surveyed security leaders on the elements that make for a solid partnership with a systems integrator.
• Be honest; don’t overstate what a system or product can do.
• Know my business.
• Communicate: Let me know you are working on a reported issue, especially if there are delays.
• Provide competent and responsive service, especially years after the product or service installation.
• Respect the security budget and its constraints.
• Back up what you sell and promise.
• Respond to problems in a timely manner as was promised in the contract.
• Stock critical parts.
• Exhibit professionalism.
• Don’t sell a solution for a problem that does not exist.
• Keep me informed on industry trends, products and systems and check on my system on a regular basis to make sure it is still operating in a optimal manner.
• Please understand that sometimes I may not have a thorough understanding of technical jargon. I might need things explained in layman’s terms.
• Don’t “up-sell,” unless it is truly in the customer’s best interest.
• Offer occasional product education opportunities to the customer at no additional cost, and not just when they want to sell something.