Selecting the Right Sized Integrator for your Enterprise
Smaller integration firms are quickly filling the gaps left by national integration giants, often with custom-tailored and flexible security systems. Which one is right for your enterprise?
In the security integration industry, there are a handful of large, national companies and a large percentage of smaller, local integrators. For example, SDMmagazine’s 20th Annual Top Systems Integrators Report, shows top integrator companies such as Convergint Technologies and Johnson Controls reporting more than 9,000 and 2,600 new projects in 2014, respectively.
Vector Security reported more than 5,800 new projects, while integrator G4S reported almost 2,000 new projects. But further down the SDMlist of 100 integrators are a number of smaller companies that have much to boast about, as most reported revenues of more than $5 million, in addition to revenue increases in 2014, all within an industry that includes margin erosion stemming from falling product prices and pressure from enterprise security budgets. SDM’s 20th Annual Top Systems Integrators Report is available at www.sdmmag.com/20th-annual-sdm-top-systems-integrators
Consolidation has affected the industry, as well, with the recent mergers of Johnson Controls and Tyco, and Securitas and Diebold. All of which begs the question: as an enterprise security executive, how do you choose who you want to install and service your security equipment? While many companies gravitate toward huge implementation service providers for more transformational changes, experts say niche firms can provide many benefits, including industry-specific expertise. There can also be a price benefit associated with going with a smaller firm, as their pricing can be less expensive, and they can be more flexible when it comes to pricing plans. Yet, a larger firm can process change and best practices that you might not get elsewhere.
According to Michael A. Silva, CPP, of Silva Consultants: “In general, big national companies prefer to do business with other big national companies. If you are Walmart you want to do business with Honeywell or Johnson Control. If you have 150 locations it’s much easier to have a national account, rather than 50 integrators in all different markets. Smaller companies often prefer do business with companies of their size,” he says.
“Generally, the best and the brightest technician and engineers, in my opinion, tend to gravitate toward regional companies, and they don’t want to be stifled by a large corporate structure. There are exceptions to that rule, though,” Silva adds.
Mark S. Bennett, CPP, CSC of MSB Security Consulting, Inc. says he has worked with both types of integrator companies: “Large integrators have multiple offices in different cities, so they can and will pull resources from other offices to complete a project. This is a good thing, especially if they also have an engineering department that can produce the shop drawings for the field. I have also worked successfully with smaller companies who can hire sub-contractors for the lower technical work and do a great job. Personally, I would rather have a Mercedes mechanic working on my Yugo than the reverse.”
Yet, integrators using sub-contractors to perform work at an end user’s facility isn’t necessarily what many enterprise security executives want, especially if they aren’t informed of it in advance.
Eric O. Martin, PSP, who is Manager, Global Security Systems & Compliance for Halliburton in Houston, says: “One trend in the industry is to have 10 technicians at a senior level and to third-party a local company to do a lot of fundamental work. But the problem arises when I’m not told that my integrator is doing that. It’s also important for me that the same person whom I work with remains the same. When roles change, it can be difficult.”
His security needs are unique. He has in-house personnel that handle the configuration and the front-end work security work in 120 countries where Halliburton has a presence, so his integrator needs are smaller. “I design our security systems down to the smallest details, so a small company could take the package and understand the consistency that I want.”
Martin has worked for an integrator and as a security consultant before his current position, so he understands the challenges that security integrators face. Halliburton recently signed on with Convergint, after ending a contract with a former integrator.
Martin does his part, as well, to ensure that the relationship works, because as he says: “It’s a big deal to change an integrator, because our procurement process is so vast that it’s like turning a ship. Then it takes a year for the new integrator to learn how we do things. So we don’t want to change if we don’t have to.”
The same sentiment goes for Gregg Eatmon, who is Security Director at Baker Hughes Enterprise Security. “Once you get someone that fits as a trusted team member and both of you foster that relationship, you don’t want to do to go through that process again,” he says.
About eight years ago, Eatmon began the process of finding an integrator for the physical security work for 800+ facilities. After a process that involved checking credit ratings, peer reviews and more, he narrowed down the list to companies that could, he says “team with us as a business partner, and we looked at how they would understand us, the oil market and are they willing to learn the risks associated with the various business forces and threat environments in the world. One thing we were adamant about is having an account manager from the integrator that we would only need to call once to ensure the work would get done. Second on our list was trust. We trust our integrators to make decisions as a trusted team-member once they understand the way we operate, and we trust that they won’t compromise our brand, compliance and the security of our assets and people. The third aspect that we respect is their technical capabilities. How are they positioned to see what trends are coming on the horizon, and what will work for us?”
A trusted partnership with an integrator is the goal for William N. Wilkins, who is Director, Global Technical Projects for Valero Energy Corporation. “I am not the integrator’s customer; we have the same customers,” he says. “The success of our security program is equally dependent on the performance of both groups, and as such we are on the same team. As our integrator represents our department to our shared customers, it is essential that we place them in a position to succeed. Our relationship is symbiotic; we help them understand our core business, and in turn they provide invaluable insight to the state of the industry, technology trends and the outlook of our manufacturers.”
Economics have always served as a principal factor for integrator selection, Wilkins notes. “However, while direct comparisons of labor and material rates have traditionally been the standard for measuring monetary impact, we have found that there are other areas that should be included within the selection process,” he says. “Training and certifications have proven to have a direct impact on first time resolution and is one of our primary considerations. We also evaluate how the integrator’s field offices overlay against our locations to understand how those distances will impact response times, travel costs and per diem. It is also important to understand the relationship that exists between the integrator and the manufacturer’s whose product lines we deploy. An appreciation of the volume done by the integrator will give us a sense of the discounts we should receive and their ability to influence future builds, accelerate turnaround for parts sent for repair or maintain inventory for commonly used materials. This approach also ensures that the integrator has deployed their product lines en masse and has a knowledge database of known issues and troubleshooting steps,” he says.
When resources permit, Wilkins says, companies should strive to develop their own specifications and scope for security technologies. “I have always equated this to the purchase of a vehicle,” he says. “You wouldn’t allow a car salesman to pick out your next car, so why would you allow an integrator to pick out your next enterprise platform? We use our integrator to vet our specifications and recommend product lines they have had success deploying. We marry this with an internal product evaluation process to ensure we have the best product for our application. We then provide design for the overall project scope – to include all infrastructure requirements. Our integrator typically installs all security field devices turnkey – though it’s often economically advantageous to have wire pulls, rough-ins, conduit routing and enclosure installations performed by other contract groups. From the service side, our integrator provides 100-percent of service from the field enclosure to the field device, to include semi-annual preventative maintenance. The only exception is server-side and network work, which due to its sensitivity, is managed internally.”
In higher education, George Finney, who is CSO for Southern Methodist University, trust is the main factor for his relationship with Siemens, which is in the process of implementing a new access control, identity management, video management, command and control and mass notification systems for the university. “At the end of the day if something doesn’t go right, for them to own that mistake and make it right and not take short cuts, is important,” he says. “Because, ultimately, it’s your reputation that’s on the line.”
Finney says that SMU’s security upgrade is in part, due to recent national on-campus shootings and security events, especially Virginia Tech’s shooting incident. “We want to take a proactive approach to improving our security,” he explains. “In the past, we had different groups around the university that ran aspects of the system, but we didn’t have an integrated system. There were too many moving parts. Working with Siemens we have a large, national and capable partner. One selling point from them to us was that they had experience doing large integration projects,” he says. “They were able to show us what an integrated system would look like for us. It’s like we got a big red button to press in the event of an emergency.”
Eric Martin, Will Wilkins, Gregg Eatmon and George Finney offer advice on the steps to take to find your next security integrator.
Eric Martin, Manager, Global Security Systems & Compliance for Halliburton
“If you have a large project, that’s when a consultant would help. If you already have a system in place, ask yourself if you want to continue with the system that you are currently using. Go to your manufacturer first and get recommendations for that geographic location and that size of the project. Attend local ASIS meetings and talk to your peers. Have vendors come in for presentations. My biggest problem is vetting vendors in global locations, but I have an investigative department for due diligence to ensure a company is legitimate and has relationships with U.S. companies. And I tell them to leave the salesmanship at the door.”
William N. Wilkins, Director,
Global Technical Projects,
Valero Energy Corporation
“In addition to the factors traditionally evaluated, one should give considerable weight to the culture of the integration company. We have found that alignment with our core values and beliefs eases the transition and ensures that the direction of both companies remains consistent. It is, by all accounts a relationship – and one that requires compatibility. Experience within your industry is critical – one cannot secure assets they have no understanding of. Moreover, without experience there will be no appreciation for the relative safety risks associated with installation or how industry-specific processes impact cost or timing. I also find it important to evaluate where your organization will rank against other customers in their portfolio. A company should select an integrator who is right-sized to the organization’s needs so that they can grow together. When an issue arises, your phone call should matter – not just culturally or as a function of customer service – but because an economic incentive is present. Finally, remember that installation is short term with a definitive completion date. If installation is the first date, service is the marriage. The success of your integrator relationship will be predicated on their ability to perform reliable long-term service. Ensure they have the foresight to assist with the adoption of service metrics, preventative maintenance and end-of-life replacement schedules.”
Gregg Eatmon, Security Director at Baker Hughes Enterprise Security
“Identify what you’re looking for in a business partner. What is your business need? Then, do your due diligence by talking to others in the industry. We have a big integrator, two medium integrators and a smaller sized company. Small shops are probably more nimble, but we ask our larger and medium-sized to be nimble, as well. When there’s a problem we all sit down and figure out how to go forward.”
George Finney, Information Security Officer and Director of Digital Interests for Southern Methodist University
“You can’t go to a massive integrator and expect them to have a vision for you. Before you engage, understand your goals at a high level. They can help you get there, but if you don’t have that strong vision on the project, the vendor can pull you in different ways and you get sold things that you don’t need and that don’t fit into the larger picture of where you want to go.”
Information courtesy of Michael A. Silva, CPP of Silva Consultants
During the sales process
- Really listens to your needs before trying to sell you anything.
- Talks to you on your level and uses a minimum of technical jargon.
- Honestly explains the strengths and weaknesses of the product he is selling.
- Gives you an itemized quotation so that you fully understand what you are buying.
- Truthfully explains the ongoing maintenance and upgrade costs of the system he is proposing.
- Gives you a realistic idea of how long the system is really going to last and how quickly it may become obsolete.
- Has the courage to tell you that what you are asking for really won’t solve your security problem.
- Is quick to refer you to other service providers when they may be better able to meet your needs.
- Doesn’t try to sell you something you don’t need just to make a sale.
During the installation process
- Fully complies with the agreed upon specifications or contract.
- Sends only well-qualified technicians to the jobsite to perform the installation work.
- Is respectful of your workspace; causes minimum disruption; cleans up messes as they are made.
- Regularly keeps you informed as to the status of the installation so that there are no surprises.
- Keeps schedule commitments and finishes the installation on time.
- Provides an adequate level of user training until you are fully comfortable using the system.
After the sale
- Is as quick to return calls and emails to you as they were before the sale.
- Has a service organization in place so that service calls can be handled promptly and professionally. Has more than one person in their company who can work on your system.
- Takes full responsibility for the problems you are experiencing – doesn’t try to blame problems on the manufacturer or other parties.
- Honors warranty commitments even if you may be unaware of them.
- Lets you know of expected costs of repairs before they are performed.
- Keeps you informed as to the status of your service request. Tells you what they are working on, when problem is solved, and what they found. Never leaves the premises after a service call without giving you an update.
- Calls you back periodically to check-in to see how things are going.
- Keeps you informed of system upgrades and enhancements. Doesn’t wait until last minute to tell you that your system is at “end-of-life.”