Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!

The Nice Thing About Standards – There’s One for Everybody

By Steve Hunt, CPP, CISSP
April 1, 2008


I pumped a few gallons of Shell premium unleaded into my tank, which was partially full of Mobil 93 octane.

Got to my office and tuned the TV to CNN.  Watched it for a while then slipped to Fox News.  Booted up the MacBook running Leopard and VMWare with Windows XP and surfed over to Google to read my RSS feeds from a dozen blogs and news sources.

I noticed the cleaners had loosened some plugs so I plugged my stereo system back in the wall.  That reminded me to use my Sprint cell phone to call the landline phones at the electronics store to see if the newest Blu-ray readers are in stock.

That’s the thing about standards.

You hardly notice them till they’re absent.  Take Blu-ray.  Of the two competing standards in the high definition video format wars, I thought HD-DVD was going to win.  DVDs are awesome, but high definition DVD seemed way better.

Confidence in a de facto Standard

But I wasn’t confident enough to plop down 400 bucks until the vendors fought it out amongst themselves.  For a while I thought about grabbing that Samsung player that played both video formats, HD DVD and Blu-ray, thinking that Samsung was creating an integrated environment by supporting both.  Then I looked at the price tag and saw it selling for nearly twice the price of a standard Blu-ray box.  Integration sure can cost a lot.

I just referred to Blu-ray and HD-DVD as standards.  I should have said proposed standards.  That’s because a standard is only a standard if it’s standard.

Er…you know what I mean.  Two groups worked out a new format for all music and video disks, but they weren’t identical.  It took a consensus of distributors and customers to decide which would become the actual standard of choice.

In the security industry, we talk about standards all the time.  H.264 looks like it will be the compression standard of choice for squishing video into tight streams to fit on our overloaded networks.

IP v6 is poised to be the protocol to handle the exponentially growing traffic on our networks.  But an obviously missing standard in our industry is messaging.  Remarkably, there is no standard way to get a message from this access control server, or that video analytics processor to this event management correlation engine.  Blows my mind. 

It ain’t rocket science.

You decide on a delivery platform, like XML, and a format of headers and tags for different classes of information, and everyone starts using it.  Creating the standard is easy.  Desiring to create a standard, well, that’s the sticky part.  Ask some of the big named vendors – especially the ones touting their use of Microsoft, Oracle, and other IT standards based products – to describe their approach to standard messaging and they’ll happily tell you about their application programmer interface (API).

How Much is Total?

A vendor told me the other day that his access control solution was “totally open.”  When I asked what he meant he told me he offers an SDK to qualified partners.  I don’t know what some of these people are smoking, but an API is not a standard.  Neither is an SDK (a software developer’s toolkit).    APIs and toolkits are proprietary.  They are like secret invitations to the private club.  It’s like those shifty car dealers offering zero percent financing to qualifying buyers.  That “qualifying” bit keeps it exclusive.

Interoperability is really the key for being open or standards based.  But that’s only a half step.  Sure my product can be interoperable with anybody else’s, but as soon as one vendor in the infrastructure changes something, everyone has to change.  The whole point of standards is that once you embrace the standard, you are guaranteeing a higher level of interoperability, rather than interoperability that is frozen in time.  There’s another catch.  Just because my product is standards based, and so is yours, it doesn’t mean our products are interoperable.  For example, if I encapsulate my video in RDP and you encapsulate yours in UDP, we’re still sunk.  We’d need some middleware to get the two systems to work together. 

Clearly XML is a popular way to tag and share information between multiple systems.   XML is not exactly a standard – it’s merely a schema, a template, for presenting information – but it’s close enough.  It could easily serve as the perfect foundation for sharing information.  Next, product makers will have to decide which XML tags to use and what classes of information to associate with the tags.  If XML isn’t the preferred platform, then let’s pick SNMP or something already! 

All I’m saying is that you, the end-users and security executives buying and using security technologies, will be able to have more efficient, effective, flexible and value-creating security architectures if the vendors would get out of their good ol’ boy mentality and allow new software and hardware to interoperate easily.  Standards are the most effective path to that interoperability.  We want to evolve to a plug and play environment.  Unfortunately the closest I’ve seen so far is plug and pray. Most integrators and vendors don’t even achieve that, however, preferring good ol’ fashioned plug n pay.

Well, gotta run to the store and pick up my Blu-ray player.  Hmmm, but will it play my home video DVDs?  

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Steve Hunt is CEO of Hunt Business Intelligence, an industry analysis and advisory firm. He also authors the popular Blog securitydreamer.com.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Columns
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • leadership development programs

    Leadership development programs: Is there one for you?

    See More
  • cybersecurity

    The future of SOAR (Is there one?)

    See More
  • Better Travel Documents – Now There’s One for a Tribe

    See More

Related Products

See More Products
  • 150 things.jpg

    The Handbook for School Safety and Security

  • CASP.jpg.jpg

    CASP+ CompTIA Advanced Security Practitioner Certification All-In-One Exam Guide...

  • GSEC.jpg

    GSEC GIAC Security Essentials Certification All-In-One Exam Guide, 2E

See More Products

Events

View AllSubmit An Event
  • January 6, 2011

    From Here to There - Advancing in the Security Field

    Learn the three components that are critical for your advancement.
  • May 14, 2012

    Effective Risk Communication: Theory, Tools, and Practical Skills for Communicating about Risk

    Stay ahead of the curve by attending this in-depth program, featuring the latest scientific findings on risk perception, case studies from around the world, a suite of practical tools, and hands-on skill training.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing