How Security and Integrators Put the ‘I’ in Team
Plus, Six CSOs Share Their Needs and Wants
There’s no ‘I” in team…or is there? When it comes to the security director-integrator relationship, the “I” – the security integrator – can often help an enterprise’s security operations to achieve goals, maximize resources and create partnerships that have long-term benefits.
Such is the case with Sallie Mae, one of the nation’s top financial services companies specializing in education. The company provides products and tools to help its 25 million customers save, plan and pay for college. The way Sallie Mae is structured geographically, it was a natural fit to use a systems integrator network that has nationwide coverage through local integrator businesses.
With nearly 6,800 employees spread across multiple locations including eight major service centers in the United States and corporate headquarters in Delaware, Sallie Mae is listed on the Fortune 500 and Forbes Global 2000 lists.
The sheer size of Sallie Mae, in terms of number of employees, offices, call centers and customer care centers, has presented unique challenges on the security front for Kevin Smith, the company’s vice president of Asset Protection.
Smith, who joined the company more than a year ago as a security consultant, recognized that every location having a different access control platform presented a challenge and needed to be addressed. He began the process of migrating the organization toward a single, enterprise-level access control and badging system and single command center.
“Our access control was a hodge-podge of systems,” says Smith. “We had multiple platforms at different locations and we couldn’t coordinate our security efforts from a central operation center.”
Key Integration Partner
Smith sought a national systems integrator to handle the project for Sallie Mae’s multiple locations. However, he discovered that local companies had better resources to handle the conversion process.
“The first company I chose had a national platform that I thought we needed,” says Smith, “but we learned rather quickly that a conversion of this magnitude required special skill sets at the local level. I then turned to a local integrator in my backyard and they made me aware of the Security-Net program, which gave me access to local experts, who were very well-versed in the system we chose.”
The local company was The Protection Bureau in Exton, Pa., and in close proximity to Sallie Mae’s corporate headquarters. The Protection Bureau is a full-service systems integrator with system design, engineering and installation capabilities. Additionally, it provides service and monitoring of systems after an installation is complete.
Beyond operating as an independent systems integrator, The Protection Bureau is also a long-term member of Security-Net, Inc., a network of 19 systems integrators in North America who share best practices and product purchasing power. Recently, the organization has begun to leverage its national reach and capabilities by providing security services to large companies with offices that span multiple geographic areas.
Serving as the project manager, The Protection Bureau took the lead on the Sallie Mae account to ensure a seamless installation for the customer regardless of the location. By working with their Security-Net partners they could ensure proper coordination of the project. At each location, the Security-Net partner took a three-pronged approach that covered three different areas: site review, job start-up and job acceptance.
Communication and Coordination
Before the project began, The Protection Bureau’s project manager conducted an initial review of each Sallie Mae location that would be converted to the new integrated access control and surveillance system. This first step helped to ensure proper review of the site and each task to be completed.
The next step is the job start-up process, where the integrator team reviews the installation schedule and details each job task. This marked set of plans provides a detailed schedule of each day, and can pinpoint which security devices will be installed on a given day, for example.
The Protection Bureau began the first phase of Sallie Mae’s migration to a single access control platform at the financial service company’s headquarters in Delaware, where it implemented an access control management system from Software House. Sallie Mae could then move each of its locations onto the same access control platform over a period of time and implement a true enterprise-level solution that could be managed and monitored from a single command center.
“We really appreciate that they have taught us how to use our new access control system in lieu of us calling them every time we need a report,” says Smith. “The Protection Bureau has taught us how to fish, instead of delivering a fish every time we get hungry.”
Sallie Mae also installed an HDVR from American Dynamics on the network, which integrates with the access control system and enables them to move towards an IP-based camera system. Sallie Mae can manage all of its security activities from a single command center, including verifying alarms using video and dispatching the appropriate security guard response.
“This allows us to manage all of the guard forces from a centralized command center so the operational efficiencies are tremendous,” says Smith. It has also helped Smith to reduce the company’s guard force expenses by 33 percent. “The reduction in the guard force and ROI also helped us to reduce future operating expenses by one-quarter of a million dollars per year,” Smith says. “We now use technology to identify potential problems and dispatch guards to those locations in lieu of having guards patrol buildings every hour.”
As The Protection Bureau worked on the Delaware headquarters and a call center facility in Wilkes-Barre, Pa., Security-Net member company Koorsen Security Technology in Indianapolis performed the work on Sallie Mae’s Fishers and Muncie, Indiana, locations. It then linked the locations to the access control system, upgraded door controllers, replaced existing DVRs with HDVRs and moved the video from local control to remote control.
For Sallie Mae’s Lake City, Fla., location, Operational Security Systems, with an office in Atlanta, Ga., and Orlando, Fla., installed new door reader components, connected the building to the access control system and installed a new HDVR system.
For each Sallie Mae location, once installation was completed at a job site, Security-Net initiated the job acceptance portion of the project. This full operational test and customer walk-through was completed before each job site is turned over to the customer.
In three months, Security-Net converted seven Sallie Mae locations, with three additional facilities lined up to begin the process. Another nine locations are scheduled to migrate onto the new platform this year.
“Centralizing the administration of the access control system now means that our employees carry one card, versus five or more, to access different facilities,” Smith says.
Elements of the Relationship
Smith’s relationship with his security integrators has been crucial to the success of Sallie Mae’s security operations.
There are other success stories embedded in security director-integrator relationships, and there are security executives who wish that their integrators would do things differently within the relationship. Honesty, respect, loyalty and always being cognizant of cost restraints are a few of the comments that some security executives shared with Securitymagazine.
What does John F. Mitchell want? “First, it is important to realize that due to [our] size and expanse, we work with a variety of integrators across the globe,” says Mitchell, director of corporate security for Thermo Fisher Scientific, a provider of laboratory equipment, chemicals, supplies and services for research, safety, healthcare and science education. “That being said, one word comes to mind: Trust. Knowing that I have the confidence in the integrator to bring to me the best solutions that will work with Thermo Fisher Scientific security model,” Mitchell says.
Mitchell notes that integrators seem to come in one of three varieties: engineering oriented, sales oriented and occasionally, service oriented. “I want the latter,” he says. “Our integrated security systems are only a component in a comprehensive program, not the basis of our security. I need my integrators to understand that a failure of their ‘cog’ in our security gears impacts our entire program, and that they must react accordingly. As a system is only one component for us, I want the integrator to believe that designing that system, or selling and installing it, are only the basic requirements in order to provide client-centric service.”
Mitchell also wants his integrator to keep him informed of changes that will improve the operation and efficiency of his company’s systems. “Time being a premium, it would be good to hear from our integrators on a quarterly basis about those updates, modifications, or enhancements that fit with our operational and strategic programs,” he notes. “We would not be looking for a download of every whiz-bang, bleeding-edge piece of technology, only that which works for us.”
Martin Green, CHPA, manager, Security & Parking for Rouge Valley Health System in Toronto, Ontario, says that the security manager-integrator relationship is “crucial to our mutual success. My security systems are very complex and extensive. Some of the back bones of our systems go back into the late 1980s. We have grown from analog CCTV systems running on VHS tapes to DVRs and IP systems and from barcode swipe readers to proximity cards. We are now experimenting with biometrics and other new technologies. Chubb Edwards has been able to maintain a stable work force in their service personnel. This makes system integration easier and more economical. The relationships that my staff has developed with the service personnel are equally important as the relationship that I have fostered with my account manager.”
David C. Feller, director of the Medical College of Wisconsin, Public Safety, enjoys the fact that his security integrator is a regional mid-sized company that has proven to be responsive to his needs, both for service and system design and installation. “The ease of dealing with a single vendor on projects is of great value to us,” he says. “With relatively low overhead costs, our regional integrator can provide extremely competitive pricing as well.”
Yet, he notes that the local offices are too often staffed with an inadequate number of security systems technicians. “If we need service on an access system panel, don’t send out a fire technician to troubleshoot the problem! It is important for the vendor to invest in their technicians – proper training and certification on our core systems. The simple ability to spend time in listening to the customer can go a long way. By learning our wants and needs, the vendor can better assist in long-term planning and the proper integration of systems. I value a deliberate, conservative approach to product purchases. Before recommending a solution, a good integrator will thoroughly vet the product and manufacturer, then arrange for an on-site demonstration. A solid integrator will also be looking ahead to anticipate our future needs, keeping us apprised of new and improved technologies.”
Kevin Elliott, chief of Security and Emergency Services for Toyota Motor Manufacturing Texas, tells Securitymagazine, notes that his relationships with integrators are largely delegated. He will often meet them, listen to presentations, and sell the issues to his senior executives, but the day to day operations and a good bit of the project management is left to his trusted aides. “I depend on my people and they’re very good at what they do,” he says. “Quite frankly, they’re much more knowledgeable of the systems than I am because I’m so spread out. Their relationships with the integrators are critical and they work closely.”
The Wish List
Training for his security staff is on Mitchell’s wish list for his integrator. Staff changes, promotions, security officer attrition and the like tend to render any training obsolete within months of an implementation, he notes, so continued training is critical to the effectiveness of his company’s systems, he says. “I would like to see our integrators provide training on an as needed basis with on-site programs, web-based tutorials and video recordings of prior sessions geared specifically to us,” he notes. “However, I want this to be included as an essential element of their offering, as a component of their service program. Paying for retraining every time we have a minor staff change becomes cost prohibitive; so as long as we are under a service contract, I want the benefit of training included. With the current economic headwinds all companies are faced with, I firmly believe these extra costs for continued training put our security posture at risk.”
In addition, Mitchell wants someone to help him manage his costs. “Give us ongoing preventive maintenance, service response, training and provide guarantees that they are as committed to keeping us operational as they were in getting the system installed,” he says. “I would like to see comprehensive service programs that cover any and all needs at a reasonable cost, without any of the caveats that leave us high and dry. I like to think of it as life insurance for my integrated system. When I’ve inquired about ‘full’ service programs, the response leans toward the cost being too high for the integrator to offer or the cost is too high for any one company to afford. It seems to be a simple supply and demand issue: provide full coverage - preventive maintenance, ongoing training, service and emergency service, even protect my system against the eternally frustrating ‘force majeur’ – and do so at a reasonable cost, and the demand would necessarily increase. Greater demand allows the core costs to be shared.”
For Shawn Reilly, chief of police and security director for the Greenville Hospital System in Greenville, SC, the relationship was one that took time to develop and nurture. “I have a great working relationship with our integrators – not true of the ones I had when I first arrived,” says Reilly. “One thing I like is that I don’t feel like I’m being sold something. We both work to meet our security needs. They respect my hard won budget and I respect their opinion.”
Yet, he does wish that his integrator would, “Talk to me more; a late afternoon call on how things went on an especially critical project. Keep updated diagrams and equipment lists. Don’t change people so often. Once I get to know a project manager I don’t want them moved – I feel like I’m a training ground for the company. Come with solutions not just problems that I have to spend money on. Better yet, tell me it’s fixed.”
He notes that a healthy relationship is critical when it comes to keeping costs in line. “The cost to change is enormous just counting my time in getting them up and running. A good RFP at the beginning is essential to finding a good integrator,” he says.
Jerry Blum, director, Security Services for AutoZone, Inc. in Memphis, echoes those cost sentiments. “An integrator should evaluate fair market pricing for equipment and labor. I want to be a good customer to my integrator and I expect them to profit from our relationship, but I cannot tolerate paying above fair market value,” he says. In addition, he notes that a good integrator will be open to various manufacturers and not locked into a particular product, and will help him keep abreast of new technologies and trends. He’d also like the integrator to “share mistakes he has seen other companies make so that my company doesn’t fall into the same traps.
“I put quite a bid of value on our relationship,” Blum adds. “I know that they will be responsive to our needs and willing to devote time and research to our projects. Our integrator understands our business model and will introduce new technologies relevant to our needs.”
Elliott of Toyota says, “I appreciate the level of attention our integrators provide. I realize they have other accounts, but appreciate their cognizance of the fact that we have a very large operation and high expectations. Yet, I wish they were more intuitive to our needs and could better anticipate issues, providing solutions before the problems even arise. I also wish they were more forthcoming about product limitations and potential issues. Everyone has a product to sell and they all claim it to be the best thing since sliced bread. I’d rather they told me the good and bad up front without guarantees because I’m less than pleased when I find otherwise. Honesty goes a long way.”
“Our implementation approach is developed with our consultant who helps us vet the products, manufacturers, and eventually the integrator,” Mitchell tells Security magazine. It is rare, indeed unlikely, that we would ever enter into a relationship with an integrator that would pigeon-hole our company. We ensure ourselves from the outset that we will have alternatives should the need arise. That being said, we do respect the relationship with our integrators, and do not hold over their heads the prospect of being systematically replaced.
“Our ability to maintain a safe and secure work environment is highly dependent upon reliable card access, biometric, and CCTV systems,” says Feller. “The vendor relationship is integral to alignment of our security goals with corporate goals – getting the best product and service for the best value. A diligent approach from our integrator ensures we get the solution right the first time, saving time and money.”
“My focus here has been on the integrators providing our systems related services such as access control and communications,” says Elliott of Toyota. “However, I would also consider our professional services provider as an integrator as well, as their services, responsibilities, and visibility is even greater than systems integrators. My entire, rather sizable, staff is contracted through Securitas. This not only includes my security officers, but firefighters, technicians, dispatchers and administrative staff. Most have been here for several years, and the level of service I receive from them, and especially their executive management, is unparalleled. When the regional VP who handles a good part of the state of Texas, and the regional president who handles seven states, touch base with me often and respond to issues within minutes and hours – that is service. If all my security integrators could provide that level of service and attention, I’d sleep much better at night.”
Advice from Security Integrators
What do some of the industry’s top integrators suggest you can do to get the most out of your security-integrator relationship?
Security Magazine: Beyond asking security executives to communicate with you and to involve you more, what advice can you give them to ensure that they are installing the correct technology, that it will work and you will have a successful long-term partnership?
Rob Hile: In a true partnership both parties need to share in the success of the project, as well as the risk. Many times the end user or integrator takes on more risk than the other party and in almost every case when this happens, the relationship suffers. One of the areas that end users can help in assessing cutting edge technology is to talk to other end users who have recently deployed it. Another suggestion is to insist on partnership or team meetings with the integrator. Sharing information about their long term strategic plan and mission is another way to help the integration partner bring new and innovative technologies to the table that will help them achieve their goals.
Tony Varco: First, it’s critical to make sure that the right people are at the table. Some customers don’t think about the departments and various stakeholders that need to be involved in decisions, but so many people can be affected. You don’t want people caught off guard. There is a balance there, but the overriding point is making sure you have the right people represented when making decisions. The second step is using the team to define the requirements, such as what are you looking to accomplish, what problems to solve. All that has to be done before you can talk solutions. We also want to establish the expected results of the system. We then want them involved in the technology review and selection process.
Tom Giannini: We recommend to our customers that they work with a security technology consultant to determine the technology solutions they will need to support their operations. Using an independent security consultant can provide an objective viewpoint for the customer, as well as enable us as the systems integrator to have a clear understanding of the goals and objectives the customer wants to achieve through this technology investment.
Lance Holloway: At Stanley we feel that allowing customers to get input from peer companies is a vital component when communicating with end users about their needs. If we are working with a healthcare company, we show them solutions and technology we’ve provided for other similar healthcare projects. Stanley has hosted customer technology summits, where we bring in key customers to share success stories, operational challenges faced and future technology. Customer references, and especially peer network customer referrals, can play a significant role in developing best-in-class solutions and developing long-term successful partnerships
Kyle Hildebrand: Successful technology selection and deployment is grounded in a process that requires forward thinking. Through open and honest communication, you can help your systems integration partner understand future anticipated business and operational requirements. Combining the integrator’s insight and the customer’s anticipated business requirements in a unified security plan is a key step in maintaining an effective relationship and will aid in identifying and selecting the best systems for the future and ensure scalable, flexible, and expandable/contractible systems. Joint planning for anticipated needs in the beginning of the partnership will save time and fiscal resources going forward. It will also help alleviate many of the frustrations of budgeting for systems work and upgrades for subsequent years. Selecting a systems integrator who places an emphasis on careful planning through up-front systems design and engineering will help optimize the system effectiveness. There is no substitute for a well-designed system (security systems and communications infrastructure combined).
Security Magazine: Is there one sector of the industry that is more dynamic than others?
Rob Hile: In my opinion, the higher education market is very dynamic right now. The convergence of IT, life safety and physical security is leading the way to the integration of many of the sub-systems that are vital to the success and well being of our nation’s colleges and universities. In today’s economic times, ensuring that students, faculty and administration are safe and secure without walls and boundaries to impede the learning process are key to generating increased revenue dollars that our institutions of higher learning need for continued growth. The good news here is that we have only just begun to understand what is possible in terms of technology integration and efficiency, which is really exciting when you think about the future.
Tony Varco: We are looking at sectors that are experiencing compliance regulations. We are also looking to help companies that are expanding their enterprise and bringing together disparate systems, because at some point you have to deal with those systems and bring them all together, and overall, increase situational awareness.
Kyle Hildebrand: There really isn’t a sector of the industry that isn’t changing right now. However, the sectors more directly impacted by emerging threats such as traditional or asymmetric terrorism remain more dynamic than the rest. These sectors are primarily those that are heavily monitored, standards focused, or regulated, such as petrochemical and transportation.
Tom Giannini: Technology within the security industry is always advancing, but the most significant change appears to be taking place with PSIM solutions. This command and control software, when applied correctly, can leverage a customer’s business practices to maximize the efficient operation of all their security technologies, managed from a single point of control.
Lance Holloway: Video is one of the more dynamic sectors in the industry. It is not only experiencing strong growth in volume, but significant advancements in functionality driven by IP technology. Video analytics, cloud connectivity and video management sysetm platforms are all strong emerging video sectors right now in the security industry. I believe the video sector is definitely the most dynamic, and we will be seeing a multitude of video-based products and services hit the industry this year.
Security Magazine: Is there one sector that you predict will experience more growth than others this year and beyond, and why?
Rob Hile: Cities are a safe bet for growth in the years to come. Today, more than 50 percent of the U.S. population now resides in a metropolitan area. This represents a huge shift in recent years where a higher percentage of the population lived in rural areas. If you just look at the basic infrastructure needs of a city required to support this growth and the safety and security technology needed to support the new infrastructure you quickly see why companies like Siemens are investing heavily in this sector.
Tony Varco: Petrochemical continues to be a dynamic sector that is experiencing many drivers with regard to regulations, compliance and business continuity. Ports, transportation, rail and shipping continue to grow because of obvious threats and concerns. Education, specifically K-12, is in many cases, is dying on the vine now because many cities and states are going bankrupt, so schools tend to pull back on capital expenditures. Private colleges continue to grow, but are not an incredible growth engine. Petrochemical and ports will remain incredibly strong.
Tom Giannini: We believe that growth will be apparent in most vertical markets in the next year. But perhaps the most growth will be experienced in the critical infrastructure sector, which encompasses many customer segments. Power utilities, gas and petroleum, mining, transportation, food supply; each is an element of critical infrastructure that has more demand for security than ever before.
Lance Holloway:There are two sectors I believe will experience strong growth this year. The first would be iris biometrics due to their more affordable price points and advanced security capabilities. Iris biometric solutions have reached an economically viable threshold, and are drawing the interest of a wider base of customers beyond just the government sector. Data analytics is the second sector I predict will experience strong growth in 2012. Robust data analytics programs, especially cloud-based solutions, are providing customers with extensive data mining services. This data is not only helpful in realizing trends that influence security, but can also impact marketing and business operations. The growth in the iris biometrics and data analytics sector is being driven by more robust, user friendly and affordable services that companies can apply to their business model regardless of industry.
Kyle Hildebrand: Video surveillance through large IP based video networks is a sector that may experience significant growth. Technological advances in communications infrastructure, video management, and data storage have developed to a point where they can now sufficiently sustain complex video networks, such as public safety and citywide surveillance networks, in a cost-effective manner. There is increasing demand for these flexible video systems within municipalities, educational institutions, and commercial entities that have a high number of cameras and geographically dispersed facilities. Increasingly the end users in these vertical markets require reliable video networks for the surveillance and recording of numerous camera feeds and recognize the value of what a robust video network can provide for them in terms of added safety, public perception, forensics and reduced manpower costs.