Since 2006, the LUSAX research program at Lund University in Sweden has investigated the effects of digitisation on the physical security industry

Since 2006, the LUSAX research program at Lund University in Sweden has investigated the effects of digitisation on the physical security industry. This article will look into the forces driving digitisation, and how those forces broadly translate and impacts the physical security industry.

Historically, physical security systems have moved from purely mechanical systems into systems holding both mechanical and electronic low-voltage circuit-based components. Development was pushed further forward when digital components emerged in the late 1980’s with the introduction of Digital Video Recorders (DVRs). And from 1996, when Sweden-based Axis Communications claims to have introduced the first network-enabled surveillance camera, digital components were further introduced into physical security systems. From a strategic business point of view, the digital shift most importantly brought with it new ways of doing business. Currently it is more common to observe novel and potentially more efficient business models challenging the proprietary and integrated one-brand manufacturer-distributor-integrator model historically associated with the industry.

However, from an end-user point of view, the primary objective of a security system is still to protect organisational assets from harmful action. Preferably this is achieved by means of pro-active deterrence, and secondarily by direct prevention. Any change in the underlying technology – mechanical or digital – needs to be evaluated against these objectives. In order for technological advancements to be value adding, it needs to either strengthen the overall performance – both in terms of functional and non-functional requirements – of the current system, or lower costs for the same performance.

In the case of a video surveillance system, the purpose of the system could be to decrease the number of shoplifting incidents at a store by means of temporarily storing the snapshots or shorter video sequences of customers visiting the store. Two examples of advancements associated with digital surveillance cameras may for example be superior performance in terms of picture quality and ease of access to the recorded material compared to previous generations of surveillance cameras. But, it could also be to protect assets against unintended harmful actions, for example in protecting co-workers from exiting areas with sensitive business information. Furthermore, digital systems have been suggested to have potential value in improving core value-adding operations. A prime example of this feature is the track-and-trace functionality in parcel shipment. Finally, the potential of pre-programmed self-diagnostics is another example of feature associated with future digital systems.

Why digitisation happens

When Sweden-based Axis Communications claims to have introduced the first network-enabled surveillance camera, digital components were further introduced into physical security systems

More broadly, digitisation is tightly coupled to what is referred to as Moore’s Law within the computing industry. First formulated by Gordon Moore at Intel in the early 1960’s, it proposed that computing capacity doubles every 12 months. Put in other terms, if we enter a computer store to buy computing power in June 2013 for one dollar, we would receive double the amount of computing power in June 2014 for the same amount of dollar. Gordon Moore was proven right, although slight modifications to the law have been added. The current doubling-speed in terms of computing power happens every 24 months. While this is merely a computational law, the business-consequences are important. Assuming a doubling of computing power every 24 months creates business opportunities for entrepreneurs that can translate the computing power into business-serving concepts at a low cost. This creates a strong cost-pressure on firms to consider digitising and even automating parts of the value-adding process. Examples of professional categories that have been affected by automation are for example secretaries, travel agents and bank tellers.

Moore’s law may impact industries in mainly two distinct manners: The first being digitisation that enhances the physical and manual activities – referred to as a kind of digital overlay to the current activities. The second one having more fundamental impact on an industry in the form of automation – simply substituting manual labour with (digital) machines, like in the case of the professions mentioned earlier.

Reasons for a slower pace of digitisation

Consequently, the key decision is not to ignore digitisation as a mere ‘gadget shift’, but rather to ask the question - in what way will Moore´s law impact my industry sector? Will Moore’s Law digitally reinforce and complement current work-practices according to the digital overlay-scenario, or will it simply substitute manual security labour gradually? The evidence the LUSAX-team has collected the past 9 years suggests a slower than expected, gradual and complementary development compared to other industries. We see three main reasons to a slower development speed.

The first (1) being the nature of security systems, they are to deter harmful action that is based on non-standardised behaviour. The intruder is actively attempting to outsmart the system. Routine business tasks, like registering invoices is a routine that once established may easily be duplicated and lends itself easily to digitisation and automation. Quite the opposite – and due to the variation in the intruder’s behaviour –duplication of the external qualities of a security system across an organisation would represent a risk in itself.

In the case of the physical security industry, the evidence collected by the LUSAX group suggests a more slow-moving digitisation more associated with the digitally enhancing scenario

Secondly (2), the service-level of security systems should be near fail-safe. Everyday use of IT-based services is associated with a higher degree of acceptance to operational disruptions, meaning users and organisations tolerate a lower than fail-safe performance-level compared to security systems. This is sometimes refereed to as the Beta-culture of the IT-industry. In turn, this generates a more conservative approach to experimentation with new technologies among security practitioners that makes digitisation a slower-moving process compared to other sectors.

Third (3) and finally, while it is true that security management has increased in importance from a corporate point of view the past decades, security management still is redundancy and contingency-centric. This in turn hampers a rapid diffusion of digital security innovations. On the other hand, strategic management more generally concerns itself with achieving organisational goals by actively taking risks in a lean and non-redundancy direction. This orientation lends itself more compatible with the automation scenario, for example reducing the need to keep parts of the corporate accounting, marketing or R&D staff internally.

Summary

In this article we have briefly introduced Moore’s Law as a broad driver of digitisation. The effects of digitisation may impact industries differently. Either disruptively - basically gradually reducing the need for manual execution of current work practices, or enhance activities by means of digitisation. In the case of the physical security industry, the evidence collected by the LUSAX group suggests a more slow-moving digitisation more associated with the digitally enhancing scenario.

Download PDF version

Author profile

Markus Lahtinen Researcher and Lecturer at Lund University, LUSAX Security Informatics

Markus Lahtinen holds a Master’s degree in Informatics (2001) and a Bachelor's degree in Business Administration and Economics (2006). The past ten years he has been active as lecturer at the Department of Informatics at the School of Economics and Management, teaching mainly Interaction Design but also given classes on Decision Support Systems, UML, IT and organisation, and supervising theses work for students at Bachelor and Master level.

In case you missed it

What are the obstacles to adoption of mobile credentials for access control?
What are the obstacles to adoption of mobile credentials for access control?

Using a smart phone as an access control credential is an idea whose time has come – or has it? The flexible uses of smart phones are transforming our lives in multiple ways, and the devices are replacing everything from our alarm clocks to our wallets to our televisions. However, the transformation from using a card to using a mobile credential for access control is far from a no-brainer for many organisations, which obstacles to a fast or easy transition. We asked this week’s Expert Panel Roundtable: When will mobile credentials dominate access control, and what are the obstacles to greater adoption?

How to choose the right security entrance for effective customer security
How to choose the right security entrance for effective customer security

Security and systems integrators across the nation are recommending and providing long-term security solutions to their customers. But when it comes to physical security entrances, integrators can easily fall into the trap of simply fulfilling an end user’s exact request without much pushback. Why? We believe the complexity and variety of entrances available makes it difficult to consult on the best solution, but also because there are a lot of assumptions at play. 1) Ask questions to determine the correct security entrance solution There is confusion in the security industry on the meaning of the word, “turnstile.” End users, when requesting a solution, tend to use the word “turnstile” to describe anything from an old fashioned, 3-arm turnstile to a high-tech optical turnstile to a security revolving door. We encourage security integrators to ask questions to discover how their clients want to mitigate the risk of unauthorised entry or “tailgating.” This can help determine the correct security entrance solution to meet the end user’s goal and budget. By asking the right questions and offering true solutions, you can enhance a relationship built on trust and consultation leading to potential repeat business. Below are four physical security goals—crowd, deterrence, detection, and prevention—accompanied by the type of “turnstile” and its capabilities. This breakdown can help the integrator to confidently address an end user’s request for a “turnstile,” and then recommend a solution that truly fulfills their security goals. 2) Explore options for crowd control Typically seen in stadiums, amusement parks, universities, and fitness centres, tripod turnstiles are considered a low security solution for crowd management. Designed for counting employees or slowing down high traffic volume to collect tickets or payments, tripod turnstiles are built to withstand the most abusive of conditions. Here’s what security integrators should know about tripod turnstiles: Low capital cost, but high annual operating cost due to needed 24/7 guard supervision Lack of sensors can lead to defeat – turnstiles can be crawled under or jumped over without alarm/notification to guard staff Little to no metrics capabilities available – no sensors or alarms if defeated High throughput, handling 30 persons per minute in one direction Full height turnstiles are a tall, robust solution for perimeter fence lines, metro stations or parking garages 3) Choose an effective deterrent A physical deterrent to infiltration, full height turnstiles are a tall, robust solution for perimeter fence lines, metro stations or parking garages. While full height turnstiles do physically stop tailgating (an unauthorised person following someone in the next compartment), they have no means to prevent piggybacking. Two people in collusion can gain access through the full height turnstile by badging once and then squeezing into the same compartment. Here are some other things to note about full height turnstiles: Low capital cost, low annual operating cost Guard supervision is up to the user Little to no metrics capabilities available – no sensors or alarms if defeated Moderate throughput, handling 18 persons per minute in one direction 4) Ensure your chosen turnstile can detect tailgating A staple in lobby security to accommodate visitors, optical turnstiles utilise complex sensors to detect a tailgating attempt. Most models available today offer sliding or swinging barriers. A very common assumption in the security industry is that optical turnstiles prevent unauthorised entry, which isn’t true. In fact, once the barriers are open, a second user can slip through. Or, in the case of a wide lane for disabled use, two people can walk through side by side. In either case, an alarm is generated and supervision is therefore essential in order to respond swiftly. The cost of 24/7 supervision must be factored into the security budget. Here are some other points to make note of: Moderate capital cost, but high annual operating cost due to need for 24/7 guard supervision Sensors detect tailgating and sound an alarm for post-tailgating reaction, but turnstiles can still be defeated Moderate metrics capabilities available (for example, # times tailgating occurred, passback rejection) High throughput, handling up to 30 persons per minute in one direction 5) Determine prevention tactics for staff and visitor safety The entry solution of choice for Fortune 1000 companies, security revolving doors and mantrap portals completely prevent tailgating due to their working principle, ensuring the safety and security of staff and visitors. Commonly used at employee-only entrances, security doors are an unmanned entrance solution that cannot be defeated; sensors in the ceiling prevent tailgating (following in a trailing compartment). Optional piggybacking detection systems are also available (preventing two people in the same compartment from entering). The benefits of utilising a truly unmanned door are unparalleled: guard staff can be reduced or reallocated, and this entrance offers an ROI of just 1-2 years. Here’s more information security integrators should know about security revolving doors and portals: High capital cost, low annual operating cost due to no required guard supervision Sophisticated metrics capabilities available, allowing the end user to prove the value of their security investment Security revolving doors = 20 persons per minute, simultaneously in two directions; Security portals = 6 persons per minute in one direction Biometric devices and bullet-resistant glass can be incorporated for an even higher level of security As we’ve demonstrated here, “turnstile,” in the eyes of an end user, is a complex term that can range from a low security, crowd control solution to a high security, tailgating prevention entrance. Security integrators need to first accurately determine the security goals of their customers and then break down the “turnstile” barrier of confusion to recommend the best solution for fulfilling those goals.

Why security customers should buy products and services from SMBs
Why security customers should buy products and services from SMBs

In 1973, a brilliant economist named E.F. Schumacher wrote a seminal book titled ‘Small Is Beautiful:’ taking an opposing stance to the emergence of globalisation and “bigger is better” industrialism. He described the advantages of smaller companies and smaller scales of production, highlighting the benefits of building our economies around the needs of communities, not corporations. In almost every industry or market that exists in the world today, you're likely to find a difference in size between companies. Whether it’s a global retail chain versus a small family-owned store, a corporate restaurant chain versus a mom-and-pop diner or a small bed and breakfast versus a large hotel chain — each side of the coin presents unique characteristics and advantages in a number of areas. Disparity in physical security industry Customers are drawn to products and services from large enterprises as the big names typically imply stability This disparity very clearly exists in the physical security industry, and differences in the sizes of product manufacturers and service providers could have important implications for the quality and type of the products and services offered. All too often, customers are drawn to products and services from large enterprises, as the big names typically imply stability, extensive product offerings and global reach. And that's not to say that these considerations are unwarranted; one could argue that larger companies have more resources for product development and likely possess the combined expertise and experience to provide a wide range of products and services. But the value that a company’s products and services can bring isn’t necessarily directly related to or dependent on its size. In an age where the common wisdom is to scale up to be more efficient and profitable, it’s interesting to pause and think about some of the possible advantages of small- and medium-sized businesses (SMBs). Typically, “small” companies are defined as those with less than 100 employees and “medium” with less than 500. Providing social mobility  Schumacher argued that smaller companies are important engines of economic growth. Indeed, according to the Organisation for Economic Cooperation and Development (OECD), a group of 36 member countries that promotes policies for economic and social well-being, SMBs account for 60 to 70 percent of jobs in most OECD countries. Importantly, SMBs provide resilience in that there are often large economic and social impacts when big companies fail. Smaller companies are better for regional economies in general, as earnings stay more local compared to big businesses, which in turn generates additional economic activity. SMBs are also better at providing social mobility for disadvantaged groups by giving them opportunities and enabling them to realise their potential. Smaller companies are often more innovative, bringing to the market novel technologies and solutions such as Cloud, analytics, AI, and IoT New companies introduce new technologies There's no denying the role of start-ups when it comes to innovation. In the security industry, many new technologies (e.g. Cloud, analytics, AI, IoT) are first brought to the market by newer companies. In general, smaller companies’ products and services often have to be as good or better than others to be competitive in the marketplace. They are therefore often more innovative, bringing to the market novel technologies and solutions. And these companies are also more willing to try out other new B2B solutions, while larger companies tend to be more risk-averse. Customer service Aside from the quality of products and services, arguably one of the most important components of a security company’s success is its ability to interact with and provide customers the support that they deserve. Smaller companies are able to excel and stand out to their customers in a number of ways: Customer service. Customers’ perceptions of a product’s quality are influenced by the quality of support, and smaller manufacturers often possess a strong, motivated customer service team that can be relatively more responsive to customers of all sizes, not just the large ones. A superior level of support generally translates into high marks on customer satisfaction, since customers’ issues with products can be resolved promptly. Flexibility. SMBs have a greater capacity to detect and satisfy small market niches. While large companies generally create products and services for large markets, smaller companies deal more directly with their customers, enabling them to meet their needs and offer customised products and services. And this translates to adaptability, as SMBs become responsive to new market trends. By having a pulse on the market, smaller companies have much more flexibility in their supply chain and can adjust much faster in response to changing demand. Decision-making. Smaller companies are much more agile in decision-making, while larger enterprises often suffer from complex, tedious and lengthy decision-making processes. Communication is easier throughout SMBs, as smaller teams enable new ideas to flow and can solve problems faster. Job satisfaction Employees working for SMBs connect more directly with the company's goals and objectives, which in turn increases motivation and job satisfaction Employees working for SMBs connect more directly with the company's goals and objectives, which in turn increases motivation and job satisfaction. SMBs are also generally more connected to local communities and participation in community activities leads to a greater sense of purpose. Additionally, SMBs have a much smaller impact on the environment, which is increasingly becoming an important consideration for today’s employees and customers. Though Schumacher's book takes a much deeper dive into the large global effects of scale on people and profitability, the general impact of a company’s size on its products and services is clear. It’s important for all players in the security industry to remember that the commitment and dedication to product quality can be found in businesses of all sizes. Ensuring safety of people, property and assets Large manufacturers may catch your eye, but small business shouldn’t be forgotten, as they can offer end users a robust set of attributes and benefits. While all security companies are aiming to achieve a common goal of providing safety for people, property and assets, smaller businesses can provide extensive value when it comes to driving the economy, innovating in the industry, providing quality employment and offering superior customer service.