Manufacturers depend on consultants to get their technologies specified in customer projects. Consultants often depend on manufacturers to provide them current information about the technologies that are the building blocks of their projects. It’s a symbiotic relationship, but not always a perfect one. We recently gathered three consultants to discuss what they want from manufacturers, and a representative of HID Global to add a manufacturer’s perspective.

Manufacturers also look to consultants to provide insights into trends they see among clients, and our consultant forum was outspoken on those points, too.

Participating were Chris Grniet of Guidepost Solutions, Brandon Frazier of Elert & Associates, Terry Harless of Burns & McDonnell, and Harm Radstaak, HID Global’s Vice President and Managing Director, Physical Access Control.

SourceSecurity.com: What do you look for in a relationship with a vendor/manufacturer? What kind of support do you look for from partners/vendors?

Product education and communication

Terry Harless: As a consultant, we are vendor agnostic. We have to specify several different vendors, different brands, manufacturers. When we do come upon a client that wants a certain manufacturer specified, we typically like a manufacturer to have customer service that we can reach out to and get an answer back in a relatively quick amount of time, for the simple fact that our designs are fast-track and we need to get them done. And not to tout HID, but they are typically very quick in responding to issues we have had in the past. We like it when they can educate us – come into our office or invite us to a consultant event and train us, instead of giving their sales pitch. There are several manufacturers who provide good education, and there are those that will just bring you in to give you a sales pitch, and you don’t really learn anything.

"We typically like a manufacturer
to have customer service that
we can reach out to and get an
answer back in a relatively quick
amount of time"

Chris Grniet: As consultants, we are constantly trying to learn as much as we can about every product out there. We try to be as agnostic as possible. We need to be apprised of what the latest and greatest is, how it’s functioning. And we need to access that information in a very simple way. Sometimes I’m on the fly. I haven’t sat down in my office more than three days in the last two and a half months. But I know I can pick up the phone or shoot a quick email [to Dean Forchas, HID Global’s Consultant Relations Manager in North America], and he will get back to me. He tells me what I need to know and when I need to know it to support my clients.

We also need truth in advertising, the most critical component. There are things you can’t prove to me. You are going to give me the documentation and I will pass it along to the IT guys. I want to get the information they need to make an informed decision. It needs to be quick, and it needs to painless. I also want the truth about the release of products. I want to commit to things like frictionless access, and mobile credentialing for visitors, and the cost models. Please just tell me the truth. Too many times I hear “The release is Q3,” and in Q2 of the following year, the client is going “What are we going to do?” I also want clear and concise communication between my manufacturers for that fully integrated and unified platform.

Brandon Frazier: The most important thing for me is education. Education about products, and future product roadmaps, and about concepts. Help me understand what we can do with this new product or this product that is coming. Don’t educate me because you think there is a project coming down the pike. Just educate me and support me. And just trust that if you educate me enough, and if I understand enough about your products, they will end up in the specifications.

Education about products, and future product roadmaps, and about concepts is important
If you educate me enough, and if I understand enough about your products, they will end up in the specifications

Understanding the market competition

Grniet: I just want to add to be honest enough to know when your product is not right for an application or a client. Tell us “I don’t think that’s where we need to go.” And be educated about your competitors’ products. We’re just looking for help, and in a lot of cases we’re just looking for information, we’re constantly on the go, and we earn our living on a billable hour. My company wants me to have a lot of them. It has to be an honest relationship—and let me know if it’s not the right application.

Harless: I would say be educated on your own product, too. A lot of vendors have no clue what their product does.

Harm Radstaak: If you as a vendor say something wrong, you have to back-pedal and you lose trust. That is critical. We need to be understanding of that as a vendor and be responsible. Most professional vendors support consultants in their area. At HID, we also have an extra level in the community of consultant support around the world, in the UK, in India, in China. There is a lot of development going on all over the world. We have a role to bring all of that into the bigger mix. You are a consultant, and we consult with you in certain areas, but vice versa, too. You are the voice of the customer to us. We need for you to bring back to us what you see, which we can translate to product development.

Grniet: We can’t expect the product to progress unless we bring to you our learning experiences. We get that. For years, I wrote product specifications to push the envelope of what products are capable of doing. To an earlier point about the future of products: As these get more powerful, we will expect more and more, and communicate to you when we need it.

SourceSecurity.com: What are your priorities in terms of adding value to end-users in the realm of physical access? What trends have you been seeing among end-users when it comes to physical access control? What is at the top of your criteria list for either buying discussions or spec’ing out projects?

Priority considerations

Frazier: I have seen a lot of desire to get to a more actively managed security system. A lot of these systems are at the 15- or 20-year mark, they have been passed on through many generations, they were never tied through active directory or auto services. They have an absolute mess of a system. So a huge trend is how do we actively manage it? We have to replace it. Looking at some cybersecurity, is the hardware going to be capable of being secured, or is it too old to handle some of the encryption that’s required? That’s driving system replacements. When you look at system replacements, you start talking about: How can we manage cards, visitors, user logins, access levels? How can we take that card and push it to other databases and non-security systems and get to that one-card solution?

Most biometrics solutions are currently based on fingerprint or facial recognition
In other IT industries, there are maybe four, five or seven ways of identifying a person, none of them individually that secure, but the combination of all these elements will give you a very high security rate

Radstaak: When you think about smart phones and iPads, we didn’t have these products nine or 10 years ago. So if we think through, our access control market is very heavily focused on card and reader and interface and software. If you talk with large corporates, they say: Explain to me how that infrastructure built up, because I am used to different network equipment, etc. They expect us to be more seamlessly integrated into their IT.

From a security perspective, what will the topology and the infrastructure look like five to seven years out. I think it’s fair to say for all of us, we don’t know yet. Will there still be a lot of what we know today because we as an industry are not fast to adopt new technology? It’s fair to say that’s true. But if we were to sit down today and specify what an access control system would look like, I think we would come up with a different structure than we face today. Then there is the element of the cloud, which is going to increase as we have said. Also, most of our biometrics solutions are currently based on fingerprint or facial recognition. I think the evolution of camera technology will have an impact on security, and biometrics will have a different definition. In other IT industries, there are maybe four, five or seven ways of identifying a person, none of them individually that secure, but the combination of all these elements will give you a very high security rate, and also seamless and fast.

"I think the evolution of camera
technology will have an impact
on security, and biometrics will
have a different definition"

Harless: My struggle is getting a lot of our current clients updated to more secure readers. We have tons of them still on prox cards and prox readers. When we’re upgrading facilities, it’s like pulling teeth to get them to use multiCLASS readers just to try to step them up to at least get them to a more secure platform in the near future. Another thing the industry is going towards is integrating all these systems together in some sort of GUI or interface, including access control, video surveillance, intrusion and then also maybe rolling in some building management systems, all of that, and what platform will you use to bring all that together? Some access control systems have that ability.

Grniet: The primary factors of selection for clients are availability and support. There’s a lot of cross functionality out there, but I need local support. I need to make sure it will work for them, and continue to work for them with the support they need. The other factors, after I have narrowed the field, I look for systems that will give us the full interoperability, full unification, and seamless integration across multiple platforms of their environment. Whether it’s active directory management, identity management or human capital management, how do I do more with less because security is getting squeezed every day?

In certain industries, there are still these kingdoms or fiefdoms of security organisations. And there may have to be from a safety or protection standpoint, but in most commercial applications in big cities, whether it’s a multi-tenant building or a financial organisation, whatever it happens to be, they are looking to do more with less. Bringing in those other support organisations – HR and IT – lets us use the assets they already have and bring all of that to bear as a single process so I don’t have to hire another head to do system administration. That’s what’s important to these clients: How much can I save them on the opex (operating expense)? And they’re certainly concerned about the capex (capital expense).

If I can integrate with other systems, I can also find ways to push costs out to other departments, like IT. “Yes, I need switches,” and then I just have to pay for cameras. “Yes, go run the Cat-5 cable.” My readers are going to do more for you, my mobile readers are going to do more for you than provide access to the door. We’re going to do multi-factor authentication to applications on your network. It’s a critical component of it. Once we can prove it to them, the integration goes much more smoothly.

Read our Consultants' Forum series here

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

Author profile

Larry Anderson Editor, SecurityInformed.com & SourceSecurity.com

An experienced journalist and long-time presence in the US security industry, Larry is SourceSecurity.com's eyes and ears in the fast-changing security marketplace, attending industry and corporate events, interviewing security leaders and contributing original editorial content to the site. He leads SourceSecurity.com's team of dedicated editorial and content professionals, guiding the "editorial roadmap" to ensure the site provides the most relevant content for security professionals.

In case you missed it

How has security industry training changed in the last year?
How has security industry training changed in the last year?

In-person training sessions were mostly canceled during the worst of the COVID-19 pandemic. However, the need for training continued, and in some cases increased, as the security industry sought to adapt to the changing business climate of a global emergency. So how well did we as an industry adjust? We asked this week’s Expert Panel Roundtable: How has security industry training changed in the last year?

Physical access control: Critical steps to ensure a smarter future
Physical access control: Critical steps to ensure a smarter future

Steven Kenny, Axis Communications, looks at the benefits of physical access control systems within smart environments, and how knowledge gaps and dated methods can inhibit adoption. Physical security is becoming more dynamic and more interconnected, as it evolves. Today’s modern access control solutions are about so much more than simply opening doors, with digitalisation bringing multiple business benefits, which would simply not be possible using traditional models. Digital transformation While the digital transformation of processes and systems was already well underway, across many industries and sectors, it is the transformation of physical security from a standalone, isolated circuit, to a network-enabled, intelligent security solution that brings many benefits to the smart environment. Yet, with more organisations now looking to bring their physical security provision up to date, there are many considerations that must be addressed to maximise the potential of access control and video surveillance. Not least of which is that connecting physical security devices to a network presents risk, so it is increasingly important for IT teams to play a role in helping to facilitate the secure integration of physical and network technologies, as these two worlds increasingly converge. Improved access control in smart environments These urban constructs are capable of reducing waste, driving efficiencies and optimising resources The smart city offers significant benefits, reflected in the US$ 189 billion that is anticipated to be spent on smart city initiatives globally by 2023. These urban constructs are capable of reducing waste, driving efficiencies, optimising resources and increasing citizen engagement. Technology, which is increasingly being incorporated to protect access points within the smart environment, can take many forms. These range from simple card readers to two factor authentication systems, using video surveillance as a secondary means of identification, right through to complex networks of thermal cameras, audio speakers and sensors. Frictionless access control During the COVID-19 pandemic, frictionless access control has provided an effective ‘hands free’ means of accessing premises, using methods such as QR code readers and facial recognition as credentials to prove identity. Frictionless access control brings health and safety into the equation, as well as the security of entrances and exits, minimising the risk of infection, by removing the need to touch shared surfaces. Such systems can be customised and scaled to meet precise requirements. Yet, an increasing integration with open technologies and platforms requires collaboration between the worlds of physical security and IT, in order to be successful. Barriers to adoption Traditional suppliers and installers of physical security systems have built up a strong business model around their expertise, service and knowledge. Network connectivity and the IoT (Internet of Things) present a constantly shifting landscape, requiring the traditional physical security vendor to learn the language of IT, of open platforms, IP connectivity and software integration, in order to adapt to market changes and remain relevant. Many are now beginning to realise that connected network-enabled solutions are here to stay Those who cannot adapt, and are simply not ready for this changing market, risk being left behind, as the physical security landscape continues to shift and demand continues to increase. With end users and buyers looking for smarter, more integrated and business-focused solutions from their suppliers, it is clear that only those who are prepared will succeed in this space. Time will not stand still, and many are now beginning to realise that connected network-enabled solutions are here to stay, particularly within smart constructs which rely on such technology by their very nature. The importance of cyber hygiene Connecting any device to a network has a degree of risk, and it is, therefore, imperative that any provider not only understands modern connected technologies, but also the steps necessary to protect corporate networks. Cameras, access control systems and IP audio devices, which have been left unprotected, can potentially become backdoors into a network and used as access points by hackers. These vulnerabilities can be further compromised by the proliferation of connected devices within the Internet of Things (IoT). While the connection of devices to a network brings many advantages, there is greater potential for these devices to be used against the very business or industry they have been employed to protect when vulnerabilities are exploited. Cyber security considerations Cyber security considerations should, therefore, be a key factor in the development and deployment of new security systems. Access control technologies should be manufactured according to recognised cyber security principles, incident reporting and best practices. It is important to acknowledge that the cyber integrity of a system is only as strong as its weakest link and that any potential source of cyber exposure will ultimately impact negatively on a device’s ability to provide the necessary high levels of physical security. The future of access control There is a natural dispensation towards purchasing low-cost solutions There is a natural dispensation towards purchasing low-cost solutions that are perceived as offering the same value as their more expensive equivalents. While some have taken the decision to implement such solutions, in an attempt to unlock the required benefits, while saving their bottom line, the limited lifespan of these technologies puts a heavier cost and reputational burden onto organisations by their association. The future of access control, and of physical security as a whole, will, therefore, be dependent on the willingness of suppliers to implement new designs and new ways of thinking, based around high-quality products, and to influence the installers and others in their supply chains to embrace this new world. Cyber security key to keeping businesses safe In addition, cyber security considerations are absolutely vital for keeping businesses safe. The integration of cyber secure technologies from trusted providers will provide peace of mind around the safety or corporate networks, and integrity of the deployed technologies. As we move forward, access control systems will become data collection points and door controllers will become intelligent I/O devices. QR codes for visitor management and biometric face recognition for frictionless access control will increasingly be managed at the edge, as analytics in a camera or sensor. The future of access control presents an exciting and challenging time for those ready to accept it, to secure it and to help shape it, offering a true opportunity to innovate for a smarter, safer world.

Wire-free, mobile first and data rich? The future of access control is within almost anyone’s reach
Wire-free, mobile first and data rich? The future of access control is within almost anyone’s reach

The 2020s will be a wireless decade in access control, says Russell Wagstaff from ASSA ABLOY Opening Solutions EMEA. He examines the trends data, and looks beyond mobile keys to brand new security roles for the smartphone. The benefits of wire-free electronic access control are well rehearsed. They are also more relevant than ever. A wireless solution gives facility managers deeper, more flexible control over who should have access, where and when, because installing, operating and integrating them is easier and less expensive than wiring more doors. Battery powered locks Many procurement teams are now aware of these cost advantages, but perhaps not their scale. Research for an ASSA ABLOY Opening Solutions (AAOS) benchmarking exercise found installation stage to be the largest contributor to cost reduction. Comparing a typical installation of battery-powered Aperio locks versus wired locks at the same scale, the research projected an 80% saving in installers’ labour costs for customers who go cable-free. Battery powered locks all consume much less energy than traditional wired locks Operating costs are also lower for wireless: Battery powered locks all consume much less energy than traditional wired locks, which normally work via magnets connected permanently to electricity. Wireless locks only ‘wake up’ when presented with a credential for which they must make an access decision. AAOS estimated a 70% saving in energy use over a comparable lock’s lifetime. Find out more about wireless access control at ASSA ABLOY's upcoming 29th June webinar Deploying wireless locks In short, every time a business chooses a wireless lock rather than a wired door, they benefit from both installation and operating cost savings. A recent report from IFSEC Global, AAOS and Omdia reveals the extent to which the advantages of wireless are cutting through. Responses to a large survey of security professionals — end-users, installers, integrators and consultants serving large corporations and small- to medium-sized organisations in education, healthcare, industrial, commercial, infrastructure, retail, banking and other sectors — suggest almost four locations in ten (38%) have now deployed wireless locks as a part or the whole of their access solution. The corresponding data point from AAOS’s 2014 Report was 23%. Electronic access control Electronic access control is less dependent than ever on cabling Without doubt, electronic access control is less dependent than ever on cabling: Even after a year when many investments have been deferred or curtailed, the data reveals fast-growing adoption of wireless locks, technologies and systems. Is mobile access control — based on digital credentials or ‘virtual keys’ stored on a smartphone — an ideal security technology for this wire-free future? In fact, the same report finds mobile access is growing fast right now. Among those surveyed, 26% of end-users already offer mobile compatibility; 39% plan to roll out mobile access within two years. Before the mid-2020s, around two-thirds of access systems will employ the smartphone in some way. The smartphone is also convenient for gathering system insights Driving rapid adoption What is driving such rapid adoption? The convenience benefits for everyday users are obvious — witness the mobile boom in banking and payments, travel or event ticketing, transport, food delivery and countless more areas of modern life. Access control is a natural fit. If you have your phone, you are already carrying your keys: What could be easier? IBM forecasts that 1.87 billion people globally will be mobile workers by 2022 Less often discussed are the ways mobile management makes life easier for facility and security managers, too. Among those polled for the new Wireless Access Control Report, almost half (47%) agreed that ‘Mobile was more flexible than physical credentials, and 36% believe that mobile credentials make it easier to upgrade employee access rights at any time.’ IBM forecasts that 1.87 billion people globally will be mobile workers by 2022. Workers in every impacted sector require solutions which can get the job done from anywhere: Access management via smartphone offers this. Site management device The smartphone is also convenient for gathering system insights. For example, one new reporting and analytics tool for CLIQ key-based access control systems uses an app to collect, visualise and evaluate access data. Security system data could contribute to business success. The app’s clear, visual layout helps managers to instantly spot relevant trends, anomalies or patterns. It’s simple to export, to share insights across the business. Reinvented for learning — not just as a ‘key’ or site management device — the phone will help businesses make smarter, data-informed decisions. The smartphone will also play a major role in security — and everything else — for an exciting new generation of smart buildings. These buildings will derive their intelligence from interoperability. Over 90% of the report’s survey respondents highlighted the importance of integration across building functions including access control, CCTV, alarm and visitor management systems. Genuinely seamless integration They offer greater peace of mind than proprietary solutions which ‘lock you in’ for the long term Yet in practice, stumbling blocks remain on the road to deeper, genuinely seamless integration. More than a quarter of those polled felt held back by a lack of solutions developed to open standards. ‘Open standards are key for the momentum behind the shift towards system integration,’ notes the Report. As well as being more flexible, open solutions are better futureproofed. Shared standards ensure investments can be made today with confidence that hardware and firmware may be built on seamlessly in the future. They offer greater peace of mind than proprietary solutions which ‘lock you in’ for the long term. Open solutions and mobile management are critical to achieving the goals which end-users in every vertical are chasing: scalability, flexibility, sustainability, cost-efficiency and convenience.