Physical security in the digital age

Monday, September 1, 2003

I first became involved in security more than 15 years ago, working in information security. At that time, information security was a young but rapidly expanding field that evolved with the emergence of the commercial Internet. Today, as a CEO in the physical security industry, I see opportunities and growing pains much like we saw in information security during the 1980’s and 90’s.

For instance, today there is a daunting security challenge facing physical security. The world is a more dangerous place and organizations are closely examining their security practices. Formal vulnerability assessments are exposing serious deficiencies and recommending steps for improvement. There is an excellent opportunity for vendors to address these problems.

Secondly, there is a tremendous amount of innovation occurring, particularly in sensor technologies. This innovation is fueled in large part by market demand and the shift from analog to digital. Digital video, DVRs, access control, biometrics and other technologies are remaking the industry.

Too much information

The explosion in sensor technologies is enabling customers to monitor and detect more, but it creates problems of its own. These sensors generate data, reams of it, but managing, analyzing and acting on the data still remains largely in the hands of people. While properly trained people are critical parts of the equation, manual analysis of large amounts of data is an expensive and error prone process.

For organizations already working with video surveillance, the shift from analog to digital is just accelerating the problem of too much information. Those deploying a digital video surveillance infrastructure for the first time will find very quickly that the unforeseen costs of personnel are high.

This problem is particularly evident in the public sector at our points of critical infrastructure. The federal government is releasing millions in lump sum grants to harbors and airports to upgrade their physical security infrastructure. What they’re not getting is an increase in the ongoing operating budgets to staff personnel 24/7 in order to leverage these new technologies.

Enabling policy management

Security manufacturers, vendors and integrators should take heed at this fundamental problem facing the customer and provide solutions to answer them. Let’s face it, the process of monitoring video surveillance cameras is repetitive, tedious, boring and prone to errors.

Since the dawn of the computer age, software has been applied to automate the repetitive aspects of businesses like banking and engineering. Today, we can use software to automate the analysis of data to reduce the manpower associated with managing security data while also improving overall security.

How do we do this? Through implementing and automating security policy with software. In its earliest years, the first architects of information security software borrowed the concept of the policy from physical security. Every large organization has a physical security policy, usually just a set of procedures that security personnel follow to protect people and assets. Often, these procedures aren’t even written down, they’re just understood (or misunderstood).

The difference today is that software can centralize the management of data and apply rules that enforce the repetitive aspects of policy management. For video surveillance, software can now process this unstructured stream of data from standard, off-the-shelf video cameras and apply the structure necessary to enable automated policy enforcement.

Rather than relying on humans to monitor cameras 24/7, software sifts through the data in real time and provides alerts to security personnel in the field for immediate action. This approach does more than just reduce manpower requirements – it improves surveillance. Software doesn’t read the newspaper when it should be monitoring the video.

For all but the largest customers, the staffing costs associated with traditional video surveillance solutions make security a reactive, forensic process of reviewing recordings once an event has already occurred. Freeing personnel from the responsibility of monitoring video streams enables them to get out from behind the desk and into the field, responding to events and preventing security violations.

Integrators of the future

The shift from analog to digital has profound implications for physical security integrators. The CCTV integrator of the future will really be a hybrid – they must bring an understanding of software and IP based networks together with traditional physical security skills, such as how to select, locate, and install a camera for optimum coverage.

The convergence of IT and physical security is the most important trend facing our industry today. Security vendors must take into account not just the efficacy of the new technologies they install but also the ability of the customers to assimilate, manage and act upon the growing amount of data these technologies generate.

Effective security is now an issue of information management. It’s time for physical security to take back the concept of policy management from information security and for integrators to deliver policy-centric solutions that empower customers with their security data, not overload them.

Glenn McGonnigle is president and chief executive officer of VistaScape Security Systems. He can be reached at