When selling IP-based physical security systems, it's best to know the language.
- By Fredrik Wallberg
- Sep 04, 2009
The first thing any system integrator should realize when talking to a
customer's IT department is that they're the experts.
"You probably won't be able to tell them anything about IT
that they don't know," said Mike Tarras, a consultant with Security
That's particularly true when it comes to the infrastructure. Your job, then, is to
quiet fears about technology and its impact on the customers' systems. You want
to make sure you are well prepared to answer their technical questions and demonstrate
your own IT knowledge. That will help gain their respect and position your
solution for success.
The idea is for you to progress quickly from an "us versus them" dialogue
to a cooperative session. In most cases, an IT department will quickly test your
knowledge with some pertinent questions, and if you pass, you'll move on to a
Here are some tips on how to win over an IT department.
Walk in with an open-platform, open-architecture solution. IT departments place
a high value on open-platform solutions. They want solutions that are extensible
and allow third-party hardware or software integration.
What they dislike are proprietary solutions. They've been burned in the past by
solutions that do not allow third-party integration and fail to do everything they
need them to do. They like solutions with legs that can support a wide range of
hardware and software products so they can build the best solution for the price.
They want the solution to work with their existing hardware, software, storage
solutions and networking technology.
"IT departments are very picky about the technology they let into their server
room and brands of equipment they purchase," Tarras said.
If your solution limits what they can do behind closed doors, they're going to
show you the door. If a solution allows them to make their own decisions on the
equipment they use, you will walk out the door a winner.
Do the math for them. Bandwidth is a major concern for an IT department. If
you're presenting an IP video surveillance solution, they will worry about added
traffic and the network's extra storage requirements.
The best way to combat bandwidth concerns is to tell IT exactly how much
bandwidth your solution will require. Start with the bitstream per camera and take
them through the math. Validate the claims you made in your response to the RFP.
Also mention the many ways—H.264 compression, frame rate and use of motion
detection—to tweak a video surveillance system's bandwidth needs and explain
that almost every modern network can handle the load. If the IT people still aren't convinced, give them something really hard to argue with: setting up a separate
physical network or a virtual local
area network for your solution.
Directly address their security fears.
IT has spent years on IP security and
has to continuously fight new threats.
Your solution is perceived as one of
these threats. You need to show them
that you have battened down the hatches.
For instance, you should validate
that you're using 802.1x-port-based authentication
to ensure that only a specific device, such as a camera, can send
information through a specific port.
You need to show them you have secure
sockets layer login for remote clients.
You need to speak to user authorization
A big plus is having a solution that
supports common industry workhorses
such as Microsoft Active Directory®
for user authentication. That puts the
keys to using your solution directly in
IT's control, which is exactly what they
want. They don't have to have another
user management system on top of
what they already have. Of course, if
you're setting up a separate network or
a VLAN, a lot of IT's security concerns
will be moot.
Make storage a nonissue. Some IP-based
security systems, in particular IP
video surveillance, are going to raise big
caution flags with IT when it comes to
storage. Fortunately, the cost of a terabyte
of storage is constantly dropping.
Still, video data takes up a tremendous
amount of space, and IT will want
to know how you plan to address it. The
best video management solutions use
a cost-effective, dual-stage archiving
model with fast, local disks for shortterm
recording and affordable network
storage for long-term archiving.
For instance, these solutions can use
small computer system interface drives
or solid-state drives for first-day recording
and serial advanced technology attachment
arrays for archiving. This
improves both write performance and
reliability since SCSI and solid-state
drives are fast and more reliable for applications
that frequently write to disk.
SATA drives, on the other hand, are
not designed for the frequent writing
to disk required in first-day recording.
They are inexpensive and consequently
make an excellent cost-effective solution
for long-term archiving. If an IT
department doesn't have its own solution
for storage, this might make an excellent
Make version control easy for IT.
Any time new hardware or software
applications are added to the network,
version control becomes a concern.
With security products, it could be
firmware updates on cameras or smart
client updates for an IP video management
system. You need to demonstrate
to IT that distributing new versions and
updates can be done without disrupting
performance or security.
What IT departments particularly
appreciate are solutions that allow
them to take a staggered approach
to updates. For instance, an IP video
management solution with 100 percent
backward compatibility will enable IT
to roll out a new version at their own
pace, perhaps completing one server
or client at a time so the entire system
doesn't have to go offline during the installation
of the new version.
The same goes for a camera firmware
update utility. The best ones enable a staggered rollout. After all, if
you take 100 cameras offline at once,
who's watching the store?
Clicks to completion. If the product
you're recommending has a truly
intuitive interface—particularly if it's
Microsoft-like—demonstrate it. IT will
want to know that it can perform necessary
tasks quickly and easily. Take
IT through a few typical tasks, such
as installing a device with a hardware
wizard or configuring a group of similar
devices simultaneously. Show them
how your solution reduces clicks and
uses industry standard techniques, such
as storing system, event, audit, rule and
alert log entries in a centralized Microsoft
SQL database. The more something
works like the other solutions they use,
the more comfortable they'll feel.
Handling the processing. Face it,
some security systems, such as IP video
surveillance, can be processing-intensive,
particularly if a system is running
large numbers of cameras. This could
bog down an individual server. IT will
want to see a solution for that, specifically the ability to cluster servers to
handle larger volumes of processing.
Virtualization also is a big buzzword
today. Demonstrating that your solution
can run in virtualized environments
also will score points, particularly in environments
looking for green solutions
that have underused servers.
Helping IT become more physically
secure. One often neglected area in the
physical security of many organizations
is the IT department itself. One way to
get IT on your side is to show them how
your solution—whether it's an access
system, a video surveillance system or,
perhaps, an integrated solution of both
those—could also help IT protect a
server room. Do a gentle cross sell.
Perhaps all that is required is a more
advanced lock on their server room
door or a few cameras to watch sensitive
areas after hours. Think of the benefit
to IT if, when there's a problem on the
weekend, they could zoom in on a server
and actually see that its status light is
off. There's nothing like having IT buy
into a system because of self interest.
IT and physical security departments
have more in common than you think.
While it's commonly pointed out that
IT and physical security people are radically
different, they both have a similar
task: protecting the organization's assets.
In one case, the assets are the IT
infrastructure; in the other, the physical
infrastructure and people.
Both are always looking for ways to
prevent the unexpected. They're never
100 percent secure, yet they're always
working toward 100 percent security.
Both appreciate solutions that help
them do their jobs better and keep incidents
to a minimum.
Be sure that IT understands your system
is the right solution and not something
they'll be firefighting for years to
come. This is where customer testimonials
from other IT departments, market
penetration and ecosystem can be important