Do Digital Security Solutions Enhance Operations? Yes, They Do, But Only When Supported By Thoughtful Procedures.

Do Digital Security Solutions Enhance Operations – Looking at the latest security technologies at SecTech Roadshow got me thinking about whether the latest solutions deliver new functions in manageable ways operationally.

There’s no question modern systems deliver more data, faster, and in more usable formats than ever before. But this deep functionality does not remove the need for considered and automated procedures, including response, and nor does it remove the need for a physical security layer designed to delay intrusion.

In the case of the interface between security technology and security management, procedures are simply the rules around what happens after an event. Procedures is a boring word – it conjures up the image of an enormous grey ringbinder in my mind’s eye. Just opening the cover of this monument to jargon is enough to make any security officer weep.

But this need not be the case, especially if the process of choosing and actioning procedures is integrated into system response and automated in real time, with events directed to relevant responders, as well as to stakeholders with oversight.

The growing importance of automated procedures in support of modern technology comes down to the volume of events generated by digital security systems, which have increasingly clever ways of mining the rivers of data generated by the inputs and outputs connected to them.

It’s this tidal wave of AI-generated events that risks breaking existing procedures by overwhelming the tiny teams expected to implement them. And it’s especially the case if procedures depend on a manual process of decision making rather than being automated by the management software overlaying an organisation’s integrated security solutions.

Consider that the latest AI-enabled video analytics can identify people, vehicles, behaviours and other anomalies that might typed into software solutions in real time – but then what? A modern CCTV system and the rules of its hundreds of cameras could drown the handful of security personnel expected to manage them. And if the security team does not respond to events, who does?

Going a step further, while access control platforms can enforce policy across multiple sites instantly, what happens when events occur that breach policy? Are these events simply logged by the system, or do they lead to action that enhances a site’s security posture? And if nothing happens why bother?

Obviously, not every event can be rigorously responded to, and during the process of system design, installation and commissioning, careful decisions need to be made about which of the plethora of events now possible are going to be added to a groaning procedures list.

As I prate on about procedures it occurs that the organic nature of digital security solutions should always be front of mind. Security systems and their fast-evolving functionalities have a way of drifting out of alignment with procedures. Over time, system management reporting chains fragment, with alarms handled by staff and a monitoring station, access control managed by administration staff, and CCTV ignored unless there’s a major event.

Adding deep analytics and remote capabilities to a legacy security posture that’s adrift doesn’t enhance a system’s functionality so much as amplify inevitable mismanagement – especially if the operational propellerhead who was their champion leaves the organisation.

But with pointy and evolving procedures in place – and these should be deliberately spare in nature – integrated security solutions can present inputs like video, access events and alarm events in digestible interfaces, allowing operators or stakeholders to better understand and action live situations.

Getting this part right allows smaller teams to manage larger, more complex environments, including huge multi-site operations, much more efficiently, though it does not change the fundamental nature of security solutions. In fact, smart systems with small teams demand more thought go into physical security – and I mean our version of physical security, not the version of IT departments. Fences, gates, doors, locks, internal layers, including safes.

Electronic systems still won’t prevent intrusion (unless they are a powered fence) – instead these system detect, verify and record. Cameras provide situational awareness and a visual record as well as absolute surety of intrusion, but they do not delay intrusion and often they don’t even identify intruders. And LPR might flag a licence plate of interest, but it can’t police them beyond pushing a notification to a human.

At the same time, access control systems manage and log authorised movement but unless the physical layer is designed for this, they may not stop forced entry but simply report forced doors as an open. Meanwhile, intercom systems allow field communication but rely on human judgement that the person at the other end is the person they say they are.

Taking all this into account, physical security layers are still required to provide the delay that makes response procedures worthwhile. Fences, doors, locks and barriers give responders necessary time to intervene. Without this delay, response becomes irrelevant unless it is simply to mop up.

Walking around security shows the temptation with modern technology is to assume that more digital capability equals more security. But it’s more accurate to think that more digital capability can offer better informed security when installed in support of purposeful security procedures. I’d argue the best outcomes are more likely to be delivered by simpler systems with specific remits that embrace the physical and response layers, feature automated procedures and delegate responsibility to trained team members in the field.

You can learn more about security procedures here or read more SEN News here.

“Do Modern Security Solutions Enhance Security Operations? Yes, They Do, But Only When Supported By Thoughtful Procedures.”