By Canadian Security
Last month in this space I gave some advice to consider before buying a security system. I’m the first to recognize that it is easy to say, but can be difficult to actually do. In this issue I will present a list of criteria developed by some really smart people that I worked with at Brookfield Properties.
By Canadian Security
The criteria presented here are in no particular order, and it is really up to the person working their way through them to determine how much weight they should attach to each one. The results of a threat and risk assessment should help you decide.
The first on the list is “operational” consideration. Regardless of the system or product you are purchasing, serious consideration needs to be given to its daily usage. What is the system’s compatibility with industry standards? Is it a unique product where the most basic parts have to be ordered in special, take six months to manufacture, are unusually expensive, hard to get, difficult to make? Does it come with options, add-ons, special programming, or any extra requirements? Does it have architectural flexibility, meaning can it interface with other products? Are you getting a product that is an operational nightmare that will have your staff pulling their hair out or quitting in frustration? Do you know the answers to these questions or are you just crossing your fingers and hoping for the best?
The second item on the list is “functional” consideration. Does the system do what the company literature says it does? Have you sat through a demonstration or did you get an opportunity to test it out in real-world conditions? Did your staff get a chance to try it? Does it meet the needs of the site, complex, or the people who require it? Does it work? Is dealer training available? Are you going to have to fly in a specialist if you run into problems, with six months advance notice, working on the vendor’s time frame and not yours? Will they train your staff, locally, or will you have to fly them somewhere? Will they need a PhD in electrical engineering and computer science to understand the training? How much will the training cost?
Next, does the system or product actually provide security solutions? For example, if you are considering purchasing a lock and key system, are the keys difficult to copy and if so, how difficult? How much effort would it require to get past the lock? Does it actually work to the level promised? A couple of years ago, my department was looking at a number of laptop theft prevention devices. One product in particular was promised to provide a particular level of security. One of my staff tested it out, and using a couple of screwdrivers and some twisting and leverage, he bypassed the security mechanism in about 10 seconds. Needless to say, we sent it back and got a refund. My advice is to test the stuff out. Wreck something if you have to. This is all part of the due diligence process.
We have destroyed drill bits, taken a hammer to a product, tried to crash systems, and generally had fun testing products out. Needless to say, we have learned a lot. What I learned more than anything is never believe anything unless I see if for myself. As Ronald Reagan used to say, “trust but verify.”
The next item on the list is related to your IT department. If it is a technology-based system, have your IT people check it to make sure it meets their needs or standards. There is nothing worse than determining whether something is going to work for you only to have IT put a hold on it because no one asked them about it going on the corporate server.
Service and support comes next. Are there multiple vendor sources, integrators and/or suppliers? What is their market presence and product longevity? What is the relationship between the manufacturer and distributor? I have found out the hard way that, at times, this relationship is in a downward spiral, and as the end-user, we got stuck in the middle. Is there one company in a thousand kilometres that is capable of servicing your needs or 10 in the city? Do they own 10 per cent of the market or 90 per cent, and if they own 90 per cent, do they have the technical support to help you when you need it? Are you one of a thousand clients, their only client or their main client? You have to decide what you are comfortable with. If you don’t mind being one in a thousand, then that is fine. If you like being their only client because you believe they will put more effort into serving your needs, that is OK.
As far as product longevity goes, is the system you are looking to buy ending its expected life cycle? In six months, or a few years from now, will you be expected to install expensive upgrades? Is your site going to be a beta test site?
The final category to consider is cost — what are the initial purchase costs? What about upgrades, replacements, parts, warranty, time and material? If the system or product you are buying is expected to last a certain number of years, have you budgeted operational considerations for its entire life expectancy?
Making a decision can be difficult and filled with apprehension. Remember, as the end-user, you must complete your due diligence on behalf of your organization.
Glen Kitteringham, M.Sc., CPP, F.SyI. is President of Kitteringham Security Group.