Physical Security Information Management (PSIM) is a phrase often used within the security sector these days, but what is it really all about?
For those of you who missed December’s webinar entitled ‘PSIM: the fusion of security and business efficiency’ (hosted by UBM’s Security Portfolio and which you can view retrospectively), my input centred on exploring PSIM from the system integrator’s perspective.
For the systems integrator, PSIM is really all about managing situational awareness. It’s about the process of recognising a threat as early as possible and taking measures to avoid and/or mitigate the effects it brings with it.
In 1993, Adam succinctly summed up situational awareness as: “Knowing what’s going on so you can figure out what to do about it”. To put it another way, it’s: “What you need to know not to be surprised” (Jeannot, Kelly and Thompson, 2003).
It should come as no surprise to security professionals that world events are driving growth within the security market. Security has never been more important, not just for the protection of people and assets but also for reputation, brand and business success. In turn, this results in the demand for more sophisticated and integrated systems to address increasing risks and threats.
However, the true growth is in the provision of integrated systems built around video surveillance to provide not just security but also business intelligence. After all, information and data are key drivers in business success.
Surveillance-based integrated systems
The ongoing convergence of security technology and IT enables us to develop surveillance-based integrated systems which raise ‘situational awareness’ and cut across business silos to become part of the business process, thereby adding value to clients’ businesses rather than cost (which is generally the case with security expenditure).
Situational awareness is increasingly important in critical risk management and business continuity. As threats both real and perceived continue to escalate, so developments in technology, security strategy and procedures have evolved to manage situational awareness and combat the increased jeopardy.
As integrators, our job is to deploy various life safety, security and information systems and warning devices for a client’s estate. The systems are designed to provide clients with visual information which alert and warn them of potential disruptive incidents, criminal attack, fire and power failure, etc, or to provide business intelligence so that management can better control and improve the security, safety and productivity of the host enterprise (for example payroll information for the HR Department or health and safety monitoring, marketing information such as shopping trends or perhaps details of disruption to a production process).
These systems are often disparate and require some form of integration platform enabling them to ‘talk’ and interact.
Clearly, they produce large amounts of both visual information and data, the recipient of which is usually the security Control Room operator (whether based on or off site). In these days of austerity the Control Room is often the only department with a true 24/7 operation and, therefore, is recognized as the ‘communications centre’ in an organisation.
There can be little doubt that security operations have changed and are changing on a continual basis. High responsibility is vested in the security operator to make critical decisions and take the correct action at the right time even if he/she has never had to take this kind of action before.
The operator needs a clear understanding of what he/she needs to do. He/she needs confidence in the information upon which they’ll make their decision and act. Furthermore, they need discipline with supervision to cover lapses of human nature, and they’ll be required to account for (and justify) any actions taken.
Managing complex security, safety and information systems
As a minimum, PSIM should address these needs and give us control of converged technologies to improve situational response. It’s the ability to bridge across security information and business intelligence – analysing and assessing the data from these disparate systems, making intuitive decisions and communicating to the operator the correct response – which generally sets PSIM apart from video management and access control management systems.
PSIM should speed up our response times by analysing the data from the various systems and devices, then prioritising the information and scheduling incidents so the operator doesn’t need to. It should also escalate and re-schedule incidents as situations develop and change.
In addition, PSIM should produce a consistent and appropriate response by delivering concise operator instructions and work procedures: ‘what to do, who to call’ etc.
These standard operating procedures empower operators to identify and reactively resolve situations using common and consistent methods based upon step-by-step instructions, Best Practice and an organisation’s policies for dealing with emergency situations and mission-critical issues.
Aside from the high level of integration afforded by PSIM, it should realise a comprehensive, integrated audit trail for all activities: tracking information, steps and sequences for compliance reporting, training, post-incident analysis and accountability.
The audit trail and reports should confirm the actions taken to resolve the issue and aid in continuous improvement through actions taken and lessons learned in mitigating risk.
PSIM software: what’s it capable of achieving?
So how do we achieve that? First, we have to remember PSIM is a tool. As integrators, we need to understand what the tool can and cannot do.
In other words, we need to fully understand the technology and what the PSIM software is capable of achieving, what functions it does well or adequately and what its weaknesses and limitations might be. Clearly, as stated we need to know what it cannot do.
We also need to understand the client. It’s essential that we listen closely and gain a clear understanding of the client’s business. Understand its needs and wants, what they’re trying to achieve and what the objectives are in the short and longer term.
The integrators job is to then match the two by implementing a solution which meets the client’s objectives in terms of providing the optimum PSIM solution to deliver the requisite information and business intelligence in the right format, at the right time and with the appropriate response outcomes in a clear, concise and efficient manner.
Implementation: this will take time
Fundamental to the successful implementation of any PSIM set-up is the client’s co-operation and input. The client needs to understand what can and cannot be achieved. They need to carefully consider their ‘operational requirements’: what they require from the systems and the information generated.
The client needs to be dedicated to the project and understand the time commitment and the demand on resources to pull together the information required to develop and implement the PSIM software. It’s paramount that the upkeep and management is an ongoing process subject to change in light of changing needs/risks and lessons learned.
The client’s project leader needs to have clear authority to obtain input from across his/her organization so clearly it must be senior personnel-driven and led.
Essential to success is that a client does not underestimate the commitment required to implement and operate a PSIM system effectively: the more you put, in the more benefit you will gain.
Finally, as a client do your homework. Pick the right integrator. You need an integrator that understands how to apply security and life safety technology and the risks it’s designed to address.
The integrator selected also needs to be IT ‘savvy’ with a knowledge of networks and software and the ability to talk and liaise with IT professionals on their level.
They also need to be confident in dealing with – and understanding – a number of different departments within an enterprise and working closely alongside and with different levels of seniority.
Managing expectations: the key points to note
One of the biggest pitfalls with the implementation of PSIM systems is managing expectations. Taking a slightly ‘tongue in cheek’ look at the process, the consultant specifies ‘all singing, all dancing’. The manufacturer claims ‘all singing, all dancing and tells jokes’. The customer ‘expects even more’. The poor integrator has to manage these expectations.
It’s the integrator’s roll to manage expectations, then, and to be realistic as to what can and cannot be done. What’s technically achievable and what’s just ‘pie in the sky’? What operator intervention will be needed and when? What is or is not effective and efficient, either technically or because of cost?
Many manufacturers and developers become overly enthusiastic about what their software can do. Equally, many clients are carried away by their expectations.
The systems integrator’s role is also to add value not cost, both by making sure they have met the client’s needs with the technology, but also by exploring and adding other benefits: what other systems functions procedures could we add to the PSIM?
Where can PSIM be most effective?
PSIM is not an ‘out of the box’ product. As noted earlier it can be both costly and time-consuming to apply and put into operation. That being the case, it’s better suited to some environments than others. Experience shows PSIM can be very useful in high security environments subject to significant threat levels and dangers.
PSIM is also valuable in large estates such as hospitals and universities containing valuable facilities and equipment and having to deal with potentially volatile situations involving the safety and lives of people. Environments where a diverse array of spaces, buildings and departments containing a variety of people – staff, patients or students, visitors, suppliers and those with ill intent – all need to be controlled and secured.
Equally, those enterprises harbouring a large geographically spread real estate portfolio can use PSIM to efficiently manage their systems from a corporate headquarters, providing consistency across the organisation’s risk mitigation and business continuity responses and plans.
PSIM is also effective in places with multiple agency responsibility such as airport and city centres where it provides a flexible platform for easy sharing of visual information and intelligence data.
Whatever the environment, the secret of success is in the diligent evaluation and analysis of the objectives and careful planning.
PSIM: what’s in it for you?
As a client, what’s really in it for you to go down the PSIM path? Well, assuming all the correct design and implementation steps have been meticulously followed and applied then PSIM integration provides numerous organisational benefits, including increased control, improved situational awareness and management reporting.
It’s nothing if not a valuable management tool to be used for providing and controlling visual information and intelligence data, either for real-time use or for post-incident analysis. It puts you firmly and confidently in control of your information and intelligence gathering devices and systems without affecting the individual operation of any of those systems (which continue to function independently as they always have done).
Rather, it merely collects data from the disparate systems and displays it in a consistent and logical format to the various Control Room operators and other control positions with set response parameters in order to maximise Control Room efficiencies and provide a high level of security, business intelligence and accountability in the event of a critical situation arising.
PSIM – or whatever name is given to integration software – is really all about better managed and improved situational awareness.
Peter Houlis is managing director of 2020 Vision Systems
