Editor’s note: This is the eighth in a series of interviews with session leaders from the upcoming GSO 2025 event taking place on November 2-3, 2022 at the Vari® (formerly VariDesk®) world headquarters in Irving, Texas, near DFW Airport. The event is named after a future date because it requires a 3-5 year look into the future where security leadership and security technology is headed. registration is open now.
Editorial Director Steve Lasky recently sat down with Ray Bernard, noted security consultant and author, columnist for security technology executive magazine and writer for security business magazine and SecurityInfoWatch.com. Steve asked about the focus of day two of the GSO 2025 summit on technology thinking.
SIW: In what way are you saying that our current technological thinking is still out of date?
Bernard: The information technologies we use to build our security systems have changed dramatically and continue to change at an ever-accelerating rate. While that fact is now common knowledge, the impacts of that situation have not been considered thoroughly enough. The physical security industry continues to be primarily product-focused without sufficiently considering the impact of key IT trends. The industry is still years behind IT in terms of IT design thinking and practices.
SIW: You can be more specific?
Bernard: There are several examples, and I’ll give you a key one. Most companies, especially larger ones, engage in digital transformation initiatives to improve the way the company works and does business. They are using advanced information technology in their data centers and, in some industries, even at the edge, that is, on premises and outside of data centers.
This advanced technology is much more scalable and upgradeable than what we use for physical security, except for some of the cloud-based offerings. With newer technology, companies are better able to facilitate change and growth. There is a strong focus on data. Information technology enables companies to better understand themselves, have deeper operational insights, and be agile to continually optimize the way the business operates.
This is made possible by recent advances in software-defined IT infrastructure, which provides virtualized compute, storage, and networking components that can be easily managed at any scale. These software-defined elements have levels of redundancy and fault tolerance that cannot be achieved with the outdated hardware architectures we use for our physical security systems.
New technological advances have made it possible to add or change computing, data storage, and networking hardware without interrupting software applications and their data exchanges. Hardware can be added, removed, or replaced without having to power down systems.
Deploying and maintaining such software-defined infrastructure no longer requires highly skilled or heavily staffed IT operations, because the software defined computing platforms manage themselves and use its built-in redundancies and failover capabilities to update software-defined elements, virtual machines, and the applications running on them automatically as hardware is changed.
The IT term for this is autonomous Computing Infrastructure, I first heard of Dell Technologies. It’s the IT industry’s equivalent to autonomous vehicles. It is the current state of the art for cloud computing technologies, and can now also be deployed as on-premises equipment, for the on-site elements of our physical security systems.
This infrastructure provides 99.9999% uptime for all applications, eliminating the need for third-party failover software and dedicated video failover recorders. The redundancy and fault tolerance capabilities of the physical security industry’s traditional approach to server-based deployments cannot match or even come close to autonomous computing infrastructure capabilities. In software-defined platforms, the application architecture is completely hardware independent, not constrained or limited by hardware like our traditional physical security systems are.
SIW: Can these systems be installed by security integrators?
Bernard: Yes. For example, Dell stand-alone computing platforms are shipped as lab-certified turnkey systems for the security applications that will run on them. They arrive ready to install and light. Their deployments no longer involve human IT tasks that used to be labor-intensive and error-prone.
Security integrators can install them in minutes and hours, not days and weeks. There are upgrade paths to sensibly migrate from existing legacy systems to that new technology. That includes having cloud apps in the mix, along with legacy technology that doesn’t yet justify upgrading.
For the first time in the history of physical security technology, on-premises systems can evolve to incorporate emerging technologies, applications and additional integrations and support new devices while security system applications continue to function with little or no downtime .
Another key point is that the computing hardware built to support this intelligent infrastructure approach has strong built-in cybersecurity features, much like those used for secure cloud computing infrastructure.
SIW: What kind of new thinking is required?
Bernard: It’s not hard to think, it’s just different from what we’ve been doing for so many years. We have been oriented around installing individual products and designing hardware based on near-term requirements for them, rather than designing an evolutionary computing infrastructure as a platform that can support current and future applications.
For example, today we buy local video management systems pre-installed on their own servers. Fault tolerance, if any, is limited to only the servers in that VMS. Usually that means RAID for storage, which for a heavy recording server means days of rebuild time and sub-par performance, which is why many VMS systems don’t use RAID for their recording servers and therefore Therefore, they are not fault tolerant. Individual failover servers for each application are not cost effective, so most backup system applications cannot survive a server failure.
Managing local security systems implemented in this way is complex because each application has its own hardware that must be managed individually. Buying separate hardware for each system is expensive. Hardware upgrades almost always require a system shutdown. Systems don’t scale incrementally and have to be over-provisioned to account for future growth, which is wasteful.
I use this diagram to provide context for how IT for physical security systems is moving in this direction. The IT world learned years ago that the phased approach we’ve used for almost all physical security system implementations has higher hardware and operating costs and doesn’t provide the guaranteed uptime that critical security systems require.
Taking the evolutionary intelligent infrastructure approach, any running application can expand its compute, storage, or network resources simply by adding or upgrading part of the infrastructure’s hardware pool and telling the infrastructure management console (a software application) which applications get its compute resources. , storage or network expanded.
Virtualized resources can be expanded automatically without shutting down the system. Hardware infrastructure management costs are significantly lower. Compute, storage, and network resources allocated to any application can be incrementally scaled up or down. This is much more efficient and easier to manage.
There’s a lot more to say on this topic, and we’re doing it, including demos of tech capabilities, at the GSO 2025 event.
SIW: Best of luck and we look forward to hearing more from you at GSO 2025 this fall.
Bernard: Thanks. We will have many interesting discussions at the GSO 2025 event at the Vari headquarters.