Selling, Designing and Installing Security Solutions

Sept. 1, 2016

When asked to write on this topic by Locksmith Ledger, my first thought was, "Are you kidding me? This is the title of a book!" When I asked them how long they wanted this article to be, they told me to do the usual length - 1500 words or so. "I can't cover this topic in that short of space," I thought, "but I can provide the biggest, latest trend on each topic." And, that's what I've tried to do so, here goes.

To Be Successful, You Need to Market

As anyone that runs their own business knows, there is no business unless there are customers.  Acquiring – and retaining – customers leads to increased sales and profitability.  Trying to thrive by selling only is very difficult. Instead of calling on them, you need to have them calling on you.

Successful security solutions vendors win the battle of acquisition and retention of clients through effective and creative marketing. To many, marketing conjures up images of expensive television commercials and glossy magazine advertisements. Yet, successful solutions providers know that’s just one tactic. They understand that marketing goes beyond the traditional media. It involves continuous exposure to potential and current customers.

Here are some tips to help you begin creating a successful marketing program.

Published articles in industry journals and newsletters get the word out about your company and establish you as an “expert” in the field.  For instance, if you believe that you could write - or have ghost written - and article that could help other locksmiths, contact Locksmith Ledger with your idea. If it runs, merchandise it by emailing a synopsis and a link to the article to your prospect list (If you don't have one, start one now.) Emphasize how one of the world's most important security journals used your information.

Update customers on new developments through your e-newsletter or personal notes.  Develop communications that stay in touch with your clients. We all know that loyal customers are the best customers and it is always easier to keep one you already have than to attract new ones. Newsletters and e-updates keep your name and products in their minds. Introduce clients to new products and services and share with them how you’re helping others.

To make prospects and customers want to read your e-newsletter, provide them with information that will help them protect their businesses, homes and people. Share information that they can use.

Continued presence breeds awareness of the product or service. Awareness is the first step to adoption. Just like teaching a child a nursery rhyme, repetition is key. Get that e-newsletter, or mail/email them a minimum six times per year. More is better. Don't forget, if your information is useful, they'll keep reading. Remember, too, once a company adopts your service or product, and they like it, they tend to stick with you and spread your name by word of mouth…yet another marketing tactic that you can foster.

Let your local press know that you are available as an expert any time that are reporting on a security matter. Here are some guidelines to assure your next interview ends up the way you would like.

  • Be available. If the reporter can’t get to you or you don’t return their call in a timely manner, too bad. They’ve got a deadline and it’s not the same as your availability.
  • Prepare. Educate the journalist…why assume they understand the story? NFL coaches use cheat sheets of plays during games; so should you in a game you don’t constantly practice or play.
  • Ask what the reporter is trying to find out. Now, you know what to discuss that will get in the piece or newscast.
  • Be open and honest. State the facts and don’t embellish. Be proactive in getting your important point across. There is no “off the record,” only in movies.
  • Integrity counts. Don’t trash the competition. Know what you don’t want to discuss and be prepared with a response. “No comment” is a bad response.
  • Enthusiasm. Many interviewees get “cool” in an interview…boring.  Passion sells.
  • Focus. Be short, concise and stay on your message. Don’t get distracted or pulled into other topics. That’s what the journalist might report.
  • Follow up. Thank them and ask if any additional questions have arisen.

Provide Seamless Solutions

Being seamless is essential. Reliance on proprietary technologies and platforms inhibits innovation, integration and the assimilation of emerging technologies. Issues arising from proprietary technologies plague too many systems. This is self-defeating for the security industry, creates major problems for security dealers and integrators and hinders end users from having flexible, scalable security platforms that cost-effectively protect their people and assets. 

"We increasingly hear that a major trend that will permeate physical access control now and for the foreseeable future is the growing connection between physical security and IT security," says Scott Lindley, president of Farpointe Data. "Because of this, there is growing demand by organizations for migration of computer-based systems to a common software platform or to standards-based platforms that can be easily and seamlessly integrated. Leveraging technology breakthroughs and a need for increased security, companies will also more rapidly adapt smart cards, two-factor readers, long-range wireless and intelligent video into their overall systems."

Physical access control systems on an enterprise level are now described as much in IT terms as they are in access control terms. New command and control integration platforms are giving integrators a wider range of solutions to help end-users meet this challenge head-on while, at the same time, requiring the integrator to have higher levels of IT expertise.

Home security solutions will be following the same trend as they are integrated with other home systems, such as heating, lighting, a/v, phones and others, all running on the same software platform and connected to the Internet.

However, today, the various components frequently used in the typical security system are not only disconnected, but from different manufacturers, complicating or making integration impossible. All too often, they employ incompatible hardware or proprietary, unsynchronized databases or completely inconsistent user interfaces that compete for space and attention. Such systems may be inefficient and need many people to manage them. Security personnel who have been forced to use them have been frustrated for some time but these systems will not pass muster with IT personnel or with homeowners wanting to connect with the Internet and other systems with the push of a button. 

Seamless integration means the physical access control department, as well as other groups in the enterprise, have the freedom to select different technology vendors from you, relying on the command and control platform to handle the integration.

This extends to system hardware. Today, with one card reader, users can read most popular 125KHz proximity cards, including those from Farpointe, HID, Allegion and AWID.  13.56MHz smart card readers can process contactless credentials based upon NXP Semiconductor's Mifare technology as well as based upon France’s Inside Technologies. Such readers provide continuity throughout the organization, without having to eliminate legacy cards while additionally building a pathway to higher security applications in the future.

Dealers and installers who want to be able to offer this type of powerful security platform to their customers must be willing to stay one step ahead of the technology.

Help Customers Avoid Hacks

Whether a major organization or a mom and pop shop, everyone today is subject to hacking. Larger organizations will often be targeted by hackers working for competitors, advocacy groups and even nation states. But smaller organizations, even one man bands, are not safe because they are susceptible to the largest group of hackers in the world, teenage boys sitting at their computers in their bedrooms who are simply looking for opportunistic openings. Then, once hacked, hackers simply drop in some malware that can drive people crazy in one way or another.

Here's where the installer provides a prime role. Unfortunately, many security manufacturers and installers don’t seem to secure their own security equipment. For instance, IP wireless cameras and card readers in the access control system are favorite targets of hackers. Unsecured, they can become irresistible backdoors.

Remember, by simply putting the default installer code in a disarmed state, it can be used to view the user codes including the master code or to change or create a new code. Therefore, if a potential unauthorized person gains access to a panel in the unarmed state, using the installer code gives that person access to all installed screens and will even allow creation of a new user code or change of a current user code. This code then trumps the master/ other user codes. If you don't believe this, try it.

So, by not changing the default code, the user might as well be giving a user code to everyone. Less than 30 seconds is all it takes to view master, and all other user codes, or even create a new one. Yes, you reply, but what if I don't have the default installer code? No problem. Too often, these codes can be found online by anyone that knows how to use a simple Google search.

In surveillance systems, the live feeds are being acquired by hackers that have cracked pass codes which are either weak, using the default code, or on those cameras without any pass code at all. The hackers are then able to bypass the camera’s safety features by using sophisticated software and online search devices to operate and control camera settings. And, of course, once inside the system, the hacker can get also access to the rest of the computer system.

The same problem occurs with access control systems. To make matters worse, Wiegand, the industry standard over-the-air protocol commonly used to communicate credential data from a card  to an electronic access reader, is no longer inherently secure due to its original obscure and non-standard nature.

Sometimes the problem is within the software itself. Oftentimes, the default code is embedded in the app to provide a mechanism to let the device still be managed even if the administrator's custom pass code is lost. However, it is a poor developer practice to embed passwords into an app's shipped code, especially unencrypted.

A Continuous Circle

Think of selling, designing and installing security solutions as a continuous circle. Once you sell a project, you get to design it. When the prospective customer approves your design, you get to install it. Once installed and the customer likes what you've provided, you get to promote it. As a new prospect likes what he's learned about that installation, you have the opportunity to sell him and a whole new cycle has begun.