Today’s technological landscape has seen a dramatic increase in the use of service-based offerings, whether these are software-as-a-service (SaaS) subscription models, service provision using cloud-based infrastructure or hybrid solutions enhancing local systems with additional support and remote connectivity. For end users, the use of a service-based approach adds benefits and flexibility, and for integrators and installers, the options can enhance the bespoke nature of solutions and deliver recurring revenue streams. Here, with the help of Axis Communications, we consider the benefits of security-as-a-service.
Businesses and organisations are increasingly looking for systems and solutions which deliver tangible efficiencies to their day-to-day operations. Whether these relate to IT and computing, building management, process control, core business tasks or other peripheral critical systems, a common approach is the use of SaaS (software-as-a-service).
It is increasingly usual for software packages to be obtained as a part of a service-based proposition. The benefits for the end user are well understood. Firstly, there is no capital outlay for the software licenses, nor is there any need to allocate resources to ensure the software is installed and configured correctly on each individual workstation. This is a benefit in terms of cash-flow, and regarding minimising the workload of IT departments.
Payments for SaaS are simplified: the user pays a monthly subscription fee, often based upon the number of active users and the modules of the software being used. Each user is often ‘multi-seated’, in that they can use their license on different devices. For example, many businesses might have workers who can either be office- or field-based.
The subscription approach enables them to run the software on an office PC, a laptop or even – in the case of browser-based software – on a mobile device at no additional cost. Also, some members of staff might only require certain elements of a software suite, so again costs can be controlled and managed with ease.
When it comes to updating software, with the traditional model a member of the IT department needs to update the application on each individual workstation. This will also need to be logged for cybersecurity compliance, and often the updates will need to be implemented during out-of-hours periods to ensure all users are working from a unified package.
With a service-based offering, the software supplier simply implements a central upgrade, and all users who connect to the software service are using the same updated version. Again, this reduces the drain on resources.
Often there will be aspects of the software use which require intervention from the IT department. These can include authentication management, port forwarding for remote connectivity, report generation, health-checking and maintenance, etc.. Again, with a traditional software proposition, these tasks will need to be performed in-house and inevitably add to the total cost of ownership. However, with the SaaS model, many of these tasks are automated via the provider’s cloud interface.
The SaaS approach is well proven and popular with end users in a wide range of applications, such as standard IT and commerce-based software, building management systems, communications and other specialised areas. As a result, a growing number of businesses and organisations are seeking the same model from their security providers.
Security and SaaS
In terms of security systems, the SaaS model is often so much more than software. Indeed, it could be argued that SaaS could stand for security as a service. While it is true that the software element is included in the service offering, allowing the use of a GUI-based client and management software, the service can also include a wide range of added benefits which are ideal for the integrator and installer, as well as the end user customer.
For many businesses and organisations, security is a secondary concern when it comes to revenue generation. Most operations place their emphasis on whatever it is that earns then their main revenue. Logistics companies focus on asset tracking systems, retailers on stock control and merchandising solutions, utility companies on infrastructure continuity, etc..
As a result, the purchasing decision relating to a security investment will be influenced by a number of factors, including ease of use, flexibility and the capacity of the system to provide additional benefits. Often, the ease of deployment and the costs associated with set-up, configuration and day-to-day operation can have a significant influence on a purchasing decision.
For example, consider even a small security system. The customer must invest in the edge-device hardware, the core software, an appliance of server to run the software, communications devices, etc..
After the installation of the system, the company’s IT department might have to commit resources to ensuring control over who can access what, ensuring the security system doesn’t impact on the corporate network (and vice versa). Management of software and firmware needs to be managed, as does health-checking and maintenance.
It is easy to understand why, for many businesses and organisations who are not fully conversant with today’s security technologies, a basic ‘black box’ solution has appeal, despite its performance being inferior to a networked solution. In many cases, the customers are seeking a level of protection against perceived risks. As the complexity of owning and managing that solution increases, so barriers to the investment are created. It’s human nature to avoid a system which might be more complex than it needs to be.
This is where the SaaS model adds benefits. Take something as simple as port forwarding. If a department manager wishes to interact with elements of a standard security system, such as viewing cameras or granting access to staff or contractors out of hours, a secure link needs to be created between their laptop or mobile device and the security system. Depending upon which internet connection they are using, they might also need to implement a service to ensure a static IP address can be used. Whilst port forwarding is a stable and understood IT practice, connection issues can occur for several reasons.
With a SaaS-based security system, the communication between a remote user and the security system is carried out via the provider’s cloud server. This allows a simple connection, as the various security checks, verification, encryption and other measures are automatically implemented by software in the cloud. As a result, the end user enjoys a simple but secure remote management experience. All the associated IT management tasks are taken away. Their ability to work with the security system is seamless and transparent, because the heavy work is being carried out by the service provider.
Also, SaaS services are generally hardware agnostic for the management and viewing of the system. Predominantly browser-based, this ensures end users can make use of their existing infrastructure to interact with their solution. The result is cost savings, coupled with operator familiarity with the devices, as these are the IT products they use for other tasks on a day-to-day basis.
The use of a SaaS model for security solutions eliminates many of the issues which can negatively impact on the decision-making process when a business or organisation considers an investment in a network-based security solution.
Benefits for all
Implementing a security-as-a-service solution offers a wide variety of value-added benefits, both for the end user and the integrator or installer. However, one proviso is that integrators and installers must ensure the SaaS solution provider who they partner with can not only deliver all that is promised but can also do it securely and with consistency. Also, the supported edge devices must be capable of providing the level of performance required by a business or organisation.
As the technology becomes more widely available, a number of cloud service providers are cropping up, offering security-based systems without a real understanding of what is important when designing, installing and maintaining a security system. It is relatively easy to stream video via a cloud service, but to do so with continuity, especially when events occur and the system is under strain, is not as straightforward as many think. Selecting the right partner is important.
For the end user, the benefits of SaaS are impressive. The reduced cost of ownership, simple costing of systems and ease of use have already been touched on, as has the freeing up of departmental resources.
The nature of a hosted security solution also frees the customer from having dedicated servers or recording equipment. Access and interactions can be done via mobile apps if required, offering total flexibility.
If an upgrade or expansion is required, this can be implemented quickly and cost-effectively. It is simply a case of adding another edge device to the system. Also, if changes are required to system settings, the user can request these, and the integrator or installer can implement them without visiting site.
As the scope of benefits from additional applications grows, specific add-on features can be combined with standard surveillance solutions. For example, retailers can leverage heat maps and people counting, as well as queue management, via the cloud solution. Technologies such as Lightfinder, the Axis solution to low light image capture, can save on energy costs. Automatic incident detection can be added to transport-based applications. In short, flexibility is key with a hosted solution.
For the integrator and installer, there are several benefits in terms of service delivery. Many of the communications configurations are automated, as are authentication settings. This simplifies the installation process. Leading providers will also deliver tools to help in the installation process. For example, Axis offers the Site Builder software. This allows integrators to specify devices, calculate areas of coverage, and even designate IP addresses and authentication details for the entire system. A report is generated allowing the purchase of hardware, and when the devices are installed the configurations can be downloaded. A final report is also produced for handover to the customer.
Maintenance and health-checks are included with the cloud service. This allows an at-a-glance check on the performance of the system, with potential issues being flagged up. As a result, integrators and installers can take appropriate action before a problem arises, enhancing customer support and simplifying service issues.
Importantly, hosted solutions allow the creation of a recurring revenue stream, ensuring the installation company receives a regular fee for the overall management and maintenance of the system. This exists throughout the lifetime of the system, ensuring greater value for integrators who deliver advanced solutions.