Physical Security as a Service? It’s Time!

By David Strickland, Vice President of Kenton Brothers

Kenton Brothers Systems for Security has been in business since 1897. This year we are celebrating our 125th year! Over that time, we’ve seen our industry innovate and transform several times. Currently, we are at another crossroads of evolution and innovation.

Traditionally, organizations have developed and generated their own internal physical security teams… one person or policy at a time. As their needs grow, so would their team. This team worked hard to stay on top of the regulations required of them as well as the technology available to them to meet those regulations. They would enhance capabilities based on the threats they faced, and manage the risk the best they knew how.

Many of the systems internal security teams traditionally invested in have become more and more complex and even introduce new risks with the convergence of IT/OT security and physical security considerations. This pressure to keep up with modern technologies and the threats they bring has become a real strain on resources. This, coupled with a very low labor pool, has led to some great conversations with our customers.

The Need for Physical Security as a Service

Over the last two years, Kenton Brothers has been approached by companies and organizations from many different industries. They want to know more about what we offer to help support getting them out of this downward loop. We quickly noticed that many of these customers’ needs analysis meetings carried the same theme. “There just aren’t enough resources to go around. With current personnel levels, there’s just no way to cover everything correctly.”

After several interviews, the pattern appeared and these valued customers needed support in the following ways:

• Administration of Access Control, IP Video surveillance, Intrusion Detection system
• Hosting and Managing of Access Control, IP Video surveillance, Intrusion Detection system
• Policy and Procedure creation
• Personnel Training
• Physical Inspections and Maintenance
• Alarm Management
• Cleaning and Repairing equipment
• Firmware and End of Life Management
• Forensic Discovery and Preservation
• Technology Selection
• Future planning
• Red team testing

An additional question was raised. “Would Kenton Brothers be able to take over the day-to-day running of our systems?” The answer is YES.

Case Study

In one scenario, a customer was losing their System Administrator soon after losing their Director of Security. This left no one to manage their physical security systems. This company is in a highly regulated industry and wasn’t able to find a replacement internally or manage the system correctly on their own in the time given. With three days notice, we went to work supporting our customer. We also created operating procedures for the tasks needed to successfully manage the following areas:

Immediate:

• Onboarding and offboarding employees
• Issuing credentials, assigning to user groups
• Managing alarms and system messages
• Preserving video evidence forensically
• Running daily checks of access control and video Systems
• Daily updates to system communications that are shared with IT and executive teams

Secondarily:

• Working with IT and executive management to communicate the state of system
• Create polices and procedures for new staff taking over
• Inspecting system to determine firmware status and Cybersecurity risk

We were able to create a part time Managed Service Agreement (MSA) that dedicated three hours a day to our customer. The agreement allows for additional hours for special projects such as a new location being built that will need to be onboarded in the next few weeks.

At Kenton Brothers, Partnerships and Innovation are core values. Partnerships have to be WIN/WIN and this was definitely the case in this situation. The Innovation came when the company decided to change the position they’re trying to replace by keeping future duties in Kenton Brothers’ hands.

Physical Security as a Service? Yes. If that sounds interesting, we would love the chance to work with your team to explore the idea and what it could mean for your organization. Just give us a call!