In the not-too-distant future property developers, building owners and even tenants will begin to demand and expect truly integrated systems. Where do security managers and their officer teams fit in with this desire, and what are the major points in-house professionals will have to bear in mind? We examine the identification and subsequent management of end user expectations.
Ordering a steak in a restaurant should be a simple process. You choose your cut, then the way you like it cooked: rare, medium or well done. What could be simpler. Yet we've all had our expectations dashed at some point or another. Sometimes the steak has to go back or even be replaced. Clearly, something must have gone wrong in the ordering or cooking.

Nine times out of ten it's an operational problem that may be addressed by improving the management process.

If something as simple as ordering a steak in your local restaurant can go horrendously wrong, then in the somewhat more complex world of commercial service supply the opportunities for error are legion. As every security manager will know, errors in the specification and execution of business processes are not rare, and much time and effort must be put into their correction.

What's often overlooked, though, is the direct effect of all this on the end user. Returning to our all-too-well done steak, the customer was probably expecting a pleasant evening out and an enjoyable meal. Instead, they experienced hassle and possible embarrassment. They may well think twice before going back to that restaurant, too.

Expectations of the service
Security end users are no different to those in other commercial arenas. They have expectations about the service. In our daily lives we both produce and consume services. We continuously experience each side of the equation, then.

If you go to the Post Office at lunchtime, for instance, you can expect to join a long queue before being served. It may be extremely galling to see a lot of 'Closed' signs up on the service positions, with only a few staff greeting customers. Yet a moment's thought will tell you that Post Office workers also need a lunch break, and the fact that you're being served at all is probably due to a rota system rather than a fixed lunchtime for staff which would close the Post Office completely.

Clearly, someone has thought through the problem to balance the competing needs of the employees and the customers.

Inevitably, compromises abound whenever scarce resources have to be shared between competing groups. On a day-to-day basis processes can be adjusted to better satisfy the expectations of each party. Although merely listening to whoever shouts the loudest is usually not the best long term solution.

What is true of services is also true of products and systems. Here, though, the problems are different. Once a product is designed and in production it can't then be altered without great cost. For this reason alone, manufacturers and systems providers usually go to great lengths to test prototypes in a variety of situations.

In spite of this rigorous testing and forward planning, being the first user of a new product or system can often be a trying experience.

An incremental approach
Developers usually prefer to produce a modified or 'upgraded' version of a tried-and-tested product rather than something completely new. Such an incremental approach can minimise unpleasant experiences for both the supplier and end user.

An existing product represents a well-defined starting point. A wise design engineer will often begin a new product definition by questioning current users of that product to identify problems and discover unfulfilled needs and expectations. He or she will also try to ascertain the end user's reaction to new features that could be added. This can be highly instructive for the engineer as the latest technological 'gizmo' that they're keen to add may hold little interest for the average security end user operating in the private sector.

What end users prize more highly is ease of use and, of course, reliability. Have you never owned a telephone, stereo system or VCR which came to the end of its natural life with much of its functions untouched? Let's face it, we've all been victims of the phenomenon of 'technology push' at some time or another.

What has all this to do, I hear you cry, with the provision of security products and services? Actually, quite a lot. The security manager must obviously consider company end users when specifying, installing and commissioning new security systems and procedures on site. However, that same manager can often feel trapped in the middle between the demands of his own organisation and the limitations of the supplying company and its technology.

The key is the identification and management of end user expectations. If the security manager can master those areas then success is within reach. People don’t want technology. Rather, they desire the benefits to be had from technology. It’s not the same

In addition, just who do you define as the pure end user? Is it the company's senior management who authorise expenditure, or the workforce who have to cope with the installed processes on a daily basis?

Equipping building entrances with access turnstiles may seem like a good idea for coping with high volumes of traffic for access control, but try negotiating one when carrying a large package or sitting in a wheelchair and you'll soon recognise the disbenefits.

People versus product
The underlying trend in security over the past two decades has been the replacement of people with products. Security officers have often given way to intrusion detection systems complete with radio-controlled response. Similarly, concierge systems have replaced receptionists. Even in the public domain, the 'Bobby on the Beat' is in many cases just a memory, superseded by town centre CCTV. That trend will doubtless continue as more powerful and intelligent products enter the marketplace.

The latest trend is for these products to be linked together to form wide area integrated systems. As systems complexity increases, the danger is always that 'technology push' will prevail and over-specified, over-complicated systems will be installed. Such systems often appear to take on a life of their own, demanding the security manager's attention and time while returning relatively little in the way of real value.

In turn, they become the friend of the bureaucrat who can block change by rigidly following process steps and prevent progress by claiming that the system cannot be altered.

Improved security system capabilities come at a time of rapid change within most organisations. The fruits of many years' expensive and sometimes frustrating investment in IT are now beginning to emerge. So-called 'islands of automation' are being linked into co-ordinated, coherent and truly integrated security systems. Internal systems are also being opened to the outside world such that companies and individuals profit from information and services which were previously too expensive or difficult to access.

Management derives a number of benefits from these developments. Transposition errors are reduced as the output of one system passes directly into another without re-entry by fallible humans. Operational information can be reported to senior management in real time by way of highlighting problems and process bottlenecks early on.

In addition, organisations might even seek to outsource large parts of their support operations to specialist firms while concentrating on their core functions in chosen specialist markets.

De-bugging's a problem
As is the case with all such Utopian visions there are many potential problems. Large integrated systems can be very difficult to de-bug. It can take months to track down errors hidden deep within thousands of lines of programming code. Few automated systems have the flexibility of human beings. A computer cannot pop into the warehouse to check if a customer's order is being packed. It's a fact that the human touch is often sacrificed in projects to automate processes.

What can the security manager learn from these observations and truisms, then? Are their lessons emanating from other areas of business that might help with the need for improved security and better management with controlled costs? Fortunately, the answer is 'Yes', but there's no magic formula we can set out here for you to follow. A common sense approach may be applied to avoid the major pitfalls, while reaping the benefits of new technology when system change is considered.

The key is the identification and management of end user expectations. If the security manager can master those areas then success is within reach. People don't want technology. Rather, they desire the benefits to be had from technology. It's not the same thing. By first researching, defining and influencing expectations you can match what's wanted to what you provide.

Examine the real end users of your security systems and/or processes and then listen to them. You'll usually be surprised that their view is different from yours. Believe what they say.

Imagine you're the restaurant owner. Successful restaurants boast regular customers who'll return to where the product and quality of service matches their expectation levels.

Source

SMT

Postscript

Peter Manolescue is the founding director of SecurityXML