printer friendly version

From the editor's desk: Maybe security should STTFS

The IT industry has an acronym, RTFM, Read the Manual; you’ll notice I left the F out. The same can be said for the security industry, but a recent experience has shown me that both industries, even as they converge in many areas, need to not only RTFM, but also STTFS.

Andrew Seldon.

The polite version of STTFS is Stick To The Standards. This applies to any and every part of an installation. In the electrical industry there are set standards to ensure safety and reliability. If you decide to rewire your house according to your own clever ideas, you will be in for a nasty shock when you have to get a clearance certificate in order to sell the property. The same applies to electric fences; you need a certificate of compliance for your fence if you want to sell your house.

All the rest of it is up for grabs, it seems, because there is nobody with a big stick insisting on standards and compliance. There are no regulations for installing a network (unless you use licenced frequencies for wireless or want to lay cables across public roads), but there are standards and best practices. The same applies when installing access control, alarms and surveillance cameras.

The experience I had was of someone being clever and installing things according to his idea of what was right, or maybe he was just lazy. On the other hand, perhaps he was looking to secure a long-term job for himself since nobody else could replace him – or so he thought.

Replacing the individual was indeed a challenge as the new ‘guru’ had to do a lot of probing and testing and guessing to find out how things were done (there was, naturally, no documentation). Long hours and frustration was the order of the day. In addition, the company itself faced large costs in new kit to replace the outdated and badly installed and configured equipment (as well as expensive experts to reconfigure and fiddle with stuff to get it up to scratch).

The lesson to learn is that standards and best practices are there for a number of reasons. One of those is longevity and maintainability. If your guru vanishes, someone who understands these standards can take over with the minimum of fuss; or if your systems integrator loses the plot, another can be brought in fairly easily. In both cases there will still be a learning curve, but standardising on accepted standards and best practices will reduce it significantly, as well as the frustration and costs involved in detective work.

Even if you are buying the latest and greatest new AI thingamabob that has no standards associated with it, the cameras, networks, servers and management platforms do. If your guru or SI isn’t willing to document their installation and adhere to standards, perhaps you should insist they STTFS or show them out of that age-old standard, the door.

Share this article:

Further reading: