I work for a cloud company. I agree with the bulk of this report. The migration to cloud is happening, much like the switch from analog to IP many years ago. It took a while to happen, but it did happen.
2030: The Coming Dominance of Mega Cloud Physical Security Providers
For decades, physical security technology has been driven by manufacturers, but they will be replaced or transformed into mega cloud providers, radically transforming physical security.
The business model of companies like Axis or Milestone, so long a cornerstone of the industry, will be undermined and primarily transformed.
The emerging mega cloud physical security providers will be larger, more profitable, and more powerful than any today.
In this report, we examine, in detail, why and how this shift will occur and who this will help and hurt.
**** *** **-******** ****** ***** ****** **** ** ****** in **** ******.
Executive *******
*** ***** ** ***** ****** ** the ********* *** ******* ********* ** this ******:
- ************ ******** ****** ** ******* ** going **** ****** ***** ** ****** always.
- ************ ***** *** ***** **** ****** uncommon ** *********** *********.
- ******* ** ********* **** ****-***-***** **********-******** support ** ***** ******** *************** ** end ****.
- ********* **** ******** ** *****-********** *******, such ** *******, *** ********.
- ******* *******, *** * ****** ************ in ******** ********, **** ****** ********* drivers ** ***** ******** ******** *********' success.
- ***-** ***** *** *******, ******* **** 3rd ***** ****, ********** ****** ***********, and ******* ***** / ****** ***** monitoring.
***** ******* ******** **** ******* *********** competitive ********** *** ***** ******** ******** providers **** ********* *************, ******** *** former ** **** **** ****** *** soon ****** ************* ****** **** **********.
Video **. ****** **. *******
** *** ******* ************* ****** ******** security, ** ****** ***** *** ******* to ********** *** ******* ** *** cloud *** ****** ******* ** **** the *******. ***** ** **** ******* screening ********* *** ********** *** *** the ****** ** *********, ************ *** widely ********* *** *****. ***** ****** control ******** **** ******* **** ********* than *****, *** **** ******* ******** infrastructure ****** ******** **-**** ***** ************* to ***** ******** *** ****** ******. Within ****** *******, *********** **** ********** sooner ***** ** *** *** **** existing ************** / ********** ** ******* with **** **** *** ********** *** industrial ****** *******.
Traditional ************* ** ******** ******
************, ************* ********* ***** *** ****** access ** *** ******** ********. ************, manufacturers **** ******** ****** (*******, *********, servers) **** ****** ****** *** ** be ********* *** ********** ** ***** parties (***********).
**** ***** **** *** *** ***-**** was (******* ** *** * ******* 500, * ********** ******, * ***** hospital, ***.), *** **** ***** ********* not **** *** ****** ** *** system ****** **** ********** **** ******* on-site.
**** ************* ********* *** ************ **** the *** ****, ************* ******** **** the ************ ***** ** *** ************, support, *** ***-** *****.
** ********, ***** ******** ******** ********* have ****** ** ***** ********, ***** camera, ***** ****, ***** ****, ***** action, ********* *** ****** (*.*.,************* *** *** ******* *** ****** remote *******) *** ********* *** ***** (*.*., recall*** **** ******* **** ****).
Subscriptions *******
************* *** ****** **** *********** ** mandatory.
**** ** ************* ****** ** **** subscriptions ************, ***** ** *** ***********. Subscriptions ******* * ***** ** **** access ** *** ******** ** ******* being ********. **** ******** ******** ******** commonly ******** ** ******* ******** ************ from *** ********, ************* ***** *** remotely ******* ** **** *** ****** to ***** ********.
************ *** ******* ***** ** * subscription **** ******** ******** ******* **********, which ***** **** ** *********** ******** when *** *** **** ** ********** called *** ******** *******. ******* ** that, ***** **** ******* ********, **** most ********* ******** *** ** *** for ****.
***, **** ***** *********, ************* *** becoming ********* ** **** *** ********* enforced (*.*., ****** ******* ******** ******** ******), ********* *** ****** ******* ****, and **** ****** **** ****** *** likely **** ****** ****-**** **** ***** than *** ************ ******* ** ********* licenses.
Direct *******
******* **** **** * ********** ******* of ******** ******* ** * ****** direct ******* ******** **** ************ ** end ****.
**** ******* ******** ** ******* ********, support ** ***********. ***** ** *** customer's ********** ** ********* ******** *** upgrading ******** ** ******* ******* ***** what *** ******* **. **** ** requires ***** ***** *** ******* ************ of **** *** ***** **** ** seeing, **** *** ****** **** ***** their **** ** ****** *** *******.
***, *** *** ********** (******* **'* Amazon ****, ******** ******** **** [***], Verkada, ***** ***, ***.) ****** *** direct ****** ** *** ******** ********. This ****** ***** ********* ** **** instant ********** **** **** ******** *** deployed, ***** *** ****** ** *******, and *********** ***** **** *** ********.
***** ************ ****** ****** ****** ******* since ************ ***** *** ******** ******* to *******, ****** ********, *** **** updates ** *** ********. **** **** near ******** ********** **** *** ******'* configuration, *** ****** ** *** ********, and *** ******* ** ****** ***** from ********.
**** ** * ****** ********** *** the *** **** ** ** ** much ****** *** **** **** ****** to ***** *** ******* **** ****** to ***** *** **** ****** **-**** what ***** ** ***.
Cloud-Controlled ******** ** ******* / *******
**** ******** ** **** ******* *** deployed. *************** **** *** ********* ** ********** by ****.
**** ******** ** **** ******* *** deployed. ***** **** *** ********* *** ********** by ****.
******* *** *** *********** * ******* cameras.***** **** *** ********* *** ********** by *******.
**** ************* ******* **** * ************ can **. ************, ***** *** **** devices ********* ****** *** *****.
**** *** **** **** ********* *** control ****, *** ***** ******** *** start ***** **** ************ ******. ******* effects ******, *** ***-** ***** ****** significant ***************.
Network *******
** *** ****, ** *** *** matter **** **** ** ******* *** building **** **** ***, ***** ******* were ********* ***********, *** ** *********** was ****** ******* ****. ** ****, complex ************ **** ******** ** ***** video *** **** ******* ****.
*******, ** ***** *******, **** ******* is *****-** ** **** *******, ******** advantages *** ***** *** ****** **** those ****** **** ******* ****,******** * ******* ******.
*** *** ******** ** ***** *********:
- **** ********* ***:**** **** *** ***** ** *** doorbells/cameras **** ********************* ** *******, ******** ***** ** share *********, ********* ****** ** *****, of ****** ** ***** ********, *.*., attempted *********, ***** ****** **** ***, lost ***, ***.
- ***** ******** *** *********:***** ****** * ******** ******* ***** watchlist ** ****** ***********, ******** ***** from *** ************ ** ****** *** data ** ***** ***********' ***** *******. For ****, ***:*** ***** ** ******** *** ********** (Flock *** ********) ********.
** **** ** ***** *****, *** more ***** ****** ***** ******** *** opt-in ** ***** ********, *** **** likely **** ** ** ** ****** to ******.
App ***** ***** ***-**
************, ** ****** *** ****** **** never ****** (*********** ****** *** ********** ***** / ***** *&**). *** ******* ** **** ***** were ****** ** *** ** ******* with ******* ** ** ***** *******. This **** ******* *** ****** *** them ****** ***********. ***** **** ******* constrained ** *** ********* ******* *** camera *** ********** **** ***** *** simply *** **** *** ******** (***** attempted ** **** ** ********* **** but ***** ********** *** ******).
******** ******** ******** ***** *** ****** will ******* **** ********. ********* ******** can ** ******** ****** ******* **** control **** *** ****** *** *** cloud, ******** **** ** ******** ********* where ******. *** *******, ** *** app ******** *** **** ********* *******, it *** ** ****** ********* ** the ********'* *****. ****, ** *** business ****, *** ***** ******** ******* charges *** * ************ *** *** simply ****** *** *** **** ** whatever **** *** **** ***** ** add.
Facial *********** ********** ***** ***-**
*** ******* ** **** ** ****** recognition, ************ **********. ******* ***** *** watchlists ** ***** ***** ********* ** national ******** **********, **** ** ** add-on ******* **** *** ******** *** charge *** ** ******* ** ************* themselves ******* **-******* ********* **** ****** offer ****. *******, **** ** * significant ****** ** *** ******* ** cloud *** ********* (*.*., ****** ***** ** ******** *** ********** (Flock *** ********) ********).
Virtual ******** / ****** ********** ******
*********** *** **** ********** ***-** / upsell **** ***** ******** ******** ********* can ******* ** ****** ********** / virtual ********. ******* * ******* ******, virtual ******** ** ******** ** *** specialist's **** ** ******** ******* ** on-premise *******, ************ *** **** *** risking * **** ****** *** *****-***** implementation.
**** ***** ******** ******** *********, **** is * ********* *** **** ******. Once ***** ********** ********* **** ******** of ******* *********, **** *** **-**** their *********, **** *********** * ***** of * ******, **** ***** ******* are *** ***** ********* ** ****** staff. *** *** ***** *********, **** could **** **** ****** ******* *** account, *** *** *** ***-*****, **** provides * ****** *** *************** *** to ****** **-**** ******** *****.
Network ******* ********** ******
***** ******* ******* ********** *** ****** rates ** ***** *************. ** **** users **** *** ******** *** ***-** services *** *****, **** ***** *** incentivized ** ****, ***.
*********** ******* ***** ****** ********** ******* word-of-mouth ***** ********** *********** (*.*., "**** city **** *********, ** ******, ***"), but **** *** ** * **** smaller ***** ********** **** **** **** happen **** ***** *******.
Cloud ************* **********
***** ********* **** *********** ************* ********** over *********** *******.
*****, ******** *** ******** ******* *** applied ************* *** ****** ** ******** systems ** ***** *************** ******* ****** required **** *** ***-**** ** ** integrator. *************, *********** ****** ** ***** a ****'* **** ** ****** ******* if *** **** ** ********** *** even ***** **** ** ****** *** available.
************, ***** ***** ********* ***** "*****-****" cameras ** ******* **** ********* * secure ********** ******** ** *** ***** service, ** **** ***** ** ******** firewall ************** *** ******. ******** ********* ports **** ** ***, ***, ** cameras **** ******** ** ********** ******** of ********** *******, ****** ***** *** not **** ** ***** **** *** susceptible.
Cloud ************* *************
*******, ** ***** *******, ** ** attacker *********** *** ******** (*.*., ********** hackers ** ********** ********), **** *** be **** ** ****** *** *****' video, ***** ** *********** *******, ******* typically ***** ****** **** ** **** to ****** *** ****** ** *** system.
************, ***** **** ***** ***** ***** platforms, ** ************ ********* *** *********** access ***** ***/** ***** **** ***** cameras. ***** **** **** *******, ************ **** **** ********* ********* ********** Customers********** **** ******* ********* ****** ** Any ****** ******* ******* *********. **** *** **** ** * concern ** **-******* *******, ***** ****** was **** ******* *** **** ***** required *** ****** ** ** **-****.
Privacy *****
******* ** *** **** ***** ***** providers **** **** **** *****. ************, if ****** ****** ** ****** *** local ********, *****, **********, ***., **** would **** ** *** ****** ************ to *** ******. **** *** ****** infeasible ** ***** ****-********* (****** ** hack ** ************ ** *** ****** going ** *** ************'* ********, ***.). Even ** * ****** *** ****** on *** ***** ************ ******* *** day, *** ********** **** ****** ***** do ******** **** ** ** ***** them ****** ***** ******* *** ***.
*******, **** *** *****, *** **** a ******* ** ********* **** ******* millions ** *******, ** ** **** easier *** *********** ** ****** ** or *** ********* ** *** **** video ****** ***** *******.
***** *** *** **** **** ***** providers **** ****** ***** ***** **** authorities. *** *******,**** ******** ** **** **** **** had ****** ***** **** ****** ******* seeking ******* ** ********* *****.
*** **** ******** **** ****** ** changes (** **** *******) ** **** and *********** ** *** ***** *********** from ************ ************ ******* ** *****-********** ones.
Objections ** ***** **********
********** ********** ** ****** ** *** cloud **** ********* **** *** **** few *****. ** *** *****, *********** no *** ******* ***** ************ ** government ******** ***** **** ***** ************ or ***** ************ ** *** *****.
*******, ** ** ****, **** ***** corporations *** ****** **** ***** ** cloud ************, *.*.,*** ***** ********* ************* ******* ********* ******* **********. ************, *** ** ********** ****** of ********** *** ****** *** ********* strategic ***** ** ******* ******** ** the *****, *********** *****.
**** ***** ** ****** *** **** to ******** *** ** ********** ** the **** *** ***** ** ***** platforms ****** **** ****** *** **** in ******* **** ******** ** ********** VMS *******.
Impact ** ********* *************
*** ***** ** *** ***** ** a **** *** ********* *************, ** those ******** ** *** ***** *** late (** *** ** ***) **** be **** ******. ******* ** *** shift **** ****** ******* *** **** to ** *******/***, ***** **** ** aggressive ***** ******** **** ****** *** big *** ********** ** ********. ***** platforms ******* * ***** ******** *** unlikely ** ** *** ** ********, they **** ****** ******* **** ****, gradually ****** ****** *****.
Dahua *** *********
***** *** *********, ******* ** *** PRC, **** **** ********* ** ****** their ***** *********, *** ** ****** this ***** ** **** ****. ** the ** *** **, ***** *** Hikvision's ********** ************ ******** *** ********* a **** *********** *******. *******, ***** barriers **** ********** ***** ********* ***** offerings ***** ***** *** ********* ******* emphasize ** ****** ** ******* ** a ****** **** ****** *** ** sanctioned, **** ** ***** *********** ******** them. ** *** ********, ***** *** Hikvision ********* *** ***** ***** ***** harder ***** ********* ** **** ***** then **** ******* **** ***** *******.
Axis, ******, *********
** *** ******* ***-*** *********, *** three ** *** **** *** ******** questions *** ****, ******, *** *********; since **** ** **** **** ***** own ********** ********* ************ ***** ******** (Hanwha **** ***** ***,********* ******** ****** ******* *******,**** ******* ********* *** ****) *** *** ** them *** ************** ********* ** ***-**** purchases ******* ** *************.
**** ******* ** **** ** ********* to ********* ***** **** *** ****** to **** ********** (** ***). *******, we ******* ** **** ** *** take ********** ******, **** *** ** high ****.
OEMs / *********** ********
*******, *** *******, ***** ************ *** had ****** ** ******** ** ********* that ***** ** ******* ** ** manufacturers (***, *.*.,***** *** *********,********* *** *********, ***.).
***** ********* **** *******, *******, ** the ***** ***** ** *** ****** to ******* ** ** * **** manufacturer / ********. ************, ** *** hard *** **** *** ******** ************ (e.g., *********) *** *** ******** *** user (*.*., ** ********* ********) ** know *** *** ***** ***. *** relabeller ***** ******* **** **** *** real ************. *** ******** ************ ***** not **** ******* *** ***-**** ****** was *** ********* ** *** *****. The *** **** ***** *** **** because *** ********** *** **, *** finding *** ******** **** *********** ********* or ******* ****'* *** ***********.
***, **** *****, *** ***********, ****** they ******* **** ***** ***** (*.*., some ***** ********* ******* ***** ***, but **** ** ******* **** **** the ***** ** ***** ** ***** and **** ** **** *********), **** be *********** *** ***. **** ***** companies **** ** ** ********* ***** OEMing **** * ***** ******** *******, eventually, **** *** ***** ** *** out ***** *** *** ***** *** directly ********* ** ***** ******* / potential **********.
Integrator ******** ******
*******, **** ****** **** ** * net ******** *** *********** *** ***** mega ***** ******** ******** ********* ****** more ********.
********** **** ***** ** ****** *** cloud *******, ****** ******* **** ***** toward *************, ******** *** **** *** technicians **** *********** ******* ******** ******** to *********** *******. ************, *** ** this ********* ** **********, ** ******* more ****** **** *** ***** **** develop ***** *** ********* *****, ********* products ********* ******** **** *************.
** **** ** ******* **** ** much ******* ****** **** ****.
Timeline ** *****
*** ***** ** ******* *********, *** pace ** ** **** ********** **** the **** *** *****; *** ** expect ** ** ** ****** ************ by *** *** ** **** ******, with ** ********* ** *** *** of *** *****.
**** *** ********** *****, ****** ********* do *** ***** ** *** ***** year **** *** ****** *** ****** (think **** ****** **. *********** ***, in **** ******, ****** ** ** cameras). **** **** ** ********** **** or **** ********** / *********** *** we ******* ******* **** ****** ** well ********, **** *** ** *******, and **** ****** ************ ******** **** the **** * ** ** *****.
25 ******** ****
**** *** **-******** ****** ***** ****** **** ** ****** in **** ******.
Same here. I believe integration partners and end users are coming around to it. There is still plenty of space in the market for new players. Going to be interesting to see it all unfold over the next few years.
John,
This is impressive, if not a little abbreviated.
I have a half dozen family members who work in medical sales—much of it is in the same vein: manufacturer reps come and visit the doctor (in lieu of the integrator) to pitch them on their solution in hopes they “sell” it the customer/patient.
One thing I’ve learned is that in medical sales they are ALWAYS pushing for the latest and greatest technology. I asked why? Because a 5% increase in a technology could save a life, and adoption generally accelerates reliability, decreases cost, expands accessibility and alleviates customer/patient issues.
It’s almost the opposite in this industry. Integrators are LOATHE to take on new technologies. There are still guys who in the 2020’s have ONLY just switched to full time selling IP cameras.
Look forward to seeing some of the frequent commenters on this thread switch to a cloud solution in 2036.
Integrators are LOATHE to take on new technologies.
Most of them really are not. They are just loathe to get burned on something that turns out to ultimately make them look bad, or cost them money instead of making money.
For the most part, none of these products truly save lives (potential exceptions for gunshot detectors or weapons detectors, but even in aggregate all those sales represent a tiny portions of the industry). So a 5% improvement on something isn't meaningful enough to drive demand.
While I know it's the future, this is a big problem for cybersecurity.
I agree. I work in an organization that relies on privacy. I have a hard time believing that we will go to a cloud solution any time soon. We monitor/control our facilities VERY closely and having our video and/or access control dependent on our Internet connection to the cloud is very problematic for us. If we lose control or video at any point, there could be major consequences. And there is no way our higher-ups are going to allow our video to be stored off-premise. They won't risk a potential compromise of our system to hackers. Especially, when we don't have any say over the security policies of the cloud service.
While this may be a good solution for most organizations, I tend to see this as another potential point of failure.
#4, thanks for your first comment. I gave it an informative.
I work in an organization that relies on privacy. I have a hard time believing that we will go to a cloud solution any time soon
You may very well not. In these types of transitions, a chunk of customers switch over every year; some are earlier adopters, some are late adopters, and a handful never.
Your organization may switch in 5 years or 10 years, I obviously don't know enough to predict confidently.
One clear trend that happens in these transitions is that the new model keeps on getting better and better, reducing the concerns over risks (privacy/cybersecurity) and increasing the attractions (from novel functions only available on the new model).
Policies are great, but my experience of over 25 years in I.T. in banking, satellite support to multiple clients, and education is that no matter how good the policies are I.T. support hangs on the thread of good management. I need more than just good E2EE. I see E2EE being promoted, but I am more interested in Zero-Knowledge Proofs and decentralization.
Our backups can only be read by us for example, and the methods we use to esure it never gets read will not be mentioned on here, but it's tough. That's the only thing I use cloud for back-up SaaS/DRAS.
If you don't provide Zero-Knowledge platforms we will never go with you.
I am surprised that you, John, of all people, do not publicize the serious gaps in this discussion. Cloud is being hailed by cloud providers, and those who stand to profit most from them. With a loud enough voice, those without deeper knowledge bow to the pressure.
But it the end, 'the cloud' with respect to security at least, serves no one but the providers. It does not increase security, regardless of the promises; there is no better firewall than a gap. It also does not reduce costs; yes the monthly subscription price is cheaper that a short-term amortized loan, but that's based on worst-case equipment replacement needs, and driven by accountants who do not evaluate potential security breaches. You did, however, identify why many think it is cheaper; the other loud voices are the investors who are feeding off both ends of the table.
There will never be a complete transition to the cloud; but there will be many disappointed customers who jumped early out of advertising pressure, only to realize that they were sold up the river.
Even with an air gap (which, let's be fair, is not used on every installation), you still have NVRs, cameras, servers, NAS, and network infrastructure on-premises to support this setup. Somehow, VMS/cameras/NVRs still need to be accessed. Users must have some UI, some kind of access. Maybe even integrated with access control, monitoring station, etc. Someone has to make sure that the firmware of all devices, the network layer, operating systems, integration points - all of the attack surfaces are secured. And this has to be done for each site.
Do you find on-premises installation has a lower attack surface compared to the cloud, which in the best-case scenario doesn't need any extra hardware/software on-premises except the camera itself?
Agreed, many don't realize how many bridges there are over their 'gap.' Nonetheless, yes, I believe it does have a lower attack surface. Obviously, proper IT management is necessary, but that is true whether management is on the cloud or the premises. It is relatively easy to keep end devices up to date with firmware, so that relative risk is actually less. Network layers and O/S's are the responsibility of IT, and it is well worth keeping them funded.
You raise a good argument regarding integration points, but I may counter that exposing such to the internet and offsite management is even riskier.
Maybe to illustrate; it may appear that an octopus has more attack surfaces if you are looking at tentacles. But you have to get to the body to kill it. When faced with a significant cyber attack, or perhaps the more insidious danger posed by the multiple players in the provision of cloud services, not to mention the very real risk of physical interruption to internet communication, the largest risk comes to the customer by the very thing he cannot control; the cloud portion.
I see it as potentially just the opposite.
Working for several national/global integrators over the last 11 years, I lost track of the number of customers where we had a global admin account and remote access was through a product like TeamViewer with a shared password. This included having an AD admin account for an entire state.
The Target hack showed that VPN which is the most common way of securing remote access for contractors and staff can be hacked and used to access unrelated systems. This is compounded because in most cases now, a customer's own security staff expects reliable remote access to their system, increasing the attack surface.
Many customers aren't following a defined cybersecurity framework and instead relying on the experience of their cyber teams. IMHO these leaves potential gaps that are missed and allows for inconsistencies in policy.
A good cloud provider will have gone through SOC 2 or ISO 27001 or both, provides regular pen tests and can automatically update the firmware on the devices located on your premises, all without needing remote desktop to a Windows machine of dubious levels of security.
The challenge I see is to properly vet the cloud providers and choose the one that offers the privacy and security options your organization needs.
Sergio, its a matter of perspective.
The big problems are those legacy systems managed by technicians unskilled in Cyber security defence coupled with poor enforcement of best security practices by end users, no means to regularly update systems or keep abreast of security trends leading to those systems we all know running on unsupported OS with factory passwords connected to a network.
Do cloud solution's carry risks, yes, but having a system online updated to protect from known threats and capable of updates to encompass latest secure technology is the place we need to be and the the direction most IT Departments wish to go.
Cloud solutions are the means to deploy a secure scalable security platform that has potential to continually reduce risk for exploit and provide data protection.
This is the one great features of cloud systems is the firmware is typically kept up to date automatically with many systems. This is extremely important as most "legacy" systems often have out of date firmware on the devices. Sure you do you best to keep the firmware up to date or your customer does but you get busy and next thing you know the cameras can't pass a vulnerability test because the firmware is a year or two old.
Postscript: 2030 is seven years from now. Some may not be sure about how long or short that practically is.
To give a sense of this, seven years ago, in 2016, Hikvision's dominance was widely viewed as inevitable, Verkada was just being founded, and Motorola had no presence in video surveillance or access control.
A lot can and will change in this time.
And so we get closer to 1984. I think the Ring network is creepy. Police having access to video without the user's permission. Part of how fast this moves will depend on privacy rights, or lack there of.
Is there any concern with the cloud and its dependence on network/internet reliability? There is a lot said to having your security in house. Can you imagine an access system on subscription suddenly being shut off due to a late payment and employees not able to access their own facility?
I believe society may go the other way, or at least I hope so. This article assumes folks will continue to depreciate privacy.
This article assumes folks will continue to depreciate privacy.
I think that privacy protections will increase over the next decade as society realizes the downsides of letting corporations have unregulated control over so much personal information.
Fantastic report. As someone who's been active in the cloud space for several years now, it's pretty much spot on to what I've been saying to educate customers and integrators. Like so many others here, I was around when analog was still prevalent and IP was just heating up. Then, most seemed to agree that IP based systems were definitely the future but many couldn't really articulate why -- the value / benefit wasn't really understood. Fast forward just a couple years and they all seemed to understand clearly and as we saw a mass adoption take place, the major incumbent manufacturers watched as the newer native IP players quickly grew into the dominant players they've been for the past 12-15 years. These last couple of years have been very similar with regard to cloud based architecture, and we're right at the precipice of a massive tipping point that will once again change the makeup of who the giants are. That said, the customers have changed, too, and the cyber security aspect of these systems will be much more important. Manufacturers always have a choice between security and convenience when confronted with fork in the production road, and I believe it will be harder and harder for those that have prioritize convenience to remain prominent in the larger commercial space. Homeowners still don't seem to know or care that 3rd parties from all over the world have access to their residential cameras, and many small businesses don't seem to mind, either, but in the enterprise space, there will be a pretty large divide between the manufacturers who have taken the harder road to properly secure their platforms (at the risk of convenience) and those who take the easy path.
@ UE#5
As I understand it if you have a cloud phone solution and do not pay your bill you do not get to continue to answer calls from people or make outbound calls with your handsets in the building?
Is the security industry broken and people hold off on decisions on if they should keep the system they have until the last minute?
Good article. IMO one of the interesting companies that is not often used as an "cloud" example by IPVM is alarm.com. They dominate North American cloud-connected intrusion systems and have a nice resi/SMB camera offering. The data they would be able to collect must be valuable in its own right.
Also, I think a coming challenge is how do companies like Milestone & Genetec recoup the top line revenue of upfront sales from recording servers? Or even the upfront camera license. It will not equal subscription revenue. Maybe subscription potentially more gross margin per camera long term and there is longer revenue stream over time? its easier to show growth from 0 to 100 as new entrant or if you have always lived and died by the "cloud"
Also, I think if a manufacturer dont sell or own multiple pieces of the cloud offering (Camera/Network/VSAAS/hosting computers) it is harder to compete with manufacturers that do (ex: Verkada vs Arcules).
Lastly, the cost of supplying the monthly subscription is high, especially for cloud storage. Ex: The hosting using AWS/AZURE can be very expensive. I wonder what % of each subscription goes to VMS/SAAS after these factors.
PS: Typo in one of the quiz questions (RING repeats as two answers and one is considered wrong answer).
PS: Typo in one of the quiz questions (RING repeats as two answers and one is considered wrong answer).
Thanks. Fixed.
alarm.com. They dominate North American cloud-connected intrusion systems and have a nice resi/SMB camera offering
Yes, Alarm.com is quite big in residential and approaching $900 million in annual revenue, see our most recent report on them: Alarm.com Stock Up, Guidance Raised, Q2 2023 Financial Results Examined
They are also getting bigger in commercial and focusing more there as they hit natural growth limits in the residential market.
Great article. Customers (end-users) will drive this. It's inevitable.
Quite literally, the only customers that ask about cloud systems are the ones who also say, 'I heard that's the latest thing.' When questioned on the value and applicability to their facility, I have yet to have a customer say that the cloud is better.
Fundamentally, our clients trust our judgement; but if our judgement is flawed by popular opinion, who will really be at fault when it fails?
Verkada has been stealing intellectual property from my company relating to remote guarding services, even going as far as to pay one of my employees to leak information to them. Within a month our competitive differentiators were already added as features to their platform. Essentially requiring us to sell Verkada or try to compete with them. New deal reg guidelines on the partner portal now include how they "do not believe in the reseller owning the relationship" with the customer.
Yes, any service that directly caters to your customers and utilizes you as a sales intermediary will eventually result in a scenario where you transform into a middleman, destined to be phased out over time.
New deal reg guidelines on the partner portal now include how they "do not believe in the reseller owning the relationship" with the customer.
Is this literally a direct quote? Can you elaborate? Thanks. Also, feel free to email me john@ipvm.com
Verkada Deal Registration Program Rules
Last Updated October 18, 2022
Verkada offers a Deal Registration program as an incentive for authorized partners to uncover opportunities in the marketplace. We strive to make the program transparent and efficient.
The following rules govern the program.
Verkada recognizes Deal Registration on an individual sales opportunity basis, not for all opportunities related to an account. Verkada does not recognize the notion of a reseller “owning” an account.
Thanks! I just checked and that is actually published online - Deal Registration Rules - Verkada
I think this is worth covering on its own, we'll ask Verkada for comment and queue something up.
Question? Does this statement " Verkada does not recognize the notion of a reseller “owning” an account." only apply to dealers that register deals or does this apply to any deal that a partner brings to the table?
Seems pretty clear to me that they do not provide registration pricing for just one contractor.
Really how could they say that if you register the deal Verkada owns the account but if you don't register the deal the partner owns the account? It will be very interesting to see the response.
Verkada replied and our full report is now live: Verkada Vs Integrators: "Owning the Account"
We don’t recognize a manufacturer “owning” an account. They clearly don’t understand our business and greatly overvalue their importance. That statement does nothing but guarantee no sane integrator would bring an account to them.
It's my opinion that the first to market with a a truly functioning fully hybrid model of on-prem storage and the ability to keep network traffic local will dominate this space. My cloud customers really struggle with latency and buffering. It is a pain point that has a lot of organization unwilling to make the switch. As soon as it is resolved, it's off to the races!
Have you looked at OpenEye? If so I'd be curious to hear your feedback.
We have full rankings on VSaaSes including OpenEye: VSaaS Rankings 2023 - Arcules, Avigilon, Eagle Eye, Genetec, Meraki, OpenEye, Qumulex, Rhombus, Turing, Verkada, Vivotek, YourSix
Forgive me pitch, but this has already been done. Avigilon Alta (formerly Ava Security) follows this model and keeps local traffic local, so bandwidth is kept to a minimum. We're happy to help if you'd like.
DISCLAIMER: I work for Ava / Alta.
How does this 'fully hybrid on-prem model' distinguish itself from a traditional VMS with a web UI?
In terms of latency, does your current cloud solution provide real-time live video streaming? It's quite typical for real-time streaming to exhibit sub-second latency for the entire path, from the camera to AWS to the end-user device.
The assumption is that all video is sent to cloud first then to the client but that is not how all systems do it. Alta for example will stream from the camera to the browser without going to the cloud if you are viewing from the LAN. This reduces latency and WAN bandwidth usage.
I respectfully disagree with those traffic assumptions.
Streaming directly from cameras to end-user devices will significantly increase WAN usage. For instance, when 2 viewers access a single live real-time stream, it will result in 2 simultaneous outbound streams. Similarly, if 2 users access 16 real-time streams, it will result in 32 outbound streams.
In contrast, centralized distribution maintains a consistent load regardless of the number of viewers or stream types. It ensures that there's only one stream per camera, resulting in a stable and predictable load.
Regarding traffic latency of continuous video streaming, I assume we're discussing a public internet scenario where cameras and end-users are typically on different ISP providers and locations. It would be enlightening if Alta conducted comprehensive tests comparing it: 1) the streaming latency of path from the camera ISP to the end-user's ISP, and 2) the streaming latency of path from the camera's ISP to AWS and then to the end-user's ISP.
Streaming directly from cameras to end-user devices will significantly increase WAN usage. For instance, when 2 viewers access a single live real-time stream, it will result in 2 simultaneous outbound streams. Similarly, if 2 users access 16 real-time streams, it will result in 32 outbound streams.
You miss understood what I said. If your client is on the LAN then ALTA knows the camera is on the LAN and streams on the LAN not out of the WAN connection and back to your client.
I think you are spot on about applications moving fluently between edge devices and cloud depending on capabilities and availability, sometimes. We looked at a set of our customers and identified 4 different project types: edge primary, partial edge, alternative edge and replacing edge. The category "alternative edge" means that the company already have an application in the cloud and are creating an edge based alternative to it to reduce costs, latency, or for other benefits. These applications can fluently move between the cloud and edge device depending on how powerful the device is and how heavily utilized it is. 3/14 projects belonged to this category. For the other categories there are technical challenges with this approach. There are also commercial challenges such as some customers shopping specifically for edge based analytics due to legislation or privacy concerns. In those cases it does not fly to say that the application will execute in the device unless this or that.
How about AXIS Device Manager Extended? That should give Axis direct access to the cameras. I guess their business model and their fear to compete with partners still makes their offer limited compared to e.g. Verkada's. It would be interesting with an IPVM coverage of the current and planned features of ADME and its pricing model.
I guess their business model and their fear to compete with partners still makes their offer limited compared to e.g. Verkada's.
That is my impression, given Axis's historical decision-making.
It would be interesting with an IPVM coverage of the current and planned features of ADME and its pricing model.
It's worth us covering it. I've queued it.
I appreciate this article tremendously and have some thoughts/questions.
1. The tone of this article and the recent Verkada interview/feature feel to me to be a departure from previous negative tone of "frat-boy culture" and "hostage as a service", both of which were well earned by Verkada. John - has Verkada approached you in any way and appealed for assistance in repairing their reputation? Have you had any discussions along those lines with them?
2. Cloud storage is still REALLY expensive. One could read this article and feel a wave of urgency to recheck the feasibility and pricing of cloud storage. I checked - it's still REALLY expensive. As an example, the ROI for a 1000 camera multi-site customer shakes out to around $90,000 a year to store all data in the cloud compared to $20,000 a year for a 5 year $1 buyout lease with next day service. Using AWS or Azure for Cloud storage is over $130k. (These are the numbers I ran, I encourage challenges to those broad numbers). Do we expect exponential decreases in cost of these services?
3. Bandwidth is still not free and unlimited, how many customers have the capacity to push up an additional 500mbps?
4. Considering the above (2 and 3)as relatively the case and using the Verkada example where video is stored on SD cards locally, does this "phenomenon" boil down to Cloud based video management with local storage? Do 1000 little SD cards represent efficiency over a SAN or a RAID5 disk array?
5. Over the past 20 years we have spent 90% of our time cabling, installing, aiming, cleaning and replacing cameras and 10% maintaining servers. Will the MegaCloud really take over control of the market? I agree that controlling customer access to the cameras is the most important piece on the board but I don't think it's more than 10% of what it takes to run a system over the long term. To support that I can point to the troubles Verkada has had that prompted the recent feature Verkada Wants to Win Over Security Integrators
previous negative tone of "frat-boy culture" and "hostage as a service", both of which were well earned by Verkada
Hostage as a service is bad and continues to be bad. It's going to be even worse as Verkada, and others get bigger. Same with their sales tactics, though hopefully, as they get bigger, they restrain them as more professional management is brought in.
has Verkada approached you in any way and appealed for assistance
Verkada has long despised IPVM and implored its people not to read IPVM. I don't believe that's changed though their new PR term is savvier than their core bros (e.g. Verkada: "Unethical Practices By Chinese Surveillance Companies Is Ubiquitous").
Also, Eagle Eye, another major player portrayed positively in this transition, highly dislikes us, e.g., Eagle Eye CEO Donates, Dines With President Biden.
The reality is these companies are growing and getting lots of funding to help them get even bigger (e.g., this year Security Integrator Invests $192 Million Into Brivo and Eagle Eye, Solink Raises $60 Million, Led by Goldman Sachs).
does this "phenomenon" boil down to Cloud based video management with local storage?
Yes, that's how most are doing it and will continue to do it.
Over the past 20 years we have spent 90% of our time cabling, installing, aiming, cleaning and replacing cameras and 10% maintaining servers.
Is that 90% of the value you offer? We'll talk about this in the next report next week in more depth. My guess is that your time might be 90% on that but your value is in far more complex areas that the cloud providers will aim to eliminate / replace.
I do find the complexity in access control systems to be outdated, I believe a lot of other IPVM readers have commented that Verkada is now “crawling” back to SI’s because of the installation complexities of Access Control.
But the truth is, companies like Axis are already selling IP door readers, it’s only a matter of time before you can buy IP plug and play mag locks.
Ubiquiti, which isn’t spoken of much here, is also shaping how access control may work in the future.
James, you kind of just showed why there is "complexity" in access control. At least in the US, life safety code pretty much requires all maglock power to be connected to the fire alarm system. So it will at least require a code change (and update to UL most likely) that will allow the maglocks to communicate to the fire alarm over a network, which will be a challenge in of itself, or the customer will have to pay for a fire alarm relay at every door that has a maglock.
This one requirement (which by extension may be applied to other locks) is a significant reason why you don't see a broader adoption of IP controllers at the door.
I've looked at Ubnt, I don't see a lot of innovation besides "cheaper". What I do see is them selling hardware that cannot be legally installed in most of the US to people not properly trained to understand how to safely install electronic locking systems. They furthermore provide wiring diagrams that do not include the neccessary components to ensure their gear is installed in a code compliant and safe manner.
Life safety code was written based on the painful tragedies of the past and when companies either choose to be ignorant or just naturally are because it's outside their area of expertise, we will be doomed to repeat those tragedies.
Thanks for a well explained argument;
Ubiquiti is interesting as they can disrupt an industry without a lot of consideration to long term affects and with access control including safety.
They don't allow integration with any other product, so there is no way to ensure it'll work with US code like you mention.
To clarify, I don't support the trajectory Ubiquiti and a few other startups are moving towards but see their potential to change the industry. But change is happening, conversations with customers are changing.
Though when I mention complexities in access control systems that are outdated, these are the way software systems are designed, clunky database design, the lack of interoperability between platforms, firmware management, no consistency on end of line resistor values, etc etc.
Ubiquiti, which isn’t spoken of much here, is also shaping how access control may work in the future.
Those guys may scare me more than Verkada nowadays. Their product lineup is very strong and comprehensive as heck. For a small business buying the Dream Machine with 8TB of storage, some AP's and cameras and you've got total control of your network and good video. That lineup takes the $200 per hour network integrator out of the picture as well; setting up WiFi with bandwidth control, separate subnets/VLANs is remarkably easy.
NOTICE: This comment has been moved to its own discussion: Ubiquiti May Scare Me More Than Verkada Nowadays
I disagree that cloud recording will be "dominant". To clarify even further, I disagree that "subscription" models will be dominant. This is just a guess and I will probably be way wrong but it just goes off of my opinion of the way people think.
If customers have a choice of paying for an expensive multi camera expensive surveillance system without a monthly/annual fee or paying for an expensive multi camera expensive surveillance system with a monthly fee, a majority will choose the non-subscription. Will people still pay (and currently do pay) for an expensive system with a subscription? Sure! Will it be dominant? NAY! not at all!
disagree that cloud recording will be "dominant".
There's no disagreement there because we are not assuming cloud recording. Video will still predominantly be stored on-site but managed in the cloud.
If customers have a choice of paying for an expensive multi camera expensive surveillance system without a monthly/annual fee or paying for an expensive multi camera expensive surveillance system with a monthly fee, a majority will choose the non-subscription
If there is a choice, I think the choices will dwindle as more and more providers push toward subscriptions. Are you following what's going on with Hikvision in the UK? Hikvision Starts Charging For "Remote Maintenance Package" Cloud Service
That noted, to be clear, I agree with that your market focus will be more resistant to subscriptions. And some companies like Ubiquiti that have highly profitable hardware businesses will be more assertive in not charging subscriptions, related Ubiquiti Throwing Shade At Verkada
There's no disagreement there because we are not assuming cloud recording. Video will still predominantly be stored on-site but managed in the cloud.
Ah, in that case i agree. Matter of fact, arent we already at dominance? Virtually every surveillance product has some sort of p2p service and most of them are free. Its when you get into cloud storage is where the subscriptions costs begin. I would argue that if a manufacturer charges for a basic P2P service (basic remote viewing and playback) then they are antiquated or out of touch. If they want to charge for more optional stuff, then no problem, but I think the large user base will be using the free option.
But my argument was based off of subscription costs remaining a minority of installations for many years to come.
One thing that could see subscriptions ramping up is when companies start offering cameras for "free" when you sign up for a "x amount of time" contract.
Cloud is one of those words that everybody recognizes, but for some reason, I find few seem to understand what it means with regard to physical security. The most common misconception is that a cloud surveillance system means cloud storage, but as you've pointed out, many of the most prominent systems utilize local primary storage, while some of those also offer cloud storage as an option. Some use cloud cameras, some use local appliances, and at least one of them does both.
The one commonality that they all share and really should be understood as what it means to be a cloud-based system is where the VMS platform resides. If the platform resides in the cloud, then it's a cloud based system, which is very different than the traditional legacy / old school platforms like Milestone, Genetec, Axis and the like that still require their server software running on a local Windows based server that needs to be maintained, upgraded, patched, etc. P2P access for operation or admin is really just a web relay to a local server or appliance, and that's not cloud.
The VMS platform itself residing in the cloud as a managed service that is automatically updated more than justifies the ongoing cost of a subscription based solution for most, which is why we'll continue to see more and more customers move in this direction, just as they have in almost every aspect of their technology stacks. VoIP systems, Office 365 / G-Suite, Zoom / Webex, Intuit, ADP....all are cloud based technology offerings that have replaced their local-only predecessors and are now commonplace in the market. Physical Security has always lagged behind the rest of the technology space, and cloud-based video / access control (and in time, intrusion, fire, etc.) platforms are no different, at least in my opinion.
While I agree with your definition of the cloud, and thank you for identifying that, I disagree that security is no different than other technologies. I also must comment on the 'choice' to move to subscriptions for Office 365 / G-Suite, etc. The industry is making it impossible not to move to subscriptions. But anyone that actually does the math knows that they will spend more on subscriptions than they will on purchases. That's why the industry is moving that way. But nearly everyone I speak to objects to it. I also find that your base case, like so many others, assumes 99.99% internet connectivity or better, and that the cloud platforms are inherently better secured.
The problem is, only the wealthiest corporations can afford the luxury of such bullet proof virtualization. There are tens of thousands of businesses that can't/won't spend the money on that level of IT infrastructure. Most would rather cut their losses and be glad that at least safety and security systems are not exposed to the wilds of the Internet. The first time western Internet gets hit with a real Cyberterrorist attack, there will be many retreating behind a gap.
When you say "behind the gap", I take it to mean a completely closed off system that offers no remote access. And yes, that might be more secure than a cloud based system, but for most companies, having no remote access is not acceptable. As such, I would argue that a cloud-based approach is absolutely more secure than legacy / old school systems that require VPNs or openings in the firewall to provide remote access.
I wholeheartedly agree with you that adoption will never be 100%...in fact, there is no "one size fits all" solution in the market that does everything better than everyone else. But with regard to the masses, cloud is still very attractive not because the industry simply deems it so, but because there's a lot more than hard costs involved. Understanding a customer's business enough to identify and articulate soft costs that are attributable to legacy systems is necessary to help determine the ROI. For example, many smaller school districts have maybe 1 or 2 IT folks that are solely responsible for all the security in addition to all the Chromebooks / tablets, cloud tools for curriculum, etc. and in talking with them, having a cloud based platform that allows them to not have to spend any time managing / updating / patching servers means they can focus on all the other tasks that are more in line with their core responsibilities. That alone is worth the cost of subscriptions, just like $99/yr for Office 365 is a better value than $300+ for MS Office software that must be installed on every device every 3-5 years because it's always kept up to date for them.
Some folks will probably never go cloud, nor do I expect them to. My main point is that it will be widely adopted because it's easy and includes more functionality with less work than legacy systems could ever provide, and there is absolutely value in that. Anyone advising their customer otherwise will either be pulled by their customer into the cloud reluctantly or they'll simply lose the customer altogether to someone who's introducing them to cloud architecture.
Spoken like a Verkada salesman. More functionality with less work? Name one. Explain how it’s easier to setup.
Lets compare a Windows based VMS with 24 cameras vs 24 cloud AVA cameras. I will have the 24 AVA cameras connected to the cloud and recording before you finish updating windows and completing the VMS install.
24 cameras is hardly an enterprise system but do you not name cameras? Not setup users? Not setup groups? Triggers? Notifications? Most NVRs recognize the cameras, perform updates with a click etc.
Technically, if they can be pulled into a single pane of glass on the web interface of the cloud, they can be managed as if they were on an NVR (imagining it like Meraki or UBNT).
Where did I say NVR? I said windows based VMS even if you used a cheap NVR I would still be faster. I don't even have to pull the cameras out if the box to connect them to the cloud. Just scan the QR code from my phone or upload the serial numbers on a CSV with all the camera names and I am done. Soon as the camera are plug in they upgrade firmware automatically.
Speaking of firmware are you updating your NVR firmware and cameras every couple of weeks? This is also done automatically.
I was trying to give you a fighting chance at 24 cameras if you you want to make this even harder for your self let's do 1000 cameras with 10 windows based VMS servers. I will bulk load all the camera and camera names in one shot. If names need to be adjust the installer can do that from his cell phone while installing them in the field. For users I will use SAML and sync the 100 plus users from the clients Google account. Networking wise I will use cloud managed switches with WAN access so I can manage the whole system including the network from my cell phone.
Synching to Active Directory or Google is the same, you can “bulk load” names still requires typing them. I’m not saying there aren’t a a few less keystrokes and you decided to bump in on a question I asked of your salesman. We do a fair amount of OpenEye and it’s cloud managed. We do many larger enterprise VMS systems as well, I know how it works. The advanced features take setting up on both types and naming cameras is a fraction of the time it takes to integrate a system. You’re speaking of installing. Also, put your name on your post- all of you.
I wish I didn’t have to repeat my points on the matter. #wishgranted #goodtalk
First, I do not work for Verkada, but I understand why you would think so. But I wouldn't be surprised if they have already started calling on your customers. If your customers choose to ignore their calls because they trust you completely, then I commend the job you've done thus far to earn their trust. Despite that, I believe that a time will come at some point (if it hasn't already) when you will be asked to educate them and provide options to move to the cloud in some capacity.
Second, yes -- you do undeniably get more functionality with less work. IPVM has done a great job of illustrating this. All the cloud camera platforms come with multiple analytics built in. No additional cost, no fine tuning, no training...they work out of the box. At least a couple of the appliance based cloud platforms also inject analytics over the video streams from standard IP cameras. Looking at the leading legacy on premise platforms, none offer any real intelligence without either buying 3rd party bolt on products, specific high end cameras that have some edge based analytics at the edge, or server based analytics. These need to be configured and/or purchased, and as we've seen over the years, very few have proven to be viable from a cost and reliability perspective.
Intelligence / AI-driven analytics offered in the cloud platforms are the easy button that absolutely provide a higher level of functionality, and as they work right out of the box, then I'd argue that they accomplish this with far less work to deploy. Not to mention how easy it is to bring cloud based cameras online...having done both many times, there is no question that deploying cloud-based platforms is much quicker and easier than anything involving a local server. I will of course exclude more consumer grade products (like ones you can buy at Costco) from this statement, as I have never messed with those, and likely never will.
Now please understand, I am NOT in any way saying that legacy platforms like Milestone, Genetec, Avigilon, Exacq, and Network Optix are obsolete -- far from it. But there is a reason they are losing marketshare to the cloud-based platforms who are all growing at a much faster rate. There is a reason why IT professionals in companies and agencies of all sizes are mandating cloud based security platforms. You can disagree with the rationale, but you can't deny the factual reality of what is happening in the market every day.
I don't think anyone is disagreeing with the simplicity. But why is it easier? Because the manufacturer will make more money in the end.
It's not the ease of use, it's the morality of setting up your customers for failure and compromise. You are missing the point of this discussion.
I might be missing your point, and if so, then I do apologize. Perhaps you have a different understanding of easy vs. simplicity than I do, but the literal definition of simplicity is: the quality or condition of being easy to understand or do. I'm confused why you'd agree that it's simpler but challenge that it's easier when they're basically the same thing...just different terms. Again, I might not be properly understanding your point.
For clarity, here's mine. The built-in analytics available in most cloud based platforms today provide a higher level of functionality -- both forensically and for real time response -- than legacy systems that rely on 3rd party bolt on solutions (edge, server, or 3rd party cloud based analytic only solutions) but otherwise provide none out of the box. Cloud based systems deploy much quicker than traditional legacy systems. Both are examples of providing more functionality while simultaneously being easier...or simpler (or vice versa if you prefer).
In addition, these solutions are now often being sought after and in some cases mandated by many customers in the market, including SMB and enterprise segments. I'd suggest that this demand is not solely just because manufacturers of cloud based solutions are pushing them this way out of sheer greed.
Hope this clears up any possible misunderstanding.
Since ISP's are still asymmetric (especially in Resi) local storage managed by cloud will continue to evolve. If access is easy and reliable it doesn't matter where it is stored.
Well pricing certainly matters and currently local storage is still a fraction of storage on someone else's
That how Verkarda works, I've been building my own VSaaS system do so something similar using nxMeta
Good disco IPVM.
re: Ring and LPR data gathering, other cloud data aggregation Does anyone have good examples of a single-company private source have major adoption with government? As in, Ring network actually getting critical-mass-type success with police departments.
actually getting critical-mass-type success with police departments.
Flock has massive numbers of deployments with police departments. The closest post talking about this is The Power of National LPR Watchlists (Flock and Motorola) Examined
Simply put the primary reason this will come to forwision is the same reason it happened with exchange and other on prem IT offerings. Marketing like this pushing its better (true or not it has pros/cons, lots of what is said in here is largely BS) and the money trail (it always comes back to that). There is more money in it for the big guys so over time the development/improvements out pace on prem until they cut the head off on it.
Cloud - The illusion that big companies care as much about your business as you do so hand them the keys to the castle, then give them the castle, then rent space from them. Some things start with good intentions but then the slumlord mentality moves in as companies become to big and don't truely care about their customers.
As an IT provider with a direct relationship and first name bases with our clients. We know more about our clients holistic IT enviornment, have access to all things, and can troubleshoot way faster than a call center in India with someone you can barely understand on a crappy connection with lots of background noise. I still recall when big tech free tech support was domestic based, that was first to go overseas. Enterprise paid support held on pushing that was domestic based, then that went overseas. Now you spend 6 figures on products with heavy subscription fees, have to wade through 40min of menus + hold times just to get pushed off to email only advanced support. Some switched to placement notetaking call centers that do call backs only, etc. Its all a pipe dream people, I see more issues and outages upstream with cloud and carries than I do in local systems and support is abysmal, the end users have little to no leverage to get taken care of once the scales fully tip.
Now you spend 6 figures on products with heavy subscription fees, have to wade through 40min of menus + hold times just to get pushed off to email only advanced support.
To your point, I do think at some point there will eventually be pushback on mega cloud companies' mega subscriptions. There are benefits though and that combined with all the money driving it means these companies will become dominant.
I do wonder what comes next/after that, i.e., as these subscription cloud companies become mature how much of a movement will there be to shift back to no subscription charge offerings?
Money trail and public brainwashing that its smarter/better, its a powerful combo. Ether one by itself is hard for the tried and true underdog form to recover from but together the nails seal the coffin. IPVM could do their part better by not regurgitating the complete package of BS, being more bias and informative.
The AI analytics will trail behind on-prem only (on prem could improve there but subcription will probably be needed). Other add-on features will start to trail more behind too (again could be improved on prem but again money). For most other things on prem and local IT contractors and/or staff that care is better in my experience, support, security, privacy, reliability, etc.
Cloud providers having access to vast amounts of real video feed data gives them an incredible edge in developing AI and analytics.
Great Report!
I think that the Total Cost of Ownership (TCO) is a big factor. Goodness knows how many times we stumble into sites with Analog Cameras and 25 year old access control systems that are only costing pennies (although it can be argued that the security value is also almost worthless).
Another recent IPVM report had an average lifetime of access control at 12 years. If all we are doing is opening and closing doors, I would be surprised to see the TCO make sense. Of course our business is to ensure that clients are getting real security and not just opening and closing doors :)
Does access control on a storage closet that is only opened 10 times a month cost the same as the front door that is opened 40 time per day.
Thanks for the report.
rbl
Hi - I manage the portfolio for a large integrator - trying to ensure we are current - without the risks of early adoption. I am currently assessing the viability of cloud based CCTV storage vs the traditional NVR on site route. I appreciate there is a difference between cloud Storage and management - After all cloud management is just todays VPN with a fancy name (and admittedly more user friendly and secure)
I am in the UK & this does make a difference. I cannot ever see when a client will pay for true cloud storage - the costs are MUCH more for TCO - the speed in setting up and firmware upgrades is all smoke and mirrors - there's no huge cost saving there when you are looking at long term TCO.
The cost of getting the bandwidth is considerable and (in the UK) unachievable outside of major cities.
I get the idea behind clients IT teams installing cameras and the manufacturer configuring them etc - but this also doesnt work - your 30 cameras in your nice office might be ok - but the minute you need a cherry picker (MEWP) or go on the roof - it just wont happen. Also in the UK at least you need relevant certifications and memberships of the right regulatory bodies to satisfy insurance requirements
Manufacturers struggle to give the level of support they presently give - gearing up for full time "proper" end client support is presently beyond them - remember the qty of calls relates to the intelligence / training of the client - it has nothing to do with the reliability of the equipment.
I agree this can and maybe will change over a long time period - but I think its well beyond 2030 before anything more than a dozen cameras using the AVA type model will become the norm. I am a fan of AVA - but it isn't for our typical client base.
Finally (maybe) - bandwidth / costs etc also severely choke the performance of CCTV cameras when recording to the cloud - from memory the recent IPVM info shows that 4 to 5 MP is becoming the norm - however most vendors require you to choke this down and also reduce the frame rate - so do we kill the market in anything more than 2MP ? and revert to Charlie Chaplin 15FPS just so the storage can be in the cloud.?
I know its not representative of all offerings - but I have just put the following into Genetecs calculator
5 sites - 100 cameras per site (no higher option available - although I guess you could have 2 virtual sites on 1 physical one) - 1080P (no higher option available) and 30 days retention.
The on prem costs are inflated as it basically has costs for replacing the NVR at year 5 - but lets give them the benefit of the doubt - in reality we would replace the HDD every 5 years max for a lot less cost. Now if I was a CEO - I wouldn't care if the costs were coming out of CAPEX or OPEX - just look at the difference & the cloud costs never stop.
You also need to add £1000s for broadband capacity and yes, you will still need to have a maintenance agreement with your integrator - as said above - only a very small proportion of calls relate to what will become the cloud element of a system.
AND a very real risk in todays world - dont assume the internet is always there - it fails regularly - & if your CCTV is mission critical - what do you reckon the risk of a threat actor targeting undersea infrastructure as part of todays battle strategy - the fact the same infrastructure basically represents the cloud is a real risk.
When I have completed my more in depth analysis of the marketplace and offering in the UK I may come back and share my findings.
And dont get me started on hidden egress costs / latency and duration to retrieve archived footage from somewhere like Glacier or similar.
Any manufacturers out there at odds with the above - if you are a player in the UK - you will be in my in house analysis and probably already deal with me in relation to your on prem offering, so you will have your opportunity
Cheers and thanks for reading
NOTICE: This comment has been moved to its own discussion: I Cannot Ever See When A Client Will Pay For True Cloud Storage
Thanks for putting real numbers to this otherwise smoke and mirrors discussion. This was a very valuable post, thank you!
As you all know quantum computing is coming very soon, and that should be the concern of our industry and in general the IT industry as well; Quantum computing will change the cloud and its way to operate, with also more threats for cyber security. Take a look at this article: What's next for quantum computing | MIT Technology Review
Our industry should begin designing its cameras, controllers, etc.
I think "very soon" is a massive overstatement here. Quantum computing is still going to be messy and expensive for quite a while, and much like GPU resources, initial QC resources will be gobbled up by large research companies.
I'd expect to see Hikvision move out of China before I'd expect QC to matter in security.
Just watch the news from IBM, NVidia and even Elon Musk, it will be here much sooner specially with the big push of a real AI.