Servitization in a Security Business: Changing the Logic of Value Creation

How can a firm change its value-creation logic from providing technology to selling technology-based services? This is a question many security companies face today when trying to apply a solutions-based business model in response to recent macro- and microeconomic trends. The fact that customers increasingly demand security as a service, rather than technical equipment, challenges the basis of a security firm's value provision and alters the logic of its operation. In this article, we investigate a technology- and product-oriented security business that is now rapidly transforming into a service business. We use data from a case study to propose a 4C model (conceptualization, calculation, communication, and co-creation of value) that can help security providers to objectify their service offerings and succeed in the servitization of their security businesses. Security technology and security services – can we separate these two? Can you have one without the other? I cannot figure out how.


Introduction
We are living in an era that is characterized by the increasing importance of the service economy, as predicted by Vandermerwe and Rada (1988; tinyurl.com/n4fjfn5) 25 years ago. Accordingly, more and more companies are confronting the challenge of shifting from selling products to providing services (Grönroos and Ravald, 2011;tinyurl.com/l8b59lt). Vargo and Lusch (2004;tinyurl.com/cuzndc) describe this shift as moving away from the goods-dominant logic to the service-dominant logic. The shift is also known as "servitization" (Vandermerwe and Rada, 1988;tinyurl.com/ n4fjfn5), which means that a physical product is no longer the basis of exchange, and the process of value creation that translates business strategies into value to customers and suppliers is changing dramatically (Fischer et al., 2012;tinyurl.com/kx9qkm7). With services, the customer is seen as the creator of value and the supplier helps them to achieve the desired outcome in the value-creation process (Grönroos, 2011;tinyurl.com/ mct9mcu). Servitization has been the trend in manufacturing industries that face increasing pressures to renew business practices, but now even sectors with service traditions are striving to better understand how to define and conceptualize the value that customers perceive.
Servitization is also increasingly occurring in the private security sector, where the rapid development of technology had previously encouraged companies to focus on security products and technologies (cf. Lucintel, 2013;tinyurl.com/lrnc9gs). However, selling security equipment such as digital security products offers little room for specialization and differentiation in today's market. Many security providers are responding to this challenge by developing new service-based business models, but this change may not be straightforward. Servitization suggests that an increasing focus on services rather than products requires new approaches, skills, and mindsets that were previously unknown to many security providers. Security companies need a better understanding of the new service-business logic, including the formation of customer value and the relevance of security services to the customer. Thus, among service practitioners and researchers, there is a growing interest in the topic of customer value (Smith and Colgate, 2007; tinyurl.com/k479dc7).
How can a firm change its value-creation logic from providing technology to selling technology-based services? This is a question many security companies face today when trying to apply a solutions-based business model in response to recent macro-and microeconomic trends. The fact that customers increasingly demand security as a service, rather than technical equipment, challenges the basis of a security firm's value provision and alters the logic of its operation. In this article, we investigate a technology-and product-oriented security business that is now rapidly transforming into a service business. We use data from a case study to propose a 4C model (conceptualization, calculation, communication, and co-creation of value) that can help security providers to objectify their service offerings and succeed in the servitization of their security businesses.
Security technology and security services -can we separate these two? Can you have one without the other? I cannot figure out how.
A manager in our case company " " www.timreview.ca

Servitization in a Security Business: Changing the Logic of Value Creation
Arto Rajala, Mika Westerlund, Mervi Murtonen, and Kim Starck In this article, we investigate how servitization is manifested in business-to-business security services. In particular, we discuss how a security system and solutions company can use objectification to provide technologybased services to its customers and how customers perceive the benefits of these services. We provide some recommendations for service providers to better comply with the service-oriented mindset and implement objectification into their business models. Our empirical study is based on a research project that took place in the Finnish Security Sector from 2009 to 2012. Here, we discuss servitization in Niscayah's security business based on an analysis of interviews with 10 managers, an investigation of the company's marketing material, and interviews with five of their long-term customers.

Servitization and Customer Value Creation
Servitization brings the concept of customer value to the forefront. Traditionally, value in business-to-business exchange refers to monetary or non-monetary benefits and sacrifices perceived by customers in terms of their expectations, needs, and desires (Lapierre, 2000; tinyurl.com/nxrd27w). However, the service perspective means that value can only exist when an offering is used (i.e., value-in-use), and the experience and perception of use are essential for the customer (Vargo and Lusch, 2008;tinyurl.com/myn8efl). In other words, value from using the service comes from the ability to act in a manner that is beneficial to the user. Value is subjective and always determined by the beneficiary that is the cocreator of value (Lusch et al., 2007;tinyurl.com/blazss).
Customer value creation in services is not like productbased customer value creation. Therefore, companies need to reform their mindsets concerning the value-creation logic when providing services (Heinonen et al., 2010; tinyurl.com/jwq224j). First, they need to recognize customers as co-producers and maximize customer involvement in the service development. These service providers can then expand the markets by assisting customers in focusing on each customer's core business.
Tangible goods may only serve as platforms for service provision, thus providers can retain the ownership of goods and earn by charging a fee based on the extent of use (Vargo and Lusch, 2004;tinyurl.com/cuzndc Providers of services need to recognize whether they are supporting their customer's core business or merely taking care of the customer's outsourced routine activities when conceptualizing offerings. Thus, a service business comprises both services that support products and services that support customer actions (Mathieu, 2001; tinyurl.com/kxzbcfs). Actually, value for the customer emerges from the whole spectrum of provider-customer interactions that support the use of core resources rather than from one source (Grönroos, 2011; tinyurl.com/mct9mcu). For example, product-lifecycle services, such as inspection of an automated teller machine, facilitate the customer's access to the provider's product and ensure its proper functioning over every stage of the lifecycle. In contrast, asset-efficiency services, such as pre-emptive maintenance and remote monitoring of manufacturing gear, strive to achieve productivity gains from assets invested by customers. Moreover, process-support services such as security consulting assist customers in improving their own core business processes. Finally, process-delegation services, such as cybersecurity incident response, carry out processes on behalf of the customers (Ulaga and Reinartz, 2011; tinyurl.com/murteex).
Servitization needs to be complemented by objectification. Whereas servitization means the customization of offerings, objectification concerns packaging and making services more tangible (Lindberg and Nordin, 2008; tinyurl.com/kypbmpw). At best, these two logics exist simultaneously and successful firms combine them by delineating distinct products, services, and processes (Sundbo, 2002; tinyurl.com/lpcl5kx). We refer to Ulaga and Reinartz's (2011; tinyurl.com/murteex) notion that hybrid offerings can help companies manage the balance between the servitization and the objectification. Based on these views, we conclude that the objectification of technology-based services presupposes a change towards a service-related mindset. However, there is limited understanding of what objectification of services really means and how companies can use it to respond to the challenges of servitization. In the following section, we introduce a case study designed to improve our understanding of objectification and to help security providers objectify their service offerings.

Methods
This empirical study is based on qualitative research and comprises multiple data sets. We interviewed 10 www.timreview.ca

Servitization in a Security Business: Changing the Logic of Value Creation
Arto Rajala, Mika Westerlund, Mervi Murtonen, and Kim Starck managers at Niscayah, a security service provider in Finland, to gather their views and perceptions on customer value, as well as their intentions to respond to servitization in the security markets. Now being part of Stanley Security Solutions (stanleysecuritysolutions.com), a division of Stanley Black & Decker Corporation, Niscayah has a strong foothold in the global security service market. It is an integrator and supplier of access control, intruder alarms, fire alarms, and video surveillance solutions. In Finland, the company operates in multiple locations and has over 250 employees, positioning itself as a market leader. At the time of the data gathering (2009)(2010)(2011)(2012), its annual sales exceeded 35 million euros. Its main customer segments are retail, healthcare, transportation and logistics, insurance and finance, energy industry, and manufacturing. Niscayah pursues global market reach, strong customer orientation, comprehensiveness in offerings, and extensive field experience.
The selection of the interviewed managers was based on referral sampling, where the contact person at Niscayah identified the suitable managers for the interviews. The main selection criteria were involvement and experience in the development and delivery of security services. We examined the company's marketing material (e.g., brochures, leaflets, customer magazines, and web pages) to analyze how it communicates the value Niscayah is providing to the customers. Finally, we interviewed five of Niscayah's long-time customers to examine perceived value and benefits of acquiring security services. The interviewed customers were nominated by the contact person at Niscayah and included large Finnish enterprises representing pharmaceutical, diagnostics, telecommunications, forestry, and metal industries. We interviewed the managers at Niscayah in 2009 and 2010, and the interviews with customers took place at the end of 2011. With this schedule, we were able to examine Niscayah's intentions to provide value and serve customers through security services and then evaluate their customers' perceptions of how well the company succeeded in doing so.

Empirical Findings
The interviews with Niscayah's managers and customers clustered around four themes that reveal how the servitization and objectification are addressed in business-to-business security services. These four themes are conceptualization, calculation, communication, and co-creation of value. In the following subsections, these four themes are discussed in detail both from the managers' and the customers' perspectives.

Conceptualization
The interviewed managers emphasized the importance of service conceptualization, meaning that the benefits from using the company's services should be objectified as concrete and usable offerings. All interviewees perceived that the company is a forerunner in the development of technology-based security services, and that service concepts are the way forward. According to the managers, technology is at the core of services that are actually designed on the basis of products: "We are able to combine technical security and the national maintenance network in a way that we can help the customer throughout the whole lifetime of the system. For this purpose we have developed the so-called 'one-stop shop' principle where we can maintain, use, and monitor security costs efficiently. This also includes remote control 24 hours 7 days a week. None of our competitors is able to offer this kind of service." Clearly defined and packaged services are seen as a cutting edge in the highly competitive security market and are prerequisites for a market-oriented security service offering. Niscayah's extensive product and service repertoire forms a solid basis for novel offerings, all of which include technology-assisted services. Consequently, their new services can be based on customer segmentation, where specific customer needs and requests are identified and a purposeful product/service mix is selected for each segment. Managers also felt that service conceptualization will lead to better service quality; it involves a guarantee of full-functioning security systems with fixed costs, periodic reviews, and feedback.
At the time of the interviews, Niscayah's service conceptualization was at an early stage. Therefore, managers frequently discussed priorities and the interfaces between products and services, as well as the balance between customer-tailored services and industry-specific services. One of the managers said: "This means we also have high-quality products, albeit I should not be talking about the products at all… but we are selling products anyway." They also expressed concerns that, as a result of the service conceptualization process, they will have fewer personal interactions with customers. This is because conceptualization requires the alignment of business units and service activities, as well as ensuring a uniform quality in the different geographical locations.
From the customers' perspective, conceptualization in security services is reflected by how well the offered services are perceived to fulfill the customers' security needs. However, these needs often relate to basic types Customers were also aware of the value they receive for the money they invested in services. In many cases, they only achieved the minimum level of security required by the law or regulations. However, the interviewed customers were predominantly happy about what they were provided. As one customer put it:

"When a company spends a certain amount of euros [on security services], it receives an equivalent quality of ser-vices… however, what I have ordered has worked well."
On the other hand, another customer said: "If the money was not a bottleneck, we would make things differently, for example, [we would] co-develop more sophisticated security systems based on RFID [radio-frequency identification] technology together with the service provider." Calculation Niscayah managers considered the components of customer value from different perspectives and identified several mechanisms through which they are able to create value for the customer. These included releasing customers from the security control activities and responsibilities, enabling customer's core business functions, and cutting operational costs and crime-related costs. The interviewed managers highlighted that they need to understand the customer' core business and know the stakeholders and the business environment to be able to identify the right value drivers for each customer. These value drivers are industry-and companyspecific, and therefore are difficult to identify. The managers also said that the customers are often not aware of their security needs and what the provider's security services are worth.
Although the customers' value drivers are acknowledged among the security-service managers we interviewed, calculations related to the benefits of using the company's security services are still lacking. The managers said that they need to illustrate the value of their services in monetary terms, but by the same token admitted that there are many aspects of the security ser-vice that cannot be quantified. In a security context, in which uncertainties and unforeseeable events are particularly inherent contingencies, services may be associated with a variety of negative consequences, and security as the content of a service is perceived subjectively. Therefore, reliable value estimates are difficult to calculate, even though some quantifiable measures can assure customers of the value of security services. Many of these measures are related to service quality and include security-system availability rates and response times to calls and alarms.
For the customers, value calculations refer to the price of the security services. Customers anticipate that striving for lower service prices means narrowing the scope and lowering the quality of the security they will receive. However, most of the interviewed customers perceived that some security services had become less expensive due to the technological development. One customer commented that "Niscayah is more expensive than its competitors, but we will not change the service provider just because of the price, because proper security services cannot be provided on the cheap." In contrast, most interviewees pointed out that security services provided by a professional security firm are more reliable, safeguard the continuity of customer's business, and increase the customer's credibility in the eyes of its customers. In addition, training in security was appreciated as a benefit. Surprisingly, we found that some of the customers did not calculate lifetime costs of the service (e.g., maintenance costs) when making purchase decisions for security services.
Security services also play a critical role from point of view of the customer's business. One of the customers said: "Security systems are a part of our quality system, and thus support our business operations. In fact they are a kind of a concealed benefit whose value is realized when something happens." Moreover, in some industry sectors, such as pharmacy, security procedures are highly regulated (e.g., access-control requirements). Therefore, external security professionals are needed. One of the interviewees said: "When we started to export our products to the U.S., their border control and customs detachment visited us and inspected our security systems." Security-service providers were perceived to provide invaluable help and up-to-date information in such cases.

Communication
The managers noted that Niscayah is a service company whose main business mantras include focusing on customer relationships. As one manager noted: "Viswww.timreview.ca

Servitization in a Security Business: Changing the Logic of Value Creation
Arto Rajala, Mika Westerlund, Mervi Murtonen, and Kim Starck iting our customers means we will nurture that particular customer relationship, not maintain equipment and devices." All the interviewed managers emphasized close, long-term partnerships with customers and open communication towards customers. Open communication is achieved through continuous and frequent customer encounters and good interpersonal relationships. Nevertheless, the supplier-customer dialogue focuses on relationship management instead of customer value, and several managers explained how difficult it is for them to start a proper discussion with their customers on the value of security services.
In its marketing communications, Niscayah primarily emphasizes the provision of security in general, and only secondarily explains about its security services. In practice, this means that the company sells its solutions by describing the security benefits customers gain when using security services, particularly those solutions provided by Niscayah. Consequently, customers can focus on their core business, save resources, and reduce costs. Niscayah's marketing material suggests that the company openly communicates its mission, vision, and values. Communication seems to be rather consistent throughout all channels. This consistent communication supports the company's aims to create a unified corporate image, bring them closer to customers, and assure customers about their intentions.
Customers were mostly satisfied with Niscayah's communications. Most of the customers had long relationships with Niscayah, which affected the way communication was carried out and perceived. Common methods included phone calls and emails, but we identified two broad types of communication. First, contact at the operative level takes place when something happens or there is a need for professional help and problem solving. Second, another type of communication comprises keeping in touch with the contact person(s) at Niscayah to get information about new security-related issues and possible re-evaluation or changes in the service provision. This communication is related to customer relationship management on a regular basis.
Interestingly, one of the interviewees hoped that the service provider would not contact them proactively. "The security manager easily gets the information (s)he needs about the security service providers -even too much information… sometimes I have to say them: No, don't contact me, I'll be in contact with you if needed." This might reflect that some service providers' repres-entatives are too keen to be in contact with their customers. On the other hand, many interviewees expressed that the service provider's representative should visit them personally at least once a year and inform customers about new security products and services and whether the customer should update their security systems.

Co-creation
According to Niscayah's marketing material, the company is branded as a system integrator that provides total solutions. The material suggests that customers require a more proactive approach and better understanding of suitable business security strategies from their security suppliers. Consequently, the interviewed managers explained that they work closely with customers to solve their problems using Niscayah's accumulated expertise and doing whatever is required to find a solution. In addition, managers highly appreciate long-term customer relationships and strive toward partnerships with their key customers. In other words, the managers displayed strong customer orientation and clear intentions to co-create value with the customers. At the same time, the Niscayah managers viewed their role as providing external expertise to the customer company, not working with the customer but rather working for the customer to resolve the security issues.
Based on the interviews with customers, co-creation in security services is not yet extensive. Although customers highly value long-lasting relationships with their service provider, service development still lacks deep collaboration. As one of the interviewees put it: "Niscayah is a service provider but I would not talk about partnership, because we know what we want and they will deliver it to us." Another customer explained that "Co-creation requires a lot of resources and is risky; failure would be horrific for us." However, one customer mentioned that the relationship with Niscayah has developed remarkably towards a true partnership. They have had a myriad of different security systems developed by Niscayah "as a system supplier, and this mode has deepened throughout the collaboration. Currently, it is truly reciprocal and mutual." The 4C Model of Objectification Figure 1 summarizes the empirical findings of our study. Both managers' intentions and customers' perceptions of objectification centre around four main themes: conceptualization, calculation, communication, and co-creation of value. The views of both manwww.timreview.ca

Servitization in a Security Business: Changing the Logic of Value Creation
Arto Rajala, Mika Westerlund, Mervi Murtonen, and Kim Starck agers and customers are well aligned with regard to service concepts, value estimates, and value communication, but are contradictory with regard to value cocreation. Managers indicated their intentions towards closer and more co-operative relationships with customers, but there is little evidence of successful co-creation. Customer interviews support this notion by suggesting that value co-creation in security services is still limited. Therefore, security suppliers need to consider how to motivate customers for more co-operative service delivery. Customers should consider how to better utilize the resources and competences of security suppliers. Grönroos (2011; tinyurl.com/kzv22gf) argues that value creation and co-creation are distinct processes, and that a customer creates value for itself, whereas the service supplier can only facilitate the customer's value-creation process.

Conclusion
This article focused on the changing logic of value creation in servitization. In the private security sector, this suggests a movement towards more specialized, more customized, and increasingly technology-based security services, such as the design of complex yet interoperable alarm and surveillance systems or security training. Our case study of Niscayah, a security-service provider in Finland, illustrated that, even if a security firm has a fair understanding of their customers' needs, and despite that they are able to communicate key benefits of security solutions in their marketing communications, customers do not understand the costs and benefits of the total security solution, and may fail to see the value of deep provider-customer collaboration.

Arto Rajala, Mika Westerlund, Mervi Murtonen, and Kim Starck
Therefore, security-service providers should adopt a mindset that promotes deeper relationships with customers, and they should focus on techniques that help them to objectify their service offerings to make the value and benefits more tangible. After reviewing our findings, we proposed the 4C (conceptualization, calculation, communication, and co-creation of value) model of objectification that illustrates the alignment or mismatch of manager's intentions and customer's perceptions on provider's security services. The model can help security providers to objectify their service offerings and succeed in the ongoing servitization of their security businesses. Furthermore, our interviews with customers and the analysis of marketing material brought about some practical suggestions for Niscayah and other security providers to support their service-objectification efforts: 1. Assign a personal contact to each customer: Customers value personal service and continuity; therefore, the service provider should assign a representative to each customer -preferably one that does not change roles too often. Should problems arise, customers perceive that they will more quickly receive help if they have a named, personal contact in the firm that provides their security service. A personal contact knows the customer account and, consequently, has all the relevant background information required to quickly solve a problem.
2. Become a more proactive partner: There is a demand for more comprehensive security services; however a customer's budgetary constraints and strict focus on their core businesses may limit their view of potential new ideas and may prevent such services from emerging. Many customers are interested in strengthening their relationship with the security-service provider and look for all-inclusive services, but they expect the service provider to be the initiator and assign dedicated people to initiate and coordinate such projects.
3. Shorten response times: For a customer, solving an acute problem that affects their business is of utmost importance, and this is where the capability of a security provider is measured. Customers value service providers based on this capability and perceive that security service providers should respond immediately when customers face security problems or in the event of false alarms.

Put the fundamentals in place:
Several customers suggested ideas on how to avoid delays in implementing security-service systems. Customers indicated that they are unable to discuss individual objectives and needs until standard features and issues are solved. Therefore, security-service providers should ensure that their fundamentals are in good shape before promising anything about the implementation schedule or service features.

Develop superb marketing materials:
Security companies need to take marketing communications seriously. They have to ensure that marketing materials clearly communicate the value of using security solutions, focus on enhancing the customer's business instead of focusing on product attributes, provide a consistent description of the provider's security-service offerings, and sharpen the positioning of the security company against its competitors.