On the Horizon

Convergence ofIT and physical security creates a world of diminishing borders

  • By George Adams
  • Dec 01, 2007

The world of the IT security professional has always been dynamic, if not somewhat unpredictable and even chaotic at times. From continual changes in technology to the seemingly endless barrage of new and more potent security threats, the best IT security professionals remain vigilant and stand ready to quickly identify and adapt to whatever new challenges are thrown their way.

Today, the industry needs to prepare for the next evolution. This one could catch some veteran IT security pros off guard if they’re not paying attention and planning accordingly. The reason: the inevitable integration of physical and IT security technologies and operations. Gone are the days when the enterprise IT security professional only had to worry about securing data communications among PCs, Internet and/or network-based computing systems, which is no small task. Monitoring, maintaining and preserving the security integrity of hundreds of enterprise-wide, multi-platform computing systems takes time and dedication. It’s going to get even tougher for some.

Security in the 21st Century
The world is undergoing profound changes with potentially far-reaching consequences. Theft, terrorism, U.S. border breaches, property damage, school shootings and other crimes are on the rise. Law enforcement and security professionals are working diligently to address these problems.

In many cases, physical security technologies are rapidly evolving to meet these challenges. This means that many conventional physical security solutions are entering the digital realm, from high-definition, IP-based video surveillance systems to common access cards and other electronic access solutions. The deployment, monitoring and management of these systems are leveraging the power and nearly unlimited technical possibilities of the digital computing world and, in turn, providing a whole new level of functionality to help monitor, identify and even deter criminal and illicit activity.

However, this also means these technologies are quickly falling under the purview of the IT security professional. One example is high-definition video surveillance. Frost and Sullivan estimates the IP video surveillance market will grow 47 percent per year to nearly $6.5 billion by 2012.

According to some estimates, 100 percent of new video surveillance systems will be installed on an IP network within five years. New digital video surveillance cameras allow dedicated coaxial cable-based systems to be replaced by simple IP-based communications, and higher-resolution IP cameras can be placed anywhere within the reach of the already ubiquitous network. As a result, video surveillance systems will cover more area and locations.

Common access cards and other types of smart cards are another example of the growing convergence of physical and IT security. In fact, Eurosmart estimates that more than 4 billion smart cards will have been shipped worldwide in 2007. On one hand, smart cards provide an efficient way to reliably identify and authorize an individual accessing data. However, they also enable new points of access to potentially sensitive information contained on potentially thousands of enterprise computing systems.

These added capabilities come at a cost, much of which will be borne by IT professionals. The amount of digital information that needs to be secured will grow exponentially with new digital physical security technologies. In addition, as physical security systems increasingly merge onto corporate IT networks, the points of entry and exit for sensitive company and internally stored customer data will increase dramatically, creating further vulnerabilities for potential security breaches.

The Foundational Security Approach
In light of the increasing integration of physical and IT security, old methods and procedures have outlived their usefulness. IT security professionals must adopt a foundational approach designed to address all areas of IT and physical infrastructure when building, deploying and managing enterprise security. Key elements of a foundational security approach include:

Cross-technology education. IT security professionals must become familiar with the new digital physical security technologies.

However, this isn’t simply limited to learning how to integrate these technologies onto an IP network. Security personnel also must understand all of the ins and outs of how these technologies work, so the deployment and ongoing management of physical security technologies will maximize the value, effectiveness and usability of these technologies.

Multi-functional teams. Companies should create crossdisciplined teams that include experts in physical, as well as electronic, security. These teams need to focus on controlling access to sensitive data while also identifying devices and media that might contain sensitive information. Also, as recent retail security breaches demonstrate, it’s wise to be on the lookout for suspicious activity outside of the digital network. As such, highly visible physical security devices, such as security cameras and other monitoring devices, in addition to the presence of security personnel, can serve as a deterrent to prevent data security breaches.

End-to-end security. With physical security technologies enabling more access points to sensitive digital information stored on enterprise computing systems, every common access card reader, video surveillance camera, and retinal and fingerprint identification system has the potential to become the weakest link in an organization’s IT security chain. All digital information and data transmissions should be encrypted at all times—both at rest and when transferred from the source to the destination. This approach secures all data within the enterprise from endpoint to endpoint.

Standardization. To maximize the security of digital data and information while ensuring interoperability among disparate physical and IT security systems, IT professionals should seek to use tested and proven protocols and standards to secure data. Limited proprietary protocols and unsupported open-source protocols should be phased out.

Centralized management. With the increased frequency and sophistication of physical and virtual security attacks, it can be extremely tedious and time consuming for IT professionals to manage enterprise security solutions, especially in large, heterogeneous platform enterprise environments. An easy-to-use, automated security management platform can ease the burden by allowing IT professionals to manage deployment, provide security product and policy upgrades, and monitor technical issues from a central location. An automated management solution can lower overhead costs, while simultaneously reducing human error.

While the convergence of physical and IT security is a challenge, the benefits far outweigh the cost. Computing technology is breathing new life into old-line physical security solutions, dramatically improving the ability of security professionals and law enforcement to protect people, information and property. With a little planning, efficient, multi-functional security systems can be designed and effectively deployed to reach new levels of data and physical security without breaking the bank or the backs of IT security professionals.

Featured

Most   Popular

New Products

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.