Total Situational Awareness

Taking a look at PSIM and PIAM convergence

• By Ajay Jain
• Sep 01, 2012

It begins with a single system. It could be an access control system or a video system, but for a time it is enough to serve the company’s needs.

With growth, security becomes a more urgent concern, and additional systems are added over time. Another access control system goes online at a second location. A new video surveillance system covers the newly built warehouse. An acquisition introduces a totally new access control provider to the mix. More growth means more systems—intrusion systems, fire systems, intercom systems. Eventually, it becomes evident that all these diverse technologies should be tied together into a single system, but by that point it seems to be a monumentally challenging task.

A Common Obstacle

This familiar scenario has frustrated many security professionals over the years: How can an organization combine its farflung and disparate security systems into a unified whole? The bottom line is that incompatible systems present a higher risk and cost more to operate. Unconnected systems require extra work—one operator might have to view several monitors at once or consult several different data sources to get necessary information. If systems aren’t integrated, important processes have to be completed manually, and manual processes are susceptible to error and inconsistencies. It’s an unsustainable situation.

Combining systems presents obvious advantages— centralized management, more efficient operation, better situational awareness—but getting to a unified, interoperable system presents a challenge.

In a perfect world, an organization would start over from scratch and rebuild the system into one that fits current scale and needs, incorporating all the latest software functions and benefits from the ground up. However, in the real world this is simply not practical, and any approach to combine systems has to be able to accommodate legacy installations.

Unifying an existing large, disparate group of security systems really boils down to central management of two key factors—information and identity. Physical security information management (PSIM) systems have evolved to collect and manage information from the various systems. PSIM systems can streamline operations and reduce the number of staff needed to operate and maintain security departments. They also can simplify workflow and automate responses to specific events to reduce errors and inconsistencies.

Identity management is typically provided by physical identity access management (PIAM) software that combines information about individuals with information about security systems. Such systems manage the full range of identities and access privileges across an organization— who’s who and who can go where and when. PIAM systems also provide automation capabilities such as on-boarding and off-boarding of identities. They are another way to eliminate errors and inconsistency, which in turn lowers risks. PIAM systems link logical and physical identities throughout the organization, from computer passwords to ID credentials to visitor management.

Combining PSIM and PIAM systems provides the ultimate route to unify the disparate components of an enterprise’s security systems. Combining management of security information with management of physical identity and access enables complete centralized operation of security functions. Let’s look at how these complementary benefits can be maximized in the enterprise environment.

PSIM System Advantages

PSIM software provides a platform and applications that collect and correlate events from existing security devices and information systems (video, access control, sensors, analytics, networks and building systems). The systems empower staff to identify and proactively resolve situations as they unfold. The software eliminates data silos by streaming all the information from a variety of devices and systems into one location or dashboard. PSIM software aggregates information from physical and logical security systems and automates processes. The software helps to manage situations and to initiate the appropriate response. It provides complete situational awareness, getting the right information to the right people at the right time.

PSIM systems remove the need for multiple or remote command centers and for operators to manually review and correlate data from multiple systems. PSIM systems proactively resolve security- related or emergency situations with real-time data aggregated from multiple systems, including legacy systems. The user interface includes a complete view of all essential details pertaining to a situation— video, alarms and events from all devices and systems, map views and action plans. PSIM systems also proactively highlight potential situations based on rules and standard operating procedures. PIAM System Advantages Managing identity and credentialing of employees is a labor-intensive challenge for any enterprise, and companies with multiple access control systems and disparate databases face particularly difficult problems. Managing identities and their access in various physical access control systems with respect to different enterprise IT systems is often a completely separate operation, and the result can be a disjointed approach that is inefficient and expensive and can undermine overall security and regulatory compliance.

PIAM software solves these problems by unifying identity management enterprise-wide, integrating physical security systems, automating processes and simplifying control of employees, vendors and other identities. The technology allows enterprises to manage the lifecycle of identities as they relate to physical access, including synchronized on/off-boarding across all systems harboring an identity record, access profile and zone management, and role-based physical access.

Policy-driven PIAM software provides a holistic approach, combining global identity with compliance and risk assessment. Benefits include greater efficiency, lower costs and proactive management of regulatory compliance. PIAM software can streamline timeconsuming and inefficient processes such as issuing ID badges, managing various databases, adding new employees, responding to terminations and changing work assignments, and assigning access privileges across multiple physical access control systems. Management of multiple systems is combined into a single Web-based database.

Combining PSIM and PIAM

Combining PSIM and PIAM creates a comprehensive situational management platform that also provides verification, planning and automated response. The PIAM system correlates all identity and access data with the event/ situation data from the PSIM system to enable automatic, policy-driven responses to physical security situations. The combination enables correlation of any security incident or event with associated identities and access data to promote expedient and effective response. PIAM provides the element of “who,” and PSIM provides elements of “what,” “when” and “where.” Together, the systems can provide information about “why” and “how” to respond.

Integration of the systems constitutes an intelligent, connected infrastructure that enables intelligent operations. Automated processes eliminate errors, decrease costs and improve security. Automatic and pre-planned reactions ensure a consistent response when, where and how it is needed. Automated compliance and workflow promote better management of risk and increased ROI from lower operating expenses.

Together, PSIM and PIAM empower security operators with quick access to information, enabling staff to respond faster and more effectively and enhancing the overall security of the organization.

Software is the Solution

Managing information and identities throughout an organization, including privileges related to multiple legacy access control systems, is challenging. Software provides a centralized solution to tie the various systems together, unifying management of identities and access and reducing costs.

Combining the software functions of PSIM and PIAM represents a stateof- the-art approach to improving security and minimizing risk while saving money. Using this software approach makes it possible to meet security needs with one unified system. It ends with a single system, too.

This article originally appeared in the September 2012 issue of Security Today.