Total Situational Awareness
Taking a look at PSIM and PIAM convergence
It begins with a single system. It
could be an access control system
or a video system, but for
a time it is enough to serve the
company’s needs.
With growth, security becomes a
more urgent concern, and additional
systems are added over time. Another access
control system goes online at a second
location. A new video surveillance
system covers the newly built warehouse.
An acquisition introduces a totally new
access control provider to the mix. More
growth means more systems—intrusion
systems, fire systems, intercom systems.
Eventually, it becomes evident that all
these diverse technologies should be tied
together into a single system, but by that
point it seems to be a monumentally
challenging task.
A Common Obstacle
This familiar scenario has frustrated many
security professionals over the years: How
can an organization combine its farflung
and disparate security systems
into a unified whole? The
bottom line is that incompatible
systems present a higher risk
and cost more to operate. Unconnected
systems require extra
work—one operator might have
to view several monitors at once
or consult several different data
sources to get necessary information.
If systems aren’t integrated,
important processes have to be completed
manually, and manual
processes are susceptible to error
and inconsistencies. It’s an
unsustainable situation.
Combining systems
presents obvious advantages—
centralized management,
more efficient
operation, better situational
awareness—but
getting to a unified,
interoperable system
presents a challenge.
In a perfect world, an organization
would start over from scratch and rebuild
the system into one that fits current scale
and needs, incorporating all the latest
software functions and benefits from the
ground up. However, in the real world this
is simply not practical, and any approach
to combine systems has to be able to accommodate
legacy installations.
Unifying an existing large, disparate
group of security systems really boils
down to central management of two key
factors—information and identity. Physical
security information management
(PSIM) systems have evolved to collect
and manage information from the various
systems. PSIM systems can streamline
operations and reduce the number
of staff needed to operate and maintain
security departments. They also can simplify
workflow and automate responses
to specific events to reduce errors and
inconsistencies.
Identity management is typically provided
by physical identity access management
(PIAM) software that combines
information about individuals with information
about security systems. Such
systems manage the full range of identities
and access privileges across an organization—
who’s who and who can go
where and when. PIAM systems also
provide automation capabilities such as
on-boarding and off-boarding of identities.
They are another way to eliminate
errors and inconsistency, which in turn
lowers risks. PIAM systems link logical
and physical identities throughout the
organization, from computer passwords
to ID credentials to visitor management.
Combining PSIM and PIAM systems
provides the ultimate route to unify the
disparate components of an enterprise’s
security systems. Combining management
of security information with management
of physical identity and access
enables complete centralized operation of
security functions. Let’s look at how these
complementary benefits can be maximized
in the enterprise environment.
PSIM System Advantages
PSIM software provides a platform and
applications that collect and correlate
events from existing security devices and
information systems (video, access control,
sensors, analytics, networks and
building systems). The systems empower
staff to identify and proactively resolve
situations as they unfold. The software
eliminates data silos by streaming all the
information from a variety of devices and
systems into one location or dashboard.
PSIM software aggregates information
from physical and logical security
systems and automates processes. The
software helps to manage situations and
to initiate the appropriate response. It
provides complete situational awareness,
getting the right information to the right
people at the right time.
PSIM systems remove the need for
multiple or remote command centers
and for operators to manually review
and correlate data from multiple systems.
PSIM systems proactively resolve security-
related or emergency situations with
real-time data aggregated from multiple
systems, including legacy systems. The
user interface includes a complete view of
all essential details pertaining to a situation—
video, alarms and events from all
devices and systems, map views and action
plans. PSIM systems also proactively
highlight potential situations based on
rules and standard operating procedures.
PIAM System Advantages
Managing identity and credentialing of
employees is a labor-intensive challenge
for any enterprise, and companies with
multiple access control systems and disparate
databases face particularly difficult
problems. Managing identities and their
access in various physical access control
systems with respect to different enterprise
IT systems is often a completely
separate operation, and the result can be
a disjointed approach that is inefficient
and expensive and can undermine overall
security and regulatory compliance.
PIAM software solves these problems
by unifying identity management
enterprise-wide, integrating physical
security systems, automating processes
and simplifying control of employees,
vendors and other identities. The technology
allows enterprises to manage
the lifecycle of identities as they relate
to physical access, including synchronized
on/off-boarding across all systems
harboring an identity record, access
profile and zone management, and
role-based physical access.
Policy-driven PIAM software provides
a holistic approach, combining
global identity with compliance and
risk assessment. Benefits include greater
efficiency, lower costs and proactive
management of regulatory compliance.
PIAM software can streamline timeconsuming
and inefficient processes
such as issuing ID badges, managing
various databases, adding new employees,
responding to terminations and
changing work assignments, and assigning
access privileges across multiple
physical access control systems. Management
of multiple systems is combined
into a single Web-based database.
Combining PSIM and PIAM
Combining PSIM and PIAM creates
a comprehensive situational management
platform that also provides verification,
planning and automated response.
The PIAM system correlates all
identity and access data with the event/
situation data from the PSIM system
to enable automatic, policy-driven responses
to physical security situations.
The combination enables correlation
of any security incident or event with
associated identities and access data
to promote expedient and effective response.
PIAM provides the element of
“who,” and PSIM provides elements of
“what,” “when” and “where.” Together,
the systems can provide information
about “why” and “how” to respond.
Integration of the systems constitutes
an intelligent, connected infrastructure
that enables intelligent operations. Automated
processes eliminate errors, decrease
costs and improve security. Automatic
and pre-planned reactions ensure
a consistent response when, where and
how it is needed. Automated compliance
and workflow promote better management
of risk and increased ROI from
lower operating expenses.
Together, PSIM and PIAM empower
security operators with quick
access to information, enabling staff to
respond faster and more effectively and
enhancing the overall security of the
organization.
Software is the Solution
Managing information and identities
throughout an organization, including
privileges related to multiple legacy
access control systems, is challenging.
Software provides a centralized solution
to tie the various systems together,
unifying management of identities and
access and reducing costs.
Combining the software functions
of PSIM and PIAM represents a stateof-
the-art approach to improving security
and minimizing risk while saving
money. Using this software approach
makes it possible to meet security needs
with one unified system. It ends with a
single system, too.
This article originally appeared in the September 2012 issue of Security Today.