Keeping Operations Afloat

Talking about a sea of storage in terms of exabytes

The amount of data we generate on a daily basis is astounding, and it’s only growing larger with each passing day. Consider this: All data generated from the beginning of time to 2003 totaled around two exabytes, according to an International Journal of Communication study. In 2013, the total was five exabytes, per day.

In the last decade, talk about data storage has been in terms of megabytes (1,000 kilobytes) to gigabytes (1,000 megabytes) to terabytes (1,000 gigabytes) to petabytes (1,000 terabytes) to exabytes (1,000 petabytes). As data storage needs continue to spiral upward, we’ll soon be talking about zettabytes, yottabytes, brontobytes and geopbytes, each of which is 1,000 times larger than its predecessor.

So, just where is all this data coming from?

Big data comes from every device that has an IP address— originally, those were primarily computers, smartphones, tablets and other Internet-connected devices. Now, we can add smart refrigerators that send an alert when you’re running low on milk, cars that text to say the coolant level is low, and other devices equipped with integrated sensors that allow them to communicate via GPS, RFID, Wi-Fi and other protocols.

Networked security systems fall into this expanding information network known as “the Internet of Things” or IoT. This growing network is impacting the way security systems operate, creating opportunities for new business models, improving business processes, and reducing costs and risks.

The Traditional Versus the Present

Traditional, old-style integrations feature one-to-one connections between systems for data exchange, with data most often able to flow in just one direction at a time. Today’s systems, however, allow data to move in a stream of simultaneous, complex conversations as devices talk and listen to each other. Acting independently, they listen for specific events to occur, and then, the system takes action based on the information received. Rather than a simple pipe between systems, these new-style interactions are distributed with information and data flowing in several directions between multiple systems, all at the same time.

Under this new paradigm, an ID card swipe can be much more than a means of opening a door. If the access control system is part of an integrated, interconnected building system, there are a number of events that simple card swipes could trigger. For example, a video analytics system may be used to determine if the person at the door is the cardholder or if anyone else enters the building on that single card swipe. Meanwhile, an intelligent building control system can send an elevator to the entry floor and turn on lights and HVAC systems in the area of the building appropriate to that individual’s identity. The access control system could notify the IT department to expect the cardholder to log-in to the system shortly or send an alert if they do not.

These are just some of the possible activities that could come from a single ID card swipe. The data generated by the swipe could be stored in a centralized location or within each of the separate systems— or even both.

Opportunities in Big Data

Nearly all systems, including security, are connected to the Internet, and are generating large amounts of data. The information an organization could gather from this extensive amount of data is tremendous. So, when talking about data being big, we’re not just talking about its size, but also the opportunities it presents.

Using the extensive data gathered from every transaction or event, organizations can gain insights that, with the right analysis, can make their operations more agile and answer questions previously considered beyond their reach—or even conjure up questions no one had ever thought to ask. This could lead to new business models, improved business processes, and reduced costs and risks.

These massive amounts of data have several important implications for security. When properly sorted, searched and executed, data becomes intelligence. This intelligence becomes incredibly useful, whether it’s used for business, law enforcement or another entity, and must be protected by both logical and physical means. Because of this, interaction, cooperation and collaboration between security and IT is promoted to manage data, including where it will be stored, how it will be accessed, who can access what data, and from where.

Data is the root of all decisions, whether for security or for organizations as a whole. So, it would stand to reason that the more data an organization collects, the more informed leadership or management will be; and by extension, the better their decisions will be. Unfortunately, this is not always the case.

Security Organizations in Relation to Big Data

Many security operations don’t act the way they should in relation to big data. Five to 10 years ago, security groups and protection of systems relied on data to develop processes, functions and policies to strengthen security. However, at that time, there was nowhere near the amount of data to collect and analyze as there is today. In relation to big data, security groups, or data in general, are now classified as high-volume, high-variety and high-velocity data, meaning lots of data from a variety of sources, occurring constantly. For security purposes, we still rely on that data, but the problem is that it’s often just too much to handle properly.

For many organizations, simply organizing the vast quantity of security- and incident-related data, let alone analyzing it and using it to make smart decisions, poses a tremendous challenge. Many lack a comprehensive approach to making sense of all this data, and as a result end up missing potential opportunities and benefits that it presents.

The main problem is that a lot of systems today weren’t designed to handle the large amounts of data being generated. These old-school solutions aren’t capable of collecting and analyzing this data fast enough to be of use to security organizations. After an incident occurs, this lack of functionality is often communicated as, “We didn’t have the data to know that might happen.” The data was there; there was just no way to extract and analyze it to uncover trends and identify potential threats and risks that could have been addressed to prevent the incident from occurring.

So, how can security organizations gather and make sense of data that’s collected in a way that’s going to be useful for eliminating or mitigating potential threats and risks?

Incident Management Comes into Play

At its core, incident management is about capturing, managing and analyzing data to make informed decisions—regardless of the amount of data that’s been collected. The incident, investigation and case management space has become the central repository for important data as it relates to planning counter-measures, and making intelligent decisions regarding security and risk management.

Currently, there is an unprecedented level of enterprise data capture, analytics and trending tools used in security for massive datasets. A robust incident management system turns the challenge of big data—generated by video feeds, alerts and notifications, triggers, sensors, alarm data—into a major asset for security operations and the entire organization.

Integrated incident management solutions collect, analyze and report on security and enterprise data, enabling organizations to quickly and easily perform a number of important functions related to incidents including planning, preparation, identification, response, management, documentation, collaboration, investigation, analysis and reporting.

The right tools automate the massive tasks of data collection and integration for security operations. The end result is a higher level of preparedness at both the security and organizational levels that enables intelligent and informed decision making, in addition to mitigating or eliminating risks and threats.

This article originally appeared in the November 2014 issue of Security Today.

Featured

  • Survey: Less Than Half of IT Leaders are Confident in their IoT Security Plans

    Viakoo recently released findings from its 2024 IoT Security Crisis: By the Numbers. The survey uncovers insights from IT and security executives, exposes a dramatic surge in enterprise IoT security risks, and highlights a critical missing piece in the IoT security technology stack. The clarion call is clear: IT leaders urgently need to secure their IoT infrastructure one application at a time in an automated and expeditious fashion. Read Now

  • ASIS International and SIA Release “Complexities in the Global Security Market: 2024 Through 2026”

    ASIS International and the Security Industry Association (SIA) – the leading security associations for the security industry – have released ”Complexities in the Global Security Market: 2024 Through 2026”, a new research report that provides insights into the equipment, technologies, and employment of the global security industry, including regional market breakouts. SIA and ASIS partnered with global analytics and advisory firm Omdia to complete the research. Read Now

  • President Biden Issues Executive Order to Bolster U.S Port Cybersecurity

    On Wednesday, President Biden issued an Executive Order to bolster the security of the nation’s ports, alongside a series of additional actions that will strengthen maritime cybersecurity and more Read Now

  • Report: 15 Percent of All Emails Sent in 2023 Were Malicious

    VIPRE Security Group recently released its report titled “Email Security in 2024: An Expert Look at Email-Based Threats”. The 2024 predictions for email security in this report are based on an analysis of over 7 billion emails processed by VIPRE worldwide during 2023. This equates to almost one email for everyone on the planet. Of those, roughly 1 billion (or 15%) were malicious. Read Now

Featured Cybersecurity

Whitepapers

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3