Dissecting the Advantages

Realizing the cost benefits for small- and medium-size businesses

Physical identity access management (PIAM) solutions have changed the way leading organizations approach security. In recent years, advances in PIAM software and related technologies have not only improved the accuracy and capabilities of these powerful systems, but they have also brought the cost within reach of small- and medium-sized businesses. Now, mobile access and management of PIAM systems capabilities are opening up a new way for organizations to further increase their productivity and speed up responses to system alerts.

Here are four advantages of mobile PIAM that offer organizations new capabilities for improving their security posture.

Convenience

Security staff has a wide variety of important tasks to accomplish, and that not all of these activities take place at their desks. Instead, staff can be on the move throughout the day, involved with supervision, training, inspections, and many other tasks in the course of their work. If access to the PIAM system was only available at the security office, then it would only be possible to update the system with new information, or take action on approval requests, from that location. This limitation could mean that important updates would be delayed until an officer with the information returns at end-of-shift, or until they could be relayed to a staff member who is actually in the office.

Providing access to the PIAM system through a mobile device provides a much higher level of convenience. Mobile access lets them accomplish relevant system tasks from any location at the time they find the need. For example, reporting lost badges or lost and found items. Mobile access also lets them respond immediately to time-sensitive system tasks, such as responding to system alerts or approving or denying access requests.

Thus, the convenience of mobile access is not just a ‘feelgood’ benefit—there is a real positive impact on productivity and effectiveness.

Improved Security

In the past, security forces shared information at daily briefings, through reports, and other traditional methods. Today, a mobile security force may still start their shift with a daily briefing, but that force relies upon many more information updates during the day to understand the ever-changing current situation and shifting priorities, and to manage developing needs and incidents.

If such security officers have real-time access to the PIAM system, then they will have access to the most up-to-date status and relevant information, leading to an improved level of security. And, officers that are so equipped can make decisions and take actions with confidence, thereby improving their effectiveness.

As an example, it is still relatively common for security guards at entrances to sports facilities, outdoor festivals, construction sites, and similar situations to rely on physical lists of authorized visitors that are used to control entry and access to these sites. This low-tech approach appears to save money but exposes the organization to glaring security gaps. And, because the lists are prepared in advance, it is difficult to update them, categorize visitors with different access levels, correct errors, and so on. These time lags are not just inconvenient—they actually create security risks and interfere with the ability of the security guards to do their jobs.

With mobile PIAM, these security risk loopholes are closed. PIAM solutions ensure identities are properly vetted and authenticated before issuing a credential or allowing access. The same policies and procedures of authentication and verifying are extended into the mobile environment. For example, as part of an event registration process, attendees might be required to upload a photo ID. When their temporary event credential is issued, it would include a barcode and when scanned, the profile of the person quickly appears on the mobile device of security staff. In this way, security staff can quickly confirm that the person presenting the credential is the authorized person. Color coding on the mobile device can also help with rapid vetting. For example— by providing a green for approved—security simply verifies the photo matches the person and allows entry. If orange or red appear on their device upon scanning, they can take the necessary precautions and deny entry.

Greater Efficiency

Even with improved security, many organizations will not be satisfied with a solution that slows down established processes or extends wait times. Mobile PIAM is one of those rare solutions that delivers on both counts, providing improved speed and ease of access while also delivering stronger security. The flexibility offered by mobile PIAM also delivers efficiencies and convenience for updating identities and access privileges. Rather than having to go to a desk to add or remove an identity from a PC, authorized employees can make changes directly from their phone or tablet.

As an example, at the 2016 Summer Games held in Rio, Brazil, mobile PIAM was deployed to manage the identities and track the movements of approximately 500,000 credentialed individuals, allowing them to come and go from the various venues. During the events, security and event staff used handheld devices to verify identities nearly 3 million times, ensuring that every badge was authentic. By connecting to the PIAM system, all of these mobile devices were assured of having the latest, up-to-theminute information, and discrepancies could be investigated and resolved immediately.

In all, the solution deployed at the Games flagged about a dozen problems with badges, most of which were minor, as well as one more serious incident in which a number of people attempted to falsify others’ credentials to enter a basketball game. Thanks to the software and mobile capabilities, these anomalies were caught instantly.

Actionable Intelligence

As mentioned earlier, PIAM software uses risk profiles to analyze data from physical security and logical/IT systems across an organization. Using this analysis, PIAM systems can detect and identify irregular behaviors based on set policies and parameters that have been predetermined by management. If a behavior anomaly is identified, the PIAM software provides an alert to security management with the information they need to investigate and if appropriate, take action. Mobile PIAM takes this one step further to deliver alerts in real time to the designated security staff, including not only management, but also to security officers in the field and on site.

As an example, consider what might happen if an individual is using credentials to enter restricted areas they are not authorized to access. A PIAM software system could correlate these events and alert security to look for abnormal network activity. If the flagged physical and IT access activities are connected, security can immediately and automatically respond by deactivating the individual’s ID badge and access privileges to company digital information.

A mobile alert can also be sent to the security officers on duty to investigate and take appropriate action, such as removing the person from the premises, or detaining the individual until police arrive. In either case, providing the officers on scene with access to the PIAM system information equips them to better evaluate the situation and take appropriate actions. As advanced PIAM solutions continue to improve their ability to detect anomalies and provide actionable intelligence, it becomes ever more important to get that intelligence quickly into the hands of the security staff that will put it to use. Mobile PIAM offers a powerful, efficient and cost-effective way for organizations to capitalize on the strengths of PIAM from anywhere, at any time.

This article originally appeared in the February 2017 issue of Security Today.

Featured

  • Maximizing Your Security Budget This Year

    The Importance of Proactive Security Measures: 4 Stories of Regret

    We all want to believe that crime won’t happen to us. So, some business owners hope for the best and put proactive security measures on the back burner, because other things like growth, attracting new customers, and meeting deadlines all seem more pressing. Read Now

  • Securing the Flow of Operations

    The transportation industry is a complex and dynamic environment where efficient management of physical keys, vehicles and shared devices is critical to ensuring smooth operations, reducing costs and maintaining security. Every day, more transportation facilities are using modern electronic key and asset management systems to better secure, audit and manage the important assets that keep operations running smoothly. Read Now

  • Today's Enterprise

    Protecting servers and data has evolved rapidly over the past 15-plus years. Early on, concerns centered around the environmental conditions of where servers were housed within a building and the effects of humidity, temperature and air quality on their performance. This led to a better understanding of the need for a controlled environment to maximize equipment lifespan and capacity. It was also a driving force behind consolidating servers in a common space, i.e., the data center. Read Now

  • Study Proves It: Security Awareness Training Reduces Phishing Attacks

    Attackers are increasingly targeting human-based vulnerabilities to infiltrate organizations. Humans have direct access to insider systems and data – any threat actor can easily phish users, steal their credentials and secure keys to the kingdom without having to fight advanced cybersecurity defenses. Studies show social engineering attacks and human errors are behind 68% of all breaches.  Read Now

Featured Cybersecurity

Webinars

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3