Implementing a Data-centric Approach

Reducing costs is as equally important goal in operating an enterprise

• By Kim Rahfaldt
• Aug 01, 2017

A company is much more complex than an IT department or a number of buildings. It is always evolving and adding more servers, buildings and systems, and therefore, obtaining more risk, costs and threats. As COOs look at the multitude of objectives across an organization, they need to evaluate how to increase profits, manage risk, or provide a cost-effective route for improving processes, managing incidents, or securely operating an enterprise.

To manage risk, organizations must manage people and the systems they utilize. Using a dashboard to manage system intelligence will identify behaviors, reduce costs and mitigate risk. How does an organization accomplish this? How can security managers and CLevel executives understand how applying a data-centric approach can eliminate data silos, combat convergence of IT/OT and reduce the multitude of risks an organization faces?

First, an organization must determine the types of data to collect to help protect business and mitigate risk. To best protect assets, people and infrastructure, it’s best to collect access control, video, visitor management, case management, burglar/fire, BMS and IT data. Companies normally collect much of this type of data, but don’t use it to make good business decisions. Analyzing the data to centrally manage business will help organizations become more efficient.

Once the data is collected, organizations must:

• Eliminate silos and analyze data simultaneously
• Centrally manage the data
• Improve efficiencies based on new information learned

Organizations must use this information to not only operationalize their business to improve processes and meet compliance, but to best protect their people, property, and assets. Streamlining all data into one dashboard using a data-centric approach will narrow the gap between physical and cyber security and help predict behavior and patterns.

Key Issues with Collecting Data

Interconnectivity. Most of the systems and sensors do not talk to one another and have different device standards.

Information Overload. A typical dashboard can only show so much information and the human brain can only assimilate and sort through so many inputs at one time.

Large and unstructured data streams pose challenges; Hard to understand and recognize patterns in the data. Some of which can be overwhelming in volume and unstructured.

Turning data into intelligence requires a combination of elements. Within a security framework, using a deliberate posture and roadmap to understand the interacting systems and use cases is key to driving better outcomes. Ultimately, the key systems need to lie within the overall security apparatus.

Case Study, Digital Realty

Digital Realty supports the data center, colocation and interconnection strategies of more than 2,300 firms across its secure, network-rich portfolio of data centers located throughout North America, Europe, Asia and Australia. Digital Realty’s clients include companies all over the world, of all sizes, ranging from financial services, cloud and information technology services, to manufacturing, energy, gaming, life sciences and consumer products. By implementing a data centric approach, they were able to streamline operations, while offering a more consistent, qualitative and cost effective solution to their customers across their portfolio of data centers.

Here are some key results:

• Implementing a self-service visitor process decreased the risk associated with manual access assignment, reducing man hours by 60 percent.
• Reviewing the combined visitor and alarm activity periods, provided an opportunity for an 18 percent annual reduction on guard service requirements.
• System growth translated to 24 percent increase in support services. Digital Realty used data to validate the anticipated increase in workload.
• Excessive alarms resulted in response complacency. The data collected justified changing Design Engineering Guidelines and operating procedures. Now responses to actual events are consistent, providing a more secure environment and streamlined operation.

Adopting a data-centric approach helps organizations reduce costs, mitigate risk and meet compliance. Customers can reduce costs by operationalizing existing security infrastructure on a global scale, reduce manual processes that are labor intensive, repetitive and error prone, and future proof investment by enabling new technology.

Organizations can mitigate risk by standardizing their security processes, and ensuring the right people, places and authorizations are in place.

Implementing a data-centric approach will help companies meet government, organizational and industry regulations. They can monitor infractions and enforce security policies and rules, while creating automated reports and audit security procedures.

This article originally appeared in the August 2017 issue of Security Today.