Unlocking the Benefits
Internet of Things solution promises greater connectively and organization insights
- By Jimmy Palatsoukas
- Feb 01, 2019
The Internet of Things (IoT) promises greater connectivity,
which, when properly leveraged, can provide invaluable
insight into our organizations and our operational
environments. In the security sector, increased
connectivity between sensors and systems gives us access
to more data than we thought possible even just a few years ago.
We have long been able to connect an access control system (ACS)
with a video management system. This integration is used to validate
the authenticity of events against associated video. It is what allows security
personnel to verify that a forced door event is not a false positive.
Today, we can also connect to a wide and diverse array of systems,
including intercom, perimeter intrusion detection, gunshot detection,
and automatic license plate recognition (ALPR). In addition to providing
greater situational awareness, our increased connectivity also
allows us to effectively automate decision-making and help guide personnel
in their investigations. And we can do more.
Beyond security, access to more data gives us the opportunity
to collaborate and create new ties with other teams, including operations,
marketing, and human resources. By tapping into security
infrastructure, these teams can use analytic tools to derive valuable
insights from a wide variety of data to make improvements that can
positively impact a business’s bottom line.
Retailers in brick and mortar stores, for example, now have access
to real-time information on their customer’s experience. With this
timely information, management and marketing teams are able to
see how shoppers move through their environments, determine when
and where people linger, which displays generate the most interest,
and when check-out lines get too long. Working with this knowledge,
they can implement changes in the store’s layout and displays as well
as increase or decrease personnel on the floor to ensure that they are
providing the best possible service. They can also work together to
fine-tune the process and ensure that the right balance between safety,
loss prevention, and customer service is being met.
While we continue to discover even more benefits of increased
connectivity, it is clear that the IoT comes with its own specific set
of challenges. The first is figuring out how to actually connect all
our sensors and systems. Then, how do we keep from overwhelming
people with too much data? Finally, how do we ensure that, as we add
more devices, we don’t increase the vulnerability of our networks?
How to Work Well Together
The first challenge is how to connect systems and sensors over the
IoT in a way that works. Making sense of all the data we’re collecting
from the ever-increasing variety of sources can be a significant hurdle
to unlocking insights. Simply hooking up new sensors or systems to
an existing network does not mean that they will be able to communicate
nor that the information they’re gathering can be understood
in the same way.
To get an idea of what is involved, we can look at one of the
most common IoT sensors being installed by DIY home automation
enthusiasts: motion sensors. Adding a motion sensor to a network
might seem like a simple task, but it requires a compatible hub, which can receive events when motion is detected. This hub must also be
able to communicate with the lights that the home owner wishes to
automate. Even when that integration is achieved, proper calibration
of the sensor’s sensitivity is still required, a process involving extensive
trial and error.
Given how time-consuming the process involving the installation
of even one sensor can be, it is easy to see how complicated and costly
it is to install the vast number of sensors collecting data in a modern
corporate campus or building. Organizations at this level have the
opportunity to collect data on everything from temperature and presence
to lighting and door activity and are eager to do so.
This is why we need to work with open platforms that allow for
true integration in order to facilitate data collaboration and achieve
greater understanding, but this is easier said than done. Traditionally,
we have kept information siloed. Sometimes this was done to prevent
unauthorized access, and sometimes it happened simply because the
systems collecting and storing data were not developed with interoperability
in mind. Regardless of the reason, the result is that, more
often than not, we are using different protocols to collect, store, and
analyze our data.
When it comes to integration, there is a lot of heavy-lifting required
to getting new sensors and devices to communicate and work
together. It makes sense then that much of the lead on this is being
taken by organizations in the security industry as we already have
extensive experience connecting devices and unifying systems.
More Devices Shouldn’t
Cause Headaches
The challenge of adding more sensors and devices to our networks
goes beyond the integration process. When we add more data collecting
devices to our networks, we run the risk of overwhelming security
personnel with too many device or system interfaces. After all, we
don’t want personnel to be jumping from one platform to another in
order to gather all the information they need to respond to an evolving
situation. In part, the simple fact of opening and closing applications
increases the risk that something gets missed. However, we also
add a layer of complexity when each application has its own interface
and way of working. In high stress situations, the last thing any of us
wants is for security staff to be negotiating with their system instead
of focusing on the best way to respond.
Working with a single, unified platform means that personnel no
longer have to jump from one interface to another and manage different
vendor solutions at every turn. Instead, they can handle tasks in
fewer steps in a consistent environment. With consolidated monitoring,
reporting, and a map-centric approach to security management,
a unified security system, like Security Center from Genetec, helps
operators become more efficient, make better decisions, and respond
to incidents more rapidly.
Focus on What is Important
When it comes to security, we like to say that there is no such thing as
too much information, but this is only as true as our ability to manage
it. Today’s security staff monitor thousands of network-connected
devices, including video cameras, access control readers, intercom
stations, fire alarm panels, intrusion devices, perimeter detection sensors,
and analytics. All this information is streaming back to them
over the network, and they must quickly decipher what’s happening
and respond.
One of the risks we run with adding an ever-increasing number
of sensors to our systems is that security personnel can be inundated
with minor events, major alarms, and notifications. This in itself
can be a security risk. For example, when an operator receives more
alarms than they can respond to or a significant number of falsepositive
alarms, their reaction can be to either ignore incoming alerts
or turn off reporting.
Investing in a collaborative decision management system (CDMS)
to automate workflows and guide security personnel through tasks
and decisions can alleviate this burden. A CDMS, like Genetec Mission
Control, provides security personnel with increased situational
intelligence, visualization, and complete incident management capabilities.
By ensuring a timely flow of information, it allows them
to make better-informed decisions when faced with routine tasks or
unanticipated situations.
A CDMS can also help organizations move beyond simple event
and alarm management. Working in real-time, a CDMS automatically
analyzes the data it collects and qualifies from different security systems
as well as thousands of sensors and devices. This enables it to spot
the most complex situations and incidents and determine whether or
not security personnel should be sent to investigate potential threats.
Once decided, the system can then guide security personnel in their responses
following pre-defined processes and compliancy requirements.
Network Security is
Everyone’s Responsibility
The last, and perhaps most far-reaching, challenge associated with
our increased connectivity over the internet is cyber security. In order
to leverage all the advantages of the IoT, we are essentially creating
incredibly large networks with thousands of connected devices.
Given that our systems are only ever as secure as their least secure
element, even a single unprotected camera or door controller that
still has its factory-set default password can be all the attack surface
a cybercriminal needs to gain access to an organization’s network.
There are several ways to mitigate the risks of criminal cyber
activity, including advanced encryption, authentication, and authorization.
Encrypting data both in transmission and at rest protects
private information and enhances the security of communication between
client apps and servers. Authentication keeps data from getting
into the wrong hands by preventing unauthorized access and authorization
allows administrators to restrict the scope of activity within
your system by providing access rights to groups or individuals for
resources, data, or applications and by defining what users can do
with these resources.
Given the substantial rewards for criminal cyber activity, including
financial gain, access to valuable data, or system control,
cyberattacks will continue to evolve. Organizations must not only
protect themselves today, but must also lay the groundwork to continue
to mitigate against the risk of future threats. As we continue
to discover the myriad insights and advantages to
be found in the IoT, protecting ourselves against
criminal cyber activity will not only be good for
business, it will also help foster a safer global
community.
This article originally appeared in the January/February 2019 issue of Security Today.