Circle The Wagons

Perimeter security in the physical world and cyber realm, from 500 miles away

Remember the classic line, “Just because I’m paranoid doesn’t mean they’re not out to get me”? If you feel your assets are in danger of compromise, you’re not alone and your concern isn’t irrational. Whether it’s a stock portfolio, brick and mortar property, friends and family, business interests, campuses, public areas or government bases, it seems just about everyone’s assets are under potential threat of attack. If those attacks aren’t occurring at this very moment, someone could be scoping out your perimeter and thinking of ways to breach it.

As the first line of defense, perimeter security is often the initial focus: physical barriers, deterrent strategies, access control and intrusion detection systems, ground sensors and street patrols. Their effectiveness can then be verified with video surveillance technology.

If a company’s business extends to remote satellite offices, global business partners and supply chains, the concept of “perimeter” suddenly becomes a gray area. And, given today’s digital world in which our greatest assets are now electronic data, the definition of perimeter extends far beyond a mere physical boundary. Protecting those assets—which could reside in a server, an offsite data center, on someone’s laptop or smartphone or even in the cloud—requires a strategic combination of physical and IT security prowess.

Pushing the Technological Frontier

Improvements in physical perimeter protection have long been driven by advancements in technology, specifically in increasing processing power. On the heels of greater processing power came advancements in wireless mesh, satellite and 4G LTE communications, which allow end users to extend their perimeters beyond those once limited by conventional cabling and power supplies.

As the processing power and communication infrastructures improved, we not only pushed the boundaries of our perimeters further and further, but we also began doing more with our perimeter protection systems. We started to integrate multiple devices and use advanced analytics to share intelligence and improve the effectiveness and efficiency of our response to perimeter breaches.

While the private sector was deploying new security technology that fostered coordinated responses, the government was pursuing a parallel effort. Various departments began looking at initiatives such as Federal Identity, Credential and Access Management (FICAM) to promote and facilitate interoperability across agencies and jurisdictions to ensure a rapid response to heightened threats to homeland security. A prime example of this interoperable initiative in action is in the city of Chicago where Operation Virtual Shield has demonstrated how a federation of multiple agencies can extend the city’s perimeter protection through the use of PODS (Police Observation Devices). The success of the program is in the statistics: since January 2011, the city of Chicago has credited the federation with 1,446 POD-related arrests.

This success is being driven by three main advances in IP video:

Image quality. Security professionals now use HDTV-quality and multi-megapixel video cameras (780p and 1080p) coupled with advanced H.264 compression for superior clarity and full-color fidelity at up to 60 frames per second.

The advanced compression minimizes bandwidth consumption and storage without degrading image quality. This means a user captures greater detail and more fluid motion and can view the perimeter at further distances than ever before. This achievement is in sharp contrast to the choppy, fuzzy quality of video we had to settle for in the past when processing and storage limitations forced us to compromise surveillance frame rates and resolution.

Light sensitivity. Nonexistent or weak lighting surrounding perimeter areas has always presented a challenge to security professionals. But today, companies can deploy digital video cameras that deliver full-color images at night using only the ambient lighting available, including starlight and moonlight. More sensitive light sensors not only provide better detection in less-thanoptimal lighting conditions, they also eliminate the cost of installing additional artificial lighting to illuminate the field of view.

Processing at the edge. With computer chips becoming smaller yet more powerful combined with thumbnailsize SD cards storing 32 GB and higher, we have the technology to push processing power and storage to the edge of our security solutions. Distributing power across edge devices gives companies a wealth of advantages, such as the ability to analyze raw footage in-camera at the point of capture to improve surveillance intelligence and the ability to mitigate the risks associated with centralized server failures.

Pushing Perimeter Security into the Digital and Cyber Realm

As we look beyond the physical perimeter to the digital and cyber realm, we start to discover problems and risks that require a completely different response to attack.

Technology solutions and policies in the digital sphere are often playing catch-up against malicious yet brilliant minds in a frontier many people can’t even begin to fathom. For instance, the FBI readily acknowledges that cyberterrorists operating in the digital realm routinely steal and launder money in an effort to finance their operations. In fact, FBI Director Robert Mueller recently told the House Appropriations Committee he was concerned about the possibility of a “cyber one-two punch,” in which intellectual property is stolen and used to interfere, jam or disrupt operations on the battlefield.

It’s these kinds of attacks that have prompted us to rethink what we consider the perimeter and how we combat and prevent incursions.

But cyberattacks aren’t exclusive to government entities, nor are they a recent phenomenon. The Hampton Roads Business Journal published a 2008 survey regarding employees who left their jobs. Conducted by Symantec Corp. and the Ponemon Institute, the study presented some sobering findings: Fifty- nine percent of ex-employees surveyed admitted to taking some of their employer’s confidential information when they left. Much of the information taken was electronic. Fifty-three percent of respondents downloaded information onto a CD or DVD, 42 percent onto a USB drive and 38 percent sent attachments to a personal email account. The overwhelming majority, 79 percent of respondents, took data without their employer’s permission.

While the frontier of cyberspace may be invisible, it is no less real than a brick and mortar boundary. But unlike a wall or a fence, cyberperimeters need to be somewhat permeable to allow us to share information with our satellite facilities, business partners, customers and supply chain if we’re to conduct business in this global economy. While conventional physical security systems can address the safety of the hardware sitting in the data center, protecting the digital content as it travels through cyberspace— beyond the traditional four walls—requires a new approach.

We live in a world where IT is king, and the backbone of everything is the transfer of data across the network, be it LAN, WAN, VPN or Internet. Devices outside the corporate offices, including laptops, video surveillance cameras, access control card readers, IP-based intrusion devices and other information technology systems, become targets for attacks because they offer intruders a portal into your facility and an accessible point to hijack or corrupt intellectual data inside your perimeter.

To address this potential breach point, the federal government enacted the Federal Information Security Management Act (FISMA). This act requires federal agencies to develop, document and implement information security programs for government information technology systems. FISMA also requires regular risk assessments: formal testing and evaluation of those devices and systems. In conjunction with FISMA, the Department of Defense (DoD) and many other high-level early adopters have established their own DoD Information Assurance Certification and Accreditation Process (DIACAP) that requires users to maintain their IT systems, devices and ability to operate while protecting data linked across these systems and devices.

The National Institute of Standards and Technology (NIST) also has statutory responsibilities under FISMA to provide those standards and best practices for federal information systems.

The regulations, standards and certification programs set forth by FISMA, DIACAP and NIST offer valuable guidelines for the private sector to build upon as it continuously redefines and redesigns its own perimeter protection— both in the brick and mortar world and in the cyber/digital realm.

Finding the Right Technological Balance

Local and national industry tradeshows and seminars offer great opportunities to get a peek at the latest technologies, but oftentimes it’s difficult to figure out which options on the market really work best for a particular security application. This is when an industry consultant can be of immense value.

A consultant has extensive knowledge about security systems and can weed out those extraneous technologies or solutions that won’t help solve the problem at hand. He or she will warn against technologies that are notoriously unreliable or that will lock you into a proprietary system, while recommending solutions to create a strong, long-term strategy to navigate this everchanging landscape.

Here are some shopping tips:

  • Go with mainstream and standardsbased technologies, solutions and services. This will ensure you have the ability to change and grow as technology improves and the definition of your perimeter changes.
  • Watch the trends and see what direction the big companies are taking. Not all good solutions are in it for the long haul. Remember the battle between Betamax and VHS? VHS became mainstream, while Betamax fell by the wayside. In the security world, it’s digital, IP-based technology that’s phasing out the analog world of old. IP video and wireless-based connectivity are replacing analog CCTV’s costly cable- anchored solutions. HDTV and megapixel network cameras support H.264 compression for better image quality and bandwidth savings. IP-based thermal imaging and lowlight/ Lightfinder imaging technologies have conquered the problem of conducting perimeter surveillance in extremely low-light conditions.
  • Choose devices that support higher encryption methodologies beyond user names and passwords. Consider solutions that employ credentialbased certificates for authentication of actual system devices. These will provide the highest level of protection against cyberthreats and ensure that only trusted users (“entities”) have access to your network devices and the data from those devices. It’s a way to foster interoperability across multiple departments, business partners, agencies and customers without compromising the security of your digital assets.

Circling your Perimeter with Smarter Wagons

The reality is that today’s perimeters extend far beyond physical boundaries. You have to understand where you’re most vulnerable to identify who is most likely to launch an attack. While investigating ways to shore up your defenses, seek advice from industry consultants and participate in industry association events and online discussions with ASIS, SIA, PSA, (ISC)2 and the entire security community to learn about current technology advancements and future trends.

Gather knowledge from multiple fronts and you’ll not only protect yourself from threats but avoid getting stuck with expensive proprietary systems or dead-end technology and solutions. It’s okay to be paranoid. It’s better to anticipate the possibility that someone might be out to get you—and your assets and your data. By circling your perimeter with smarter wagons, you’ll be able to fend off the threat.

This article originally appeared in the August 2012 issue of Security Today.

Featured

  • Return to Form

    My first security trade show was in 2021. At the time, I was awed by the sheer magnitude of the event and the spectacle of products on display. But this was the first major trade show coming out of the pandemic, and the only commentary I heard was how low the attendance was. Two representatives from one booth even spent the last morning playing catch in the aisle with their giveaway stress balls. Read Now

    • Industry Events
    • ISC West
  • Live from ISC West: Day 1 Recap

    The first day of ISC West 2023 is in the books, and it’s safe to say that vendors have brought their A-game to Las Vegas. The booths of this year’s Live From partners—NAPCO Security, Alibi Security, Vistacom, RGB Spectrum, and DoorKing—were swamped all day long. Here’s a brief recap of just a few highlights from each partner’s presence at the show. Read Now

    • Industry Events
    • ISC West
  • Turn on the AC, ISC West is Hot

    Nothing warm about the Las Vegas weather outside. It is cold, and it was raining after the opening day. No one seemed to care inside the convention center. The hall was packed with inquisitive security professionals. Read Now

    • Industry Events
    • ISC West
  • Live From ISC West 2023: Day 1

    ISC West 2023 in Las Vegas, Nevada, has officially begun! Make sure to keep an eye on Security Today’s ISCW Live 2023 page, as well as our associated Twitter accounts—@SecurToday and @CampusSecur—for the latest updates from the show floor at the Venetian Expo. Read Now

    • Industry Events
    • ISC West

Featured Cybersecurity

New Products

  • HID Signo Readers

    HID Signo Readers

    HID Global has announced its HID® Signo™ Biometric Reader 25B that is designed to capture and read fingerprints in real-world applications and conditions. 3

  • Paxton10 CORE Cameras

    Paxton10 CORE Cameras

    The new CORE Series cameras feature edge processing for ultimate scalability, built-in edge storage, and plug-and-play installation. The addition of the CORE Series gives installers new hardware, better choice, and more value than ever before. 3

  • FlexPower® Global™ Series (FPG) from LifeSafety Power

    FlexPower® Global™ Series (FPG) from LifeSafety Power

    The FlexPower® Global™ Series (FPG) from LifeSafety Power—designed to provide DC power for access control systems in international applications—is now PSE listed for Japan and compatible with the country’s 100VAC applications. 3