Delivering Tangible ROI

Delivering Tangible ROI

Boston-based biotechnology company Genzyme is an organization dedicated to the research of rare genetic-related diseases. Acquired by French global healthcare giant Sanofi in 2011, Genzyme has made the security of its physical and intellectual assets a priority since the 1990s, and was among the first companies to define security as a process that encompasses enterprise risk, supply chain, insurance and liability, IT and physical security, and competitive technical information. After Sanofi’s acquisition of Genzyme, the Boston subsidiary’s security leadership became a model for the organization and was therefore tasked with implementing security integration throughout the global enterprise.

Like many global organizations, Sanofi faces significant challenges, including those centered on risk management, compliance, physical security, IT security and employee safety. As security continues to be a top priority for the C-suite and risk management demands widen the scope beyond basic premises security, this function transforms into complete business continuity and security. This idea encompasses people, processes and locations—all the assets of the business—across the enterprise, which are combined and managed in a cohesive and integrated way.

Acquisitions, mergers, brand protection strategies, compliance, regulations and strategic investments all create a requirement for processes and solutions that accommodate change and flexibility. Enterprise needs are far more diverse than what is typically seen in the public sector. These organizations commonly have widely distributed facilities that need to be linked and disparate systems that need to be integrated and Sanofi is no different. Consolidated operations among these sites and across existing technology investments are critical to achieving greater levels of situational awareness. Security, IT and risk managers also need to ensure a strong return-on-investment on all capital expenditures to receive continued support and buy-in from senior leadership. Business leaders need streamlined and enforceable procedures across the enterprise, backed up by consolidated and robust reporting capabilities.

Sanofi is a widely distributed organization that crosses geographic boundaries and a variety of network topologies, and it operates with regional and local security desks in place. Because of the evolution of its business, Sanofi required a solution that could meet today’s business challenges but also scale and grow as business needs and network designs changed and evolved.

As one of the world’s largest pharmaceutical companies, Sanofi sought a solution to the challenges of integrating and streamlining a multitude of different security systems and sensors into one, easy-to-use interface. After careful consideration,

Sanofi opted to implement SureView Systems’ Immix Command Center (CC) software platform as a way to not only easily incorporate information from a multitude of physical locations into their global security command center, but also provide an enhanced form of monitoring that would make the jobs of operators much more manageable and efficient.

Immix CC is an enterprise command center software platform used by businesses, institutions and agencies to monitor security, IT and business systems, as well as protect critical assets. It is the driving force behind today’s private command centers and is designed to drive down the cost of monitoring multiple systems across locations while increasing the effectiveness and response time of the security team.

According to Bhavesh Patel, senior director of security operations and technology at Sanofi, the company had as many as 32 disparate access control and video systems in North America. Following the deployment of the Immix platform, however, the security team at Sanofi worked to consolidate these and other physical security systems in use at the company’s numerous facilities, which include office buildings, laboratories and manufacturing plants. Sanofi actively monitors more than 150 locations from their Security Service Center (SSC), which range from buildings that house as few as three employees to office complexes where nearly 4,000 people work each day.

Given the company’s large geographic footprint, Sanofi also employs a myriad of security technologies, including surveillance cameras and a multitude of access control points that are integrated into Honeywell’s Pro-Watch software. Additionally, Sanofi leverages NC4’s real-time threat alerting system, as well as tracking technology from FreightWatch. Rather than launch headfirst into trying to bring all of these various systems into the Immix platform at one time, Patel said that the company has taken “baby steps” in rolling each of them out so as not to overwhelm their SSC Analysts.

Immix is architected to address the specific needs of enterprise businesses such as Sanofi. Its Web-based architecture and ability to support a variety of network topologies and communication platforms lends itself to the distributed nature of the enterprise market. In fact, the software platform is particularly well suited to global enterprise organizations. This architecture also supports a rapid deployment model and a strong ROI/TCO model. Most importantly, it is agile enough to meet the changing dynamics of enterprise businesses.

Immix allows Sanofi to customize the system to the specific needs of its organization. Its open architecture enables a high level of integration support for a wide variety of third-party devices, supporting rapid deployment and minimizing expensive, complex piecemeal solutions. The software enables Sanofi to automate manual processes to streamline the delivery of security services, eliminating the opportunity for operator error and nuisance alarms, ensuring only actual security events are handled.

In fact, auto-handling ensures operators are paying attention to the most critical security alerts and following best practices. For example, in the past an e-mail alert would come in to an operator and they would have to open it to gauge its potential impact to the organization. Email alerts are automatically filtered to enable users to quickly determine which messages need immediate attention. If something does require attention, the system will automatically pull up any relevant security systems in the area of the alarm, such as surveillance cameras, and provide the operator with directions about what steps to take.

It is this exact function that has proven to be the most beneficial feature of Immix that Sanofi and its security personnel have seen: the biggest ROI is derived from the auto-handling capabilities.

“Without Immix you would receive an e-mail, and you have to make sure you have your e-mail client open, then you have to look at it and process whether it has an impact or not,” Patel said. “If there is an impact, you have to manually pull up video or anything else you need to look at, versus now where everything is done automatically. Based on the rules we’ve set, the software indicates you don’t need to look at this email because you set this for auto-forward, but the one you need to look at is here, and it’s going to show you the email, where it is on the map and then it’s going to pull up the video for you. This has allowed us to reduce approximately 20 percent of the alarms and five to 10 minutes of event handling time per event from one of our systems.”

Training is also simplified because operators are only using a single, unified interface as opposed to managing multiple interfaces for the many systems they monitor. The ability to add predetermined steps for operators to follow during various security events has also enabled users to become more efficient in performing their duties. Ultimately, this solution has helped Sanofi reduce the amount of time it takes to train operators in their command center.

“Obviously, if you are able to process steps across individuals alarms, it reduces the training time and also allows you to provide consistent service,” Patel said. “We have seen a reduction in the time it takes to manage alarms because the integrated components are pulled together in the same interface. With these disparate systems, we spent a lot of time training people to make sure they were managed correctly. On average, we have reduced the amount of time it takes to train our operators from between 16 to 24 hours overall since we only have to train on one system.”

Patel said they have also received a significant amount of positive feedback from their operators since the Immix platform was deployed. Mostly, this is because of the fact that Immix has simplified the management of its entire security technology network and subsequently, eliminated the need to learn and become proficient with multiple platforms.

“Things that were not set up procedurally before, are now are set up in Immix, and it is consistent. This allows us to manage our cascading security environment,” Patel said. “If an alarm does not get resolved at the site level, it automatically gets forwarded to our global SSC so we do not have to have multiple procedures for the same alarm. Training has become much easier.”

According to Patel, what differentiates Immix from a traditional PSIM system is that it provides end users with more than just a hodgepodge of converged data. Because of all of its moving parts, a PSIM platform is nearly impossible to implement to its full potential; however, Immix brings multiple areas of a security program together into one solution only to provide information but to actually help the end user take action.

“There are multiple integration points coming into the system, as well as numerous sensors to help operators make a decision as soon as they get that information,” Patel said. “This is more of an enhanced monitoring tool than just a physical information system.”

Sanofi has already integrated security systems at all of its North American facilities and are looking to expand it to all of their international sites, as well.

The system is designed with multiple integration points and numerous sensors to help organizations like Sanofi make a decision as soon as information is available, making it an enhanced monitoring tool.

 

This article originally appeared in the September 2015 issue of Security Today.

  • Ahead of Current Events Ahead of Current Events

    In this episode, Ralph C. Jensen chats with Dana Barnes, president of global government at Dataminr. We talk about the evolution of Dataminr and how data software benefits business and personnel alike. The Dataminr mission is to keep subscribers up-to-date on worldwide events in case of employee travel. Barnes recites Dataminr history and how their platform works. With so much emphasis on cybersecurity, Barnes goes into detail about his cybersecurity background and the measures Dataminr takes to ensure safe and secure implementation.

Digital Edition

  • Environmental Protection
  • Occupational Health & Safety
  • Spaces4Learning
  • Campus Security & Life Safety