The Role of PIAM
Addressing IT Pros’ physical security challenges
- By Don Campbell
- May 01, 2017
The proliferation of networked devices has
increasingly brought IT to the table when
discussing physical security. In many organizations,
IT departments not only have
a voice at the table, but are also responsible
for deploying and managing physical
security systems. According to a recent research report, IT
professionals would like to have even greater involvement in
the pre-deployment process—preferably from the very beginning—
to ensure that any new physical security solutions
will be compatible with existing infrastructure.
IT security best practices developed separately from physical security
practices, and had a head start on addressing the kinds of
electronic and cyber security issues that are at the forefront of today’s
security landscape. Because of this, physical security system
management practices, for example, could benefit by incorporating
some of these learnings to move beyond the complex mix of
tools and inefficient, error-prone manual processes that have been
used in the past.
Among the key physical security challenges IT pros identified
in the recent Spiceworks study conducted on behalf of Quantum
Secure are cost, complexity, ease of deployment and integration.
To address these issues, IT practitioners indicated they are looking
for intuitive solutions that offer ease of use, seamless integration
with other solutions, streamlined compliance processes and
the ability to deploy the latest technologies to keep security at
Physical identity and access management (PIAM) solutions
provide the features and functions to meet these requirements
and overcome IT professionals’ physical security challenges. For
example, by using automation and the ability to collect, collate,
store and analyze data from multiple disparate security and nonsecurity
solutions, PIAM systems provide IT pros with a single
user interface for centralized management and reporting. This
approach is much more streamlined and efficient than working
with these systems separately.
PIAM platforms can also bring logical access management
into the physical security world to provide a 360-degree view of
identities in a single, fully interoperable and integrated platform.
Using policy-driven software to seamlessly manage the entire
lifecycle of all identities, these platforms provide a truly unified
approach to physical and logical access control – helping IT pros
manage identities, compliance and operations across multiple
systems and sites. Managing the entire security infrastructure is
simplified by automating formerly manual processes related to
background checks, physical access privilege assignment and termination,
visitor access control and management of audit and
compliance with regulations.
PIAM systems are designed to help IT professionals deploy
and manage a more sustainable, secure environment by providing
a single policy-based platform that automates and simplifies
physical identity and access management. These solutions provide
a comprehensive range of functions for IT pros to streamline
the entire process, including automated cardholder administration
and role- or location-based provisioning, automated assignment
of secure area stewardship to business owners, assured compliance
with regulatory and environmental security requirements
with real-time reporting, and more.
By connecting their physical security operations closely to their
IT infrastructure, IT practitioners are realizing the value of security
convergence, lowering their overall risk and benefitting
from sustainable cost savings. For IT pros, adopting this type of
converged approach means extending the traditional identity and
access management (IAM) concept to automate physical access
and audit reports, and aligning facility badging processes with
the IT network. This converged approach allows organizations
to automate physical access to resources for employees and other
identity types based on their business roles as defined in the IAM
system and/or their location as managed by the PIAM system.
From an IT perspective, this integrated approach can eliminate
labor-intensive, costly and error-prone processes of manually
managing personnel information and access privileges across
disparate, siloed, multi-vendor, multi-location physical access
controls systems (PACS).
Many of the challenges security professionals face can be overcome
with a single capability: automation. Manual processes are
costly, time-consuming and error-prone, which is hardly a recipe
for physical security success. PIAM simplifies management of the
entire security infrastructure by automating manual processes related
to background checks, physical access privilege assignment/
termination, visitor access control, and management of audit and
The process of provisioning and de-provisioning identities is
a particular challenge that PIAM can help overcome. By integrating
with logical security and other systems, PIAM ensures
synchronized and policy-based on- and off-boarding of identities
and their physical access privileges across multiple disparate
security and non-security systems. The combination of a robust
integration platform and policy and automation workflow automation
allows PIAM solutions to manage critical rules across
the infrastructure to enforce internal controls, reduce operational
costs and corporate risks, and to automate compliance processes.
Some solutions also include predefined policies that enable complete
automation of the on-boarding and off-boarding of identities
from an organization’s authoritative data source and its
physical access into the PACS.
In addition to separate physical and logical security teams, the
responsibility for authenticating identities and performing background
checks also often includes an organization’s HR department.
Without an automated, integrated approach, each of these
three teams might duplicate or make assumptions about each
other’s efforts, creating highly inefficient operations that also increase
the likelihood of errors and additional risks and liabilities.
With PIAM software, all of this integration is invisible as the solution
works with existing hardware and infrastructure to create
a single database.
Single, Organization-Wide Identity
PIAM solutions are capable of linking multiple PACS systems
across multiple locations in real time with corporate IT systems,
allowing PIAM to reconcile identity information and instantly
establish a single version of each identity. This ensures that ghost
accounts (those that consist of either blank cards with no assigned
history or where cardholder validity has been terminated
in the IT or HR system) are locked out immediately and that
compliance requirements are quickly met. PIAM solutions also
provide actionable intelligence for risk mitigation and threat prevention
using robust reporting and analytics.
Return on Investment
Deploying a PIAM solution for managing physical security allows
organizations to realize a better return on investment (ROI)
by maintaining focus on their core competencies. Simultaneously,
they can leverage their PIAM provider’s expertise and core competencies
in the physical security space. Many solutions are designed
to identify issues in current processes and close any loopholes
or potential vulnerabilities in the way systems operate.
Many PIAM solutions not only allow organizations to manage
the lifecycle of identities and their authorization for physical
access, but also serve as a highly scalable platform that automates
key processes and simplifies control of all identities across an enterprise
– ensuring that each identity is assigned the right access
to the right areas for the right length of time. By adopting a unified
approach to physical security management, PIAM allows IT
professionals to seamlessly manage identities, their physical access
and their correlation with physical security events in a multistakeholder
environment while delivering the added benefit of
providing real-time compliance.
As more and more IT professionals find themselves responsible
for deploying and managing physical security systems, the
traditional challenges these practitioners identified in the recent
Spiceworks study are certain to multiply. However, this does not
have to be the case, as advanced PIAM solutions offer the features
and functionality to overcome many of these obstacles.
Automation, integration, ease of use and centralized identity
management are just a few of the many PIAM capabilities that
provide IT practitioners with the tools and processes to ensure
the most effective and efficient protection of organizations’ digital
and physical assets.
This article originally appeared in the May 2017 issue of Security Today.