Implementing a Data-centric Approach

Reducing costs is as equally important goal in operating an enterprise

A company is much more complex than an IT department or a number of buildings. It is always evolving and adding more servers, buildings and systems, and therefore, obtaining more risk, costs and threats. As COOs look at the multitude of objectives across an organization, they need to evaluate how to increase profits, manage risk, or provide a cost-effective route for improving processes, managing incidents, or securely operating an enterprise.

To manage risk, organizations must manage people and the systems they utilize. Using a dashboard to manage system intelligence will identify behaviors, reduce costs and mitigate risk. How does an organization accomplish this? How can security managers and CLevel executives understand how applying a data-centric approach can eliminate data silos, combat convergence of IT/OT and reduce the multitude of risks an organization faces?

First, an organization must determine the types of data to collect to help protect business and mitigate risk. To best protect assets, people and infrastructure, it’s best to collect access control, video, visitor management, case management, burglar/fire, BMS and IT data. Companies normally collect much of this type of data, but don’t use it to make good business decisions. Analyzing the data to centrally manage business will help organizations become more efficient.

Once the data is collected, organizations must:

  • Eliminate silos and analyze data simultaneously
  • Centrally manage the data
  • Improve efficiencies based on new information learned

Organizations must use this information to not only operationalize their business to improve processes and meet compliance, but to best protect their people, property, and assets. Streamlining all data into one dashboard using a data-centric approach will narrow the gap between physical and cyber security and help predict behavior and patterns.

Key Issues with Collecting Data

Interconnectivity. Most of the systems and sensors do not talk to one another and have different device standards.

Information Overload. A typical dashboard can only show so much information and the human brain can only assimilate and sort through so many inputs at one time.

Large and unstructured data streams pose challenges; Hard to understand and recognize patterns in the data. Some of which can be overwhelming in volume and unstructured.

Turning data into intelligence requires a combination of elements. Within a security framework, using a deliberate posture and roadmap to understand the interacting systems and use cases is key to driving better outcomes. Ultimately, the key systems need to lie within the overall security apparatus.

Case Study, Digital Realty

Digital Realty supports the data center, colocation and interconnection strategies of more than 2,300 firms across its secure, network-rich portfolio of data centers located throughout North America, Europe, Asia and Australia. Digital Realty’s clients include companies all over the world, of all sizes, ranging from financial services, cloud and information technology services, to manufacturing, energy, gaming, life sciences and consumer products. By implementing a data centric approach, they were able to streamline operations, while offering a more consistent, qualitative and cost effective solution to their customers across their portfolio of data centers.

Here are some key results:

  • Implementing a self-service visitor process decreased the risk associated with manual access assignment, reducing man hours by 60 percent.
  • Reviewing the combined visitor and alarm activity periods, provided an opportunity for an 18 percent annual reduction on guard service requirements.
  • System growth translated to 24 percent increase in support services. Digital Realty used data to validate the anticipated increase in workload.
  • Excessive alarms resulted in response complacency. The data collected justified changing Design Engineering Guidelines and operating procedures. Now responses to actual events are consistent, providing a more secure environment and streamlined operation.

Adopting a data-centric approach helps organizations reduce costs, mitigate risk and meet compliance. Customers can reduce costs by operationalizing existing security infrastructure on a global scale, reduce manual processes that are labor intensive, repetitive and error prone, and future proof investment by enabling new technology.

Organizations can mitigate risk by standardizing their security processes, and ensuring the right people, places and authorizations are in place.

Implementing a data-centric approach will help companies meet government, organizational and industry regulations. They can monitor infractions and enforce security policies and rules, while creating automated reports and audit security procedures.

This article originally appeared in the August 2017 issue of Security Today.

Featured

  • Evolving Cybersecurity Strategies: Uniting Human Risk Management and Security Awareness Training

    Organizations are increasingly turning their attention to human-focused security approaches, as two out of three (68%) cybersecurity incidents involve people. Threat actors are shifting from targeting networks and systems to hacking humans via social engineering methods, living off human errors as their most prevalent attack vector. Whether manipulated or not, human cyber behavior is leveraged to gain backdoor access into systems. This mainly results from a lack of employee training and awareness about evolving attack techniques employed by malign actors. Read Now

  • Report: 1 in 3 Easily Exploitable Vulnerabilities Found on Cloud Assets

    CyCognito recently released new research highlighting critical security vulnerabilities across cloud-hosted assets, revealing that one in three easily exploitable vulnerabilities or misconfigurations are found on cloud assets. As organizations increasingly shift to multi-cloud strategies, the findings underscore significant security gaps that could provide attackers with potential footholds into networks. Read Now

  • Built for Today, Ready for Tomorrow

    Selecting the right VMS is critical for any organization that depends on video surveillance to ensure safety, security and operational efficiency. While many organizations focus on immediate needs such as budget and deployment size, let us review some of the long-term considerations that can significantly impact a VMS's utility and flexibility. Read Now

  • Paving the Way to Smart Buildings

    In today's rapidly evolving security landscape, the convergence of on-prem, edge and cloud technologies are critical. The physical security landscape is undergoing a profound transformation, driven by the rapid digitalization of buildings and the evolving needs of modern organizations. As the buildings sector pivots towards smart, AI and data-driven operations, the integration of both edge and cloud technology has become crucial. Read Now

  • The Cybersecurity Time Bomb

    If you work in physical security, you have probably seen it: a camera, access control system, or intrusion detection device installed years ago, humming along without a single update. It is a common scenario that security professionals have come to accept as "normal." But here is the reality: this mindset is actively putting organizations at risk. Read Now

New Products

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.