How far are we down the road to true convergence of physical and logical security? Are businesses aware of the benefits around convergence? Is the technology affordable for smaller businesses? These are some of the questions Hi-Tech Security Solutions posed to Kevin Monk and Brendon Hall.
A company’s physical and logical information networks and user interfaces have been completely separate for years. Building access/physical security systems are typically put in place by either the owner of the building or, in the case of larger businesses, by the business’s security department while network and data security/logical security systems are the domain of the IT department. Each one was developed separately within the organisation.
There has been a lot of hype around the convergence of the physical and logical security environments and the market has seen varying degrees of success in application. From the outset it is important to acknowledge that if one wants to combine these different, yet symbiotic offerings it will be necessary to implement both cultural and technological changes in an organisation.
Kevin Monk, technical director at the Bidvest Magnum Group which provides integrated security solutions, said: “I believe that companies are becoming more aware of the convergence of the functions of the IT department and the facilities (risk assessment and/or security) department. Currently though, they seem to be addressed primarily from an access control system standpoint. Typically, a biometric reader controls access of people and information from various locations is assimilated via a centralised database instead of a number of disparate databases at different branches or locations.”
Brendon Hall, MD of Pentagon Distributors (a division of Elvey Security Technologies) agreed that there is a growing awareness and acceptance of convergence. “Companies are now becoming more demanding as the benefits of what convergence can achieve are made more apparent. Not only are they requesting convergence, but they are very clear that it has to take place at the highest technological level that their CAPEX allows.”
Hall is excited about the rapid advance of technology and the increasing need to bring the two faculties together in order to provide companies with a highly sophisticated building and security management system. “I believe there is a huge possibility that in some ways we are more advanced than some of the global players. This has a lot to do with the fact that our customers in South Africa do not just want a one-size-fits-all solution – they are demanding and driving customised systems. This can be attributed to the fact that they have been exposed to the various technology offerings on the market and want systems geared around maximum operability and benefit.”
Coming to the party
According to Monk, the majority of systems integrators claim to be implementing converged systems. “However, this certainly does not imply that they are all doing installations at the same level. We are seeing a huge variance in terms of sophistication and quality. Many of the players were exposed to the start of convergence with the introduction of traditional building management systems (BMS) and the more recent physical security information management (PSIM) both of which include the integration of HVAC, intercoms, alarms, access control, CCTV surveillance and PA systems.”
For the logical aspect it is important that there are firewalls in place to prevent hacking of the systems once convergence takes place. “Imagine how devastating it could be if someone hacked into your security system via the IT infrastructure. An advantage of convergence, however, if it is properly instituted and controlled, is that companies will now have an audit trail for all their actions, specifically from a legal perspective.”
He continued that it is mainly the larger companies, with similarly large budgets, who are able to implement fully converged systems. Most of the clients that have gone this route fall into the category of the big multinationals due to the fact that this level of technological sophistication comes at a premium. However, this does not mean that the smaller companies are not also joining the party. They merely budget for simpler systems that do not have all the bells and whistles. In these instances, these smaller companies often outsource their IT component and it would behove them to ask for suitable solutions.
Hall said that they are seeing a lot of convergence action from the tertiary institutions, banks and centralised retail distribution centres. “These clients know what they want, ask the appropriate questions and demand suitable solutions. In general they already have decentralised systems in place and wish to bring control back to a central point.”
He explained that Pentagon has entered into a collaborative agreement with Cengence International to provide clients with product-agnostic PSIM technology. “Cengence is an integration platform with centralised intelligence capacity that undertakes data and product integration, as well as data and pattern analysis. This assists with the proper execution of plans, strategies and tasks in accordance with standard operating procedures, thereby raising efficiencies and containing or eliminating risks.”
Monk agrees that what is needed are open protocol systems which can be integrated into a large number of vendor products. “This will in turn open up the prospect of convergence to many more businesses.”
Convergence for all companies is imminent since most security systems now run on TCP/IP. “It is rare to find a system that does not link straight onto a network and as the technology evolves and becomes more affordable, it will be considered the de facto standard.”
“The prediction model is the next logical step. This will ascertain exactly what should be done with information gathered, for example, ‘predict the behaviour of people using CCTV surveillance and allow or disallow access based on the information feedback’. The system would therefore look for exceptions in predetermined rule sets and act accordingly,” said Hall.
Cautionary notes
From a budgetary perspective, it makes sense to try to use and integrate with
pre-existing systems. However, this is naturally dependent on the ability of add-on solutions to successfully interface with older technology. Solutions need to recognise both the physical and logical sides of security convergence and ensure that they can both use the resulting converged solution.
The solutions that do not require extensive changes to resident IT and building access technology systems will be the easiest to adopt and therefore the most probable to be adopted.
Clear communication of intentions needs to be carefully orchestrated in order to ensure the full cooperation of both the IT and security/risk departments. “There will naturally be some level of concern from, specifically, the security managers that their jobs are at risk. This need not be the case as both departments have vital roles to play in the ongoing success of convergence,” said Monk.
The bottom line is that in order to provide the optimal level of incident detection, physical and logical security solutions have to converge. The extent and speed of execution, however, are dependent on the attitude of management towards this convergence; the buy-in and cooperation from both the IT and risk assessment/security departments; and the allocated budget.
© Technews Publishing (Pty) Ltd. | All Rights Reserved.
printer friendly version