printer friendly version

A South African perspective

One of the most basic - and yet exceptionally important - questions around IT and security convergence is why physical security and IT security should even be integrated?

In most companies physical security and IT security are treated as two very separate and independent technologies which are implemented and managed by two separate departments with very little or no interaction between them.

The reason for the division is simple. On the one hand, IT security is responsible for the protection of company data, the prevention of unauthorised access to information and the security of the network. On the other, physical (or electronic) security is responsible for the protection of company property and personnel, the prevention of unauthorised access to the premises and the prevention of losses of valuables.

However, there are two arguments for greater cooperation, if not complete integration, of the two disciplines which could potentially save thousands of rands in cable, network hardware and personnel costs as a result of duplication:

* Some IT security functions - for example limiting access to a system's security information (recorded footage and incident logs) - are duplicated by the physical/electronic security departments.

* With the advancement of technology, most intelligent security systems today are implemented on a separate but similar Ethernet network to the one installed to cater for the business processes. This Ethernet infrastructure responsible for the physical/electronic security communication, requires the same level of IT security and management as the IT system the business employs. The duplication of Ethernet infrastructure and system management is due to the lack of understanding and communication between IT security and physical/electronic security departments within an organisation.

The biggest challenge when it comes to integrating IT security with physical/electronic security is to establish a management team and structure that represents both departments' needs and future plans. This is possible when both the IT security and physical security departments have clearly defined roles and responsibilities within the management structure.

Unfortunately, most existing IT systems and their security were designed to only cater for the necessary business processes and can not cope with the demands of physical/electronic security. But, with enough cooperation between IT and security departments, IT security can upgrade and enhance their systems while the physical security department can install the latest technology with all its analytics that can even be used as a business management tool.

Being able to manage, secure and protect all business processes, assets and personnel on a single network certainly has many advantages over separate and individually managed systems.

Share this article:

Further reading: