printer friendly version

Convergence in the real world

Hi-Tech Security Solutions recently published a news article noting that South Africa’s SecureData is now a partner of HID Global. Known as an IT security company, we thought this move warranted more investigation and we spoke to SecureData’s CTO, Wayne Olsen, about this move and what it means looking forward.

SecureData was once one of the primary IT security service and product providers in South Africa, representing a number of products and involved in a number of integration projects. A few years ago the company went through a few problems and lost some of its lustre. However, a new management team is now on board and is in the process of growing the business once more.

“Our goal has changed,” Olsen explains. “We no longer tell customers what they need, but are focused on listening to them and finding out what their actual requirements are. It’s a different approach, but it is the right one and our success to date proves we are on the right track.”

Part of what customers are saying today is their desire to improve and expand security convergence to exercise greater control and simplify complexity. The simplest and most common form of this is linking physical access to logical access: If you are not logged into the building, for example, you can’t log into your account. Similarly, if you are logging in remotely, from a mobile or home computer, certain restrictions can be put in place to ensure the company’s infrastructure and data is safe.

As to the HID partnership, Olsen says that as the company has noticed a convergence between the two security fields (physical and logical) happening for some time. Instead of having a separate network to control access to premises, IT departments are putting it all on one network to save costs and simplify the management thereof. Although this trend is not new, Olsen sees the concept growing with more companies wanting to exercise greater control and improve their security in an age of endless means and methods of getting through traditional barriers.

HID Global has the proven technology that will allow better managed and trustworthy authentication and access to corporate infrastructures, and this includes the latest access problems derived from mobile devices and the bring-your-own-device (BYOD) trend. It also allows for secure access remotely, assisting in companies keeping their systems and data secure.

Cloudy forecast

No article or information security interview can be complete these days without talking about cloud computing. Olsen says converged credentials also make accessing data in the cloud secure, but warns there is more to securing the cloud than merely implementing secure access and authentication processes.

The new PoPI legislation, for example, casts some concerns over the legality of hosting sensitive data offshore and this is something cloud users will need to address. However, Olsen says that from a security perspective companies need to be careful where they store data. With the Patriot Act in the USA, if you store data there, it can be examined for any reason, without permission from the owner or a court order. This should raise the alarm in terms of securing sensitive information.

He adds that some companies abroad will not do business with those who store their data in the USA because of the confidentiality risks involved.

Broader than access

On a larger scale, Olsen says that as part of SecureData’s approach to listening more carefully to customers and the company’s desire to become their de facto security advisor, they base their initial discussions on the SANS Top 20 Critical Security Controls (www.sans.org/critical-security-controls). This is a good way to initiate discussions about security and serves to highlight where customers may be falling short. As it is from an independent source, it’s not about selling products or solutions, but adding value and helping customers understand their own requirements better.

So, while the physical security companies are chugging along, we have one more example of an information security company taking the convergence bull by the horns and expanding its business into the physical security space. These companies are following the natural evolution of their businesses, while many physical security companies are still struggling to understand IP.

Share this article:

Further reading: