In the past, no one seemed to think of interoperability. Corporate managers were fully focused on the top-line growth of their companies, not foreseeing that their methodology of securing physical location and their employee base could one day become management challenges. Unknowingly, these managers were also creating a tremendous problem of disparate proprietary systems across enterprises with multiple business processes solving the same business issue at various locations.
In the last three decades, the computer revolution has further modernized the physical security aspects of enterprises. Technologies such as computerized physical access control, video surveillance sensors to detect fire, carbon monoxide, etc., have been adopted globally by burgeoning enterprises. Still, each is a standalone system, with no interoperability or centralized control. With the need for greater security, risk management and compliance to assure continued business operations, the need blossomed to develop policies that would be adopted globally across all security systems.
A New Challenge for Business
The multiple issues stemming from the deployment of so many siloed systems has fostered a new set of challenges for businesses. With no communication between locations or systems, associated business processes were also different and disparate. A terminated employee in one access control location could easily walk to another location managed by a different access control system and gain illegal entry. Likewise, a forced door entry or a surveillance breach alarm would be handled locally and would not automatically be reported to corporate security.
Explosive corporate growth and Internet Protocol (IP)-based networking have only exacerbated the issues. Yet there exists a strong need for holistic operations to assure compliance and security. Management, striving for best practices, has attempted to implement manual processes to facilitate this unity, but they depend on individuals taking actions in response to global physical security incidents – so the practice is spotty at best, and the cost, along with the exposure to risk and liability, remains immense. The problem has become so grave that companies are spending a significant amount of their annual operating budget on physical security.
Four Pain Points Emerge
Corporate physical security needs can be categorized into four areas:
• The need to integrate disparate physical security systems , using a single protocol that crosses platforms. This is the ultimate definition of convergence. Businesses need to bring every physical security system – fire, HVAC, lighting, video, access control, alarm and IT – together so the data is commonly understood by all systems seamlessly. The user should be able to monitor systems and set real-time policies without worrying about underlying systems technology.
• The need to standardize rules and policies within and across the physical security environment. Most corporations have very location-specific physical security applications and tools. A cardholder who works in a building in Topeka cannot use his or her card to enter another corporate location in Madrid , because they have two separate access control systems. Policies need to be centrally determined, deployed and managed in real-time, from a single, Web-based dashboard.
• The need to automate processes across the enterprise. Since the physical security environment is both location-specific and characterized by myriad non-interoperating technologies and vendors, business processes also become localized, not connected and manual in nature. As a result, the system is plagued by human error, higher cost of operation and maintenance with no way for corporate management to review and oversee what is actually happening from one dashboard. Processes like new hires, terminations, changes in roles, security events, compliance management, etc., have sub-processes in both IT and physical security domains. These should be seamlessly connected and converged, with periodic reports summarizing events and offering the opportunity to make any needed policy changes.