"Organizationally, the IT and security departments have been separate forever. They themselves are going through a convergence. There is an evolution of integrators blending and moving toward each other and learning each other's worlds and that just takes time. IT integrators are trying to better understand physical security and the applications that go into being a physical security integrator. The physical security integrator is trying to understand the network topologies that go into databases and networks. And there have been some companies that have been quick to adopt and understand the efficiencies and effectiveness of converging the security and IT departments but you also have others that have not adopted this and still maintain organizationally separate structures. The second point is training; IT integrators are still learning how to talk to customers about physical security benefits and features and at the same time, security integrators are still learning the language of IT. The best integrators of the future are going to have some sort of healthy balance between physical and logical security application knowledge and experience."
Casey Guagenti, integration sales director, ASG Security, Turnersville, N.J., agreed that there a number of stakeholders that come into play, a major challenge in providing an integrated physical and logical access control solution. "You have the security department wanting to run their group," Guagenti explained. "You have the IT department that wants to run their group. You have the chief financial officer that wants to save money. You have the chief executive officer who wants to drive the best value proposition for the whole organization. The key component is getting all the 'buy-in' so everyone understands that the purpose is to create more value for the organization. The key really is communication. It's getting to the key decision maker and causing that person to make a decision internally for their own company on how they want to participate."
But the challenges in integrating physical and logical access control don't end there. Budget comes into play as the logical access budgets and the physical access monies are owned by two separate divisions, according to Thomas Tang, sales manager, Solero Systems Inc., Torrance, Calif. "To deploy a converged solution you need to get the physical access manager and the IT control manager to work together to proportion monies for a combined smart card," Tang continued. "If the smart card is used physically to open a door into a building, and then that same card is used again to log onto your network, the question becomes who pays for the chip on the card and who pays for the body of the card? The card body and the chip are not manufactured by the same company. Is it security's budget or is it IT's budget?"
Tang further explained that there are no threats in synchronizing the physical security access control with the logical access control. "It's not compromising the security of one over the other. It's a budget issue."
Although end-users don't always understand the full requirements or capabilities of having a converged physical and logical access control system, the defining challenge continues to be both sides working together to implement an integrated solution for their customer and educating the end-user on what is available. Once they understand how it will add value and streamline processes and procedures, there will be more companies jumping on board and more specifications written-good news for systems integrators who have been listening all along.