Ensuring a Secure Convergence

While many security and facility directors are now experiencing a convergence of technologies in their enterprises, most have questions about the timetable of this convergence, and some question its wisdom. As technology continues to move forward, security specialists on both the physical and IT sides of the fence are wondering, "Are we prepared to open our networks across the business enterprise?"The participants of a panel discussion I recently moderated at the SecureWorld Expo in Detroit put that question up for discussion and came up with some interesting answers.

"The evolution of technology plus continuing shrinking operating budgets in the corporate environment makes this convergence of cost and function a fiscally smart thing to do," said Jim Lippard, director of Internet security for Global Crossing Telecommunications Inc. "The truth is that companies are just beginning to realize their goals are the same as their assets."

Michael Miller, Global Crossing's vice president of global security, agreed that the economics of the business are driving change. "We always seem to get wrapped up in viewing technology as the catalyst for dynamic change. But anytime there is significant change in the way you go to business, there have to be benefits across the board. And in the case of security convergence, both physical security planning and IT protocols bring something to the table. You gain experience and maturity on the physical side of the house with a tradition of set policies and procedures. On the IT side, you have the luxury of cutting-edge technology, along with a balance and flexibility to make it work in almost any environment."

Anto Budiardjo, president of Clasma Inc., a marketing and conference company involved with the BuildComm event and other related seminars, said that it is not a matter of if major businesses will embrace this convergence philosophy, but when. Why is he so confident? Because, he said, "it is already happening, and more often than not, it is being hailed as a success. These are not comments made by vendors and technologists, but comments from building owners and operators who don't only see marginal benefits of using the IT infrastructure, but significant and often unforeseen improvements on how they design, build, manage and operate their facilities."

But as we open the network, are we letting dangers in? Roger Younglove, a technology consultant working with several Fortune 1000 clients, warns us to stay diligent. "The borders are changing, especially when you get into the wireless options open to you. Now with all the tool sets available on the internet, allowing access to your network data is a frightening proposition," he said. "We have to get all departments on the same page to address potential threats."

Bob Hagen, director of global architecture for Global Crossing, advises physical and IT security personnel to be wary. "I don't think all the risks (of an open network environment) will ever be completely mitigated. But I like to err on the side of caution. Do not over-extend your IP protocols any further than you have to. If that means going back and using analog cameras in public venues, then do it," he said.

"We always want to rush to play with that shiny new toy before we know all the ramifications. But a lot of logical security risk can be mitigated by good old physical security solutions. We also have to be pragmatic when it comes to convergence."

If you have any questions or comments for Steve Lasky regarding this issue or any other, please e-mail him at steve.lasky@cygnuspub.com.