The Age of Convergence

March 1, 2003

One of my favorite writers, Arthur C. Clarke, once said that any sufficiently advanced technology is indistinguishable from magic. Over the 16 years I've been in this industry, I'm continually astounded to see the rabbits our technology mavens pull from their hats.

We have gone from a world of assorted commodity products and highly proprietary gadgets to the space age of networks and integration (sort of). While systems integration has been the catch phrase permeating every offline conversation over the last decade, not until recently has true integration surfaced. It became clear during my seminar tour in February that end users, systems integrators and consultants all have varying opinions of where we are in relation to systems integration and what the drivers for that integration will be.

"Systems integration is an evolutionary process. We as users, manufacturers and consultants will ultimately define what it means. We are light years ahead of where we were two years ago. And as more and more open protocols evolve, the ability to exchange data across the corporate enterprise will increase," stated consultant Elliot Boxerbaum, CPP and president of Security/Risk Management Consultants Inc. "As that happens, security becomes just another piece of the puzzle, but at the same time its importance to the whole is increased."

So what is Mr. Boxerbaum saying? What we at ST&D have been saying for the past two years: The lines have blurred. Convergence is upon us. As we migrate from hardware- to software-based solutions, we are not only responsible for keeping the enterprise safe; we are also asked to help herd the data from one end of the ranch to the other. Because of market fragmentation, because of the lack of standards, because of a slow call to arms for open systems, we in the security industry have surrendered the keys to the control room. Those googley-eyed folks in the corner office with the trail of Skittles leading to their door now own us. We're talking IT. Keepers of the Holy Network.

But not so fast. "I'm finding that in many new environments, security is going to lay down its own network. The IT boys don't want to have anything to do with {physical} security operations. At least that's what we are seeing in the metro New York area," veteran consultant David Aggleton admitted at a recent seminar. "I would venture to say that among 95 percent of my clients security doesn't want to be bound to IT either. They don't want to be tied to their network if it goes down and they don't want to have their technology dictated to them."

Boxerbaum was quick to retort. "Our clients see that systems administrative tie-in as a very attractive thing. When the server is sitting in the corporate IT room, regular backups are automatically made and upgrades are scheduled with the rest of the enterprise. Security now sees their job being done better and getting the attention it deserves."

The final word came from Mike Butler, chief of the DOD's smart card program. Butler is working with card manufacturers and the federal government in the establishment of the new SEIWIG card specification, which has already been adopted by the military.

"It is a ridiculous scenario to think that technology people will refuse to talk with each other. You know, if that is the case, they all need to be fired!" Butler said. "This is not the 1960s anymore. We are dealing with the migration of information. It is identity and verification we are selling here. We are responsible for the migration of data from one place to another; nothing more, nothing less."

The truth is, convergence is not a buzzword. It is a creeping reality. If we as a security industry don't go willing, we will certainly be pulled in headfirst. And believe me, no one will care about the kicking and screaming.

If you have any questions or comments for Steve Lasky regarding this issue or any other, please e-mail him at [email protected].'