Identity, visitor management solutions come of age

April 4, 2014
Increased compliance and security concerns driving adoption of technology

With the revelations that have been brought to light recently regarding the National Security Agency’s domestic and international spying programs leaked last year by former federal contractor Edward Snowden, there has been an increased emphasis within both the private and public sector about insider threats and the potential for security breaches. If an agency with the reach and intelligence gathering ability of the NSA can be compromised, then no organization is immune to such a risk. While traditional access measures have typically focused on stopping threats at the door, there was simply not a solution available until recently that could account for these types of insider threats. With the advent of identity management, however, it’s now possible to track and audit someone’s physical and logical access patterns, which could be the data an organization or federal agency needs to prevent leaks of the size and scope of the NSA breach.

PIAM

One company on the leading edge of this emerging market category, known as physical identity and access management (PIAM), is Quantum Secure. At the ISC West conference this week in Las Vegas, the company announced that over five million identities are now managed by its PIAM software platform, a new version of which, SAFE 4.8, was also released in conjunction with this year’s show.  

According to Rochelle Thompson, the company’s director of corporate marketing, there is still some confusion within the industry between what exactly constitutes a true PIAM solution. However, she said that one of keys to clearing up this confusion is through continuing education of the marketplace. Those education efforts are obviously paying dividends, as Quantum Secure continues to see an uptick in the adoption of its software, especially within particular vertical markets such as aviation.

“Aviation has been a huge vertical (market) for us,” Thompson explained. “I think we’ve closed 11 (sales of our software to) airports in the last three months.”

Just in the last year alone, Quantum Secure’s software has been deployed by United Health Group, Verizon, AT&T, eBay, Maxim Semiconductor, Debswana Diamond Company Ltd, Allina Health, Portland Airport, Massachusetts Port Authority with all Boston-based airports, Port of Houston, Oakridge National Lab, and Idaho National Lab. The company’s existing customers include Adobe, Symantec, Oracle, the U.S. Department of Veterans Affairs, the U.S. Department of Energy and Visa International.

Vik Ghai, CTO and VP of products for the company, said that their message has been and will continue to be around the automation benefits of their software, which enables organizations to manage and control the physical identities of employees, contractors and visitors and their related physical access permissions within a risk-based paradigm. Ghai said that within vertical markets like the energy sector, regulations are really driving their security and operations, which also bodes well for the adoption of their software suite moving forward. Eventually, Ghai said he believes that identity management systems could be advanced enough to where the system would have the ability to shut off access to a facility or network if it detects suspicious activity.

Visitor Management

Another product category that seems to be emerging within the industry is that of visitor management. The days of simply writing a name on a sticker and walking around a facility are no longer acceptable in many environments. At ISC West, SIW was able to catch up with Jim Vesterman, CEO of Houston-based Raptor Technologies, which provides visitor management software to over 10,000 K-12 schools nationwide.

According to Vesterman, Raptor’s software provides schools with an electronic log of everyone coming into the building. When someone hands over their government-issued ID to be processed, the system can then simultaneously perform an instant sex offender background check, as well as a custom database check setup by the school – whether it be for banned visitors, known gang members or, more commonly, custody issues.”

“We help schools with their day-to-day security needs in the front office,” said Vesterman. “The first steps of school security are locking your exterior doors and funneling everyone through one main entrance. Once you have them in there, you to make sure you know who is coming in and out and screen out those you don’t want there.”

Over the past 10 years, Vesterman said that his company’s software platform has flagged over 11,000 registered sex offenders trying to enter schools, as well as over 120,000 custody alerts. It has been a challenge for schools to transition away from pencil-and-paper visitor management for some time but post-Sandy Hook, Vesterman said that schools really started to take a look at what the basic security measures were that they needed to have in place.

“They went back and said, ‘ok, let me do some of the basics and get those right; let me switch from pencil-and-paper to an electronic system and let me screen people coming in and out,” said Vesterman.

Currently, Raptor’s software platform is being used by schools in 45 states and range from some of the largest districts in the nation to single school districts. In fact, according to Vesterman, 60 percent of the schools in Texas use the Raptor system.

“It shows that this can be used by every type of school. Everything from Houston ISD, one of the top 10 districts in the country, down to rural school districts in West Texas,” added Vesterman.

Vesterman said that perhaps one of the biggest hindrances to schools adopting visitor management software is just “inertia” and getting people to change their habits and traditional ways of doing things.

“They know that they need it. They know that they need to deal with custodial issues, they know that they can’t let sex offenders into the schools and they know they want to have an electronic log so that when something happens in the back closet and they see on CCTV that someone stole something, then they just look at who has checked in today, they look at the faces, they tie them together and they can catch the guy,” said Vesterman.