At the ASIS International tradeshow being held this week in Orlando, Fla., access control firm PlaSec has rebranded itself as RedCloud. According to Kevin Wine, vice president of marketing, the firm hired a company specialized in corporate rebranding to help them make the transition. The company's access technology, designed to link access, identity management and even video surveillance, is delivered as an appliance (product names have also been rebranded as part of the change). Also at the show, the company announced the newest version of its RedCloud Security Management Software (v3.0); this is the software that runs the company's appliances, from the basic level appliance to the enterprise model.
SecurityInfoWatch.com caught up with Wine briefly before the show to talk about the rebranding work, what exactly is the company's "secret sauce" in access control and what's next. Here's what he said:
SIW: What's behind the name RedCloud?
RC: Literally, RedCloud is a coined word derived from the word "Red" (which is closely associated with security and "Cloud" (representing the promises associated with IT convergence and cloud (specifically private cloud) computing technology). So, as the newest word in security systems, "RedCloud" is a revolutionary access control solution, engineered from the ground up by IT and security veterans to deliver a new standard in performance, integration and efficiency that can only be achieved through convergence. RedCloud's web-based, physical and virtual appliance platform leverages an open architecture, integrates identity management and video surveillance and achieves the highest level of scalability with the lowest cost of ownership, making RedCloud the logical choice in access control.
SIW: Can you explain this "private cloud" concept?
RC: Many traditional security professionals struggle with supporting mission critical systems running in a public cloud because risks associated with system availability and information protection assurance are too high. Even VMware, the global leader in virtualization states this: "Many surveys on cloud computing cite security as the most significant concern hindering the adoption of cloud computing."
Regardless, of security concerns, we all understand that pressures from management to reduce costs remain. Private cloud infrastructures are perfectly balanced to deliver reduced costs and increased agility, all while ensuring security and enabling on site control over the cloud computing environment.
Instead of a third party implementing a virtual infrastructure and collocating various companies' applications and data on the same computing grid, like what is typically done in a SaaS model, with a private cloud, the virtualization infrastructure is proprietary to the customer. An example would be a major university setting up their data center as a private cloud (a grid of servers that load balance, backup, restore, and operate applications). The internal customers simply enjoy web-based access to their mission critical applications, and they do not have to deal with the servers and backups and storage and scalability, just as they would in a public cloud scenario, yet they enjoy improved security as their data and controls remains proprietary to the university itself.
SIW: How does facility access control use a private cloud?
RC: In our case, RedCloud Virtual is the industry's first VMware Ready private cloud solution for integrated access control. RedCloud Virtual is a pre-bundled network appliance software-only system that is designed to install and run on VMware's VSphere virtual infrastructure operating system. Once installed, IT runs the entire core computing system operation while the facility access control system users configure and monitor the system through a web browser of their liking. As private cloud and virtualization is a top strategic driver for many CIOs, by moving to this model, security managers can foster a tighter relationship with IT.
SIW: What advantages come with an appliance model to building access control? How is this different from how facility managers have handled access control historically?
RC: For RedCloud, a network appliance consists of a bundled or preconfigured server that provides out of the box program readiness in minutes, much like a Linksys router. This is true if the appliance is in a metal dedicated purpose server or as a software appliance. We do both. Simply put, an administrator or operator merely needs accessibility to a web browser of choice, and a secure login ID to utilize the building access control system.
Getting technical, by using Open Source technology such as Linux operating system and OpenLDAP database, we eliminate upfront and ongoing operating system and database license fees. Adoption of Open Source technology is a widely accepted practice for leading enterprise IT development, delivering high quality products, rich feature sets, flexibility, and better control. By the way, over 90 percent of world's top 500 supercomputers run Linux and it has a majority of market share (on an increasing basis) in the web server market.
Historically, and in most cases even today, facility managers, or their integrators, would be faced with installing and configuring Windows and a database like SQL Server from Microsoft. They would be prone to dealing with a myriad of security patches and viruses, which at times can be overwhelming. Also, in many cases they have to install proprietary client software on operator workstations. In addition to this unwarranted activity, they typically have to spend more money on added upgrade license fees and face time spent away from doing their core business of security system administration vs. IT system administration.
SIW: You're billing this as the "logical choice in access control," and there is an implied positioning that this product is designed both for IT and physical security. Can you explain that for SIW, as to why your product line fits IT needs?
RC: The logical nature of RedCloud Convergence Platform, our overall architecture, indeed provides unique value for IT and physical security.
On one hand is the logical nature of the design which entails appliance and private cloud computing attributes, anywhere-anytime, browser based accessibility, and our commitment to being open, especially on the field hardware side. On the other hand is the logical integration with Identity and Access Management (IAM) systems. In the same way that IT departments use IAM to provision trusted identification for employees and contractors with access to logical assets, RedCloud enables clients to extend such logical provisioning to physical doors. This integration is accomplished through RedCloud's IT Collaboration Software which supports native LDAP and all other common data exchange formats. Integrators and customers can attain this functionality through a user interface instead of requiring additional scripting and professional services from a PACS provider in order to accomplish this.
SIW: Besides undertaking this major rebranding at ASIS, how is the company investing?
RC: In two words: people and product. We continue to add new team members in engineering and sales support operations. Our development team has been very busy adding new capabilities being unveiled here at the show. Some of our new software features include: data-partitioning which allows customers to partition identities, system parameters, and access control field hardware for tenant-landlord or large applications; and enhanced graphical map monitoring that can indicate real time device status, annunciate alarms, and provide detailed zoom capabilities; and global input-output programming to enable any inputs to automate a set of outputs; and threat level automation which supports system parameters to change based on a set of event or input variables. In example, based on a fence alarm, a warehouse of chemicals changes to PIN + card mode for access from just card mode before the event. We are also investing in partner integration projects such as Codebench's development of a RedCloud PACS plug-in to their GSA FIPS201 complaint PIVCheck suite of products.