Change progresses at a dizzying pace in the security world. New technologies are launched in a constant stream. Existing ones are continually upgraded. As well as bringing new capabilities to market, these advances also enable tighter integration between previously disparate systems. Such integration can deliver unprecedented benefits, but if approached without the necessary knowledge, can cause significant security vulnerabilities.
Traditionally, security systems have relied on a set of fixed, pre-programmed rules, covering, for example, users’ rights to access specific areas at predetermined times. Various technologies, such as electronic access control, intruder detection and video analytics have been used to enforce these rules. Such systems aimed primarily to control access to physical locations, areas and assets, and monitor events and users, across protected sites.
These systems have been largely independent of the organisation’s wider IT estate. In today’s increasingly connected world, though, considering how any proposed security system fits within the broader IT environment is key.
What Needs Protecting?
The essential first step is to clearly identify objectives, including, though it sounds almost too obvious, what needs protecting, and the levels of risk involved. This will be likely to include physical assets such as buildings, stock and individuals, as well as data assets such as payment information, digital media, intellectual property and customer information.
This is not a binary “either-or” matter. Both physical and digital assets must be secured. Threats may arrive via a network cable or Wi-Fi connection just as readily as through doors or windows, and both types of threat can be devastatingly damaging.
At Reliance High-Tech we recognise that the physical and the virtual are inextricably linked. In fact, not only has Reliance invested heavily in core IT, IP and technology skills for our electronic security solutions, we also have a sister company, Reliance ACSN, which specialises in IT Security Management and Cyber Security.
We believe a well-rounded security policy will closely examine patterns in threatening behaviour, as well as the specific types of behaviour themselves, across both the physical and the virtual realms.
Bringing these two worlds together can pay significant dividends. For example, an integrated security system can recognise a regular employee on their way to work, using its connected devices to analyse their location and journey progress.
Artificial intelligence (AI) and smart data analytics can then allow the security system to act according to the likely needs of the individual, perhaps engaging the air conditioning in relevant rooms or readying the system to expect entry events, such as alarm arming or disarming events, before they actually occur.
The system can as a result reduce the incidence of false alarms, by assessing whether incorrect entry or disarming events represent user errors or actual breach attempts from unauthorised sources. Responses to events can range from flagging a false alarm to triggering an operator query, or even full AI-based autonomous decision-making, the office effectively managing itself.
Similarly, by linking assets and credentials with users, integrated security systems can recognise unexpected activity. For example, if a user enters their office, at much the same time as their laptop has accessed the company VPN from a distant location, a potential network hacking event can be flagged up.
Attacked Via Your Defences
Electronic security equipment today increasingly sits on data networks, often externally connected and inadequately secured. The resulting risks are enormous, and ironic – the very systems intended to protect you can become the conduit for crippling cyber-attacks.
Such equipment must therefore be hardened against cyber-attack, and installed on a network, whether new or existing, on-premise or in the cloud, which is itself secure. When considering your integration partner, ask yourself “Are they sufficiently qualified to understand your needs and your business risks at all levels?”
As well as managing and mitigating such risks, forward-thinking security integrators are today helping deliver the commercial opportunities offered by the integration of physical and cyber security systems. Extending product and service portfolios with new offerings such as mobile credential management, network security, network asset mapping and tracking, and even AI, they are offering a full, one-stop-shop security and IT service.
Task assignment and the identification of system responsibilities can be simplified, blame culture addressed and even eradicated, and new value-add information revealed, and services created.
There is an accelerating trend among security equipment manufacturers towards open technology, facilitating connected assets essential for information sharing across the customer’s wider IT estate. Such interconnections can provide great value and insight for the user, but can also introduce integrity risks, should the system not be secure.
Larger enterprises will often have existing, well-established security and IT infrastructures. Here, security integrators, working closely with consultants and manufacturers, can provide the “glue” that binds cyber and physical security systems together
Smaller organisations, often lacking dedicated resources, may require more support in specific areas. Forward thinking Security Integrators and Consultants will complement their in-house resources by increasingly building strong partnerships with IT organisations which can ensure that information systems are suitably robust and secure.
With technology advancing apace, data collection and analytics will continue to expand rapidly. Connected sensors will deliver increasing amounts of raw data, with analytics and AI extracting valuable, actionable information without the need for ever-increasing human intervention. More intelligent systems will deliver enhanced security, reduced risk, simpler management and increasing business value.
Wherever your organisation is on this path, talk to Reliance High-Tech to explore your next steps. Call us on 0845 121 0802, visit www.rht.co.uk or email us at firstname.lastname@example.org.