The road to integrated systems

November 2008 Products & Solutions

Physical and network security merge to drive business processes.

The typical organisation produces several hundred thousand event logs stemming from various user activities, including accessing buildings or rooms, accessing computers and applications; communicating by e-mail and instant messaging; and printing, copying, editing, and deleting files. All of these can be highly relevant to protecting an organisation’s confidentiality, privacy, and security.

This trend has only increased with the digitalisation of physical security data. Digital video and smartcard applications have taken what historically have been stores of analogue data that were recalled and searched only following a precipitating event. These systems are now capable of creating useful, organisable data that can be integrated into a more holistic decision-making process.

To make matters worse, an increasing number of security solutions fall outside of the immediate scope of today’s security infrastructure. For example, identity management and information security clearly tie into corporate functions such as HR or strategic development, but they also need to be linked with IT security. Ultimately, combining event and systems information with security management results in better visibility, cost savings, and higher efficiency when protecting and managing enterprise-wide IT systems (Forrester Quick Take: The Convergence of Systems and Security Management, Thomas Raschke).

The increase in the complexity of vulnerabilities

With the introduction of regulations around data collection protection such as the Health Insurance Portability and Accountability Act (HIPAA); the Gramm, Leach, Bliley Act (GLBA); Sarbanes-Oxley and Homeland Security Presidential Directive (HSPD-12) configuration and regulatory compliance, organisations look for a framework in which to monitor and automatically enforce compliance with specific corporate-wide configurations as well as with government or industry regulations and standards. Both areas demand auditing, enforcement, updating, and documentation – and therefore stretch the capabilities and budgets of many organisations.

Add to this the sheer volume of expanding IT threats and vulnerabilities affecting more and more applications and other system infrastructure components. Companies are now looking for solutions that help them assess and manage their security position. They need tools that help them manage and prioritise the sheer volume of threat and vulnerability-related information generated by a variety of security systems.

Honeywell’s way forward

Technology and regulatory trends are driving organisations toward integrating their IT and physical security systems. The idea of 'convergence' represents an approach to using data generated by both physical security and IT systems to drive business process efficiency. This can be as simple as using digital video cameras on an existing LAN for video surveillance and as complex as using virus threat information to proactively control physical access to a building.

The convergence of physical, network, and data security are emerging in a new way to help you manage your business. This starts by properly structuring your data. Then you can get that structured data to talk with other systems. Once the various systems are communicating, they can start to build a knowledge base that is specific to your business. Workflows are identified, bottlenecks are identified faster…your business is learning to be more efficient.

Honeywell wants to take this vision to your business. The vision is the culmination of our years of experience in driving efficiencies throughout manufacturing and business organisations. We are working to break down the cost barriers of deploying these types of solutions through standardised platforms, common interfaces, and application of the latest technologies.

The framework can be seen not only as a technology evolution but as a migration path as your organisation grows and realises the need to drive more systems-level integration and productivity.

Common security policy management and control

Your IT infrastructure serves as the backbone for deploying your converged solution. By deploying IP-enabled security systems you are able to take advantage of the fixed investment and improve its ROI. While the analysis will vary based on application, the investment will have an even higher ROI when including the indirect benefits of creating a more actionable and integratable form of data-enabled by technologies such as IP-enabled video surveillance.

Developing common protocols for managing access to your company’s assets and data enables more efficient provisioning and management. Your organisation can start developing role-based policies that can manage badge issuance, enrolment, revocation processes, and XML interfaces for integration with identity management solutions.

Common user provisioning and single sign-on

The various systems running on your IT infrastructure were all implemented to improve the productivity of your workforce. These systems have become so ubiquitous that we often forget how many of them we use in any given day. Today, unfortunately, most of these systems run independently and require unique user provisioning. Driving a common interface will improve productivity and ensure that the right employees have access to the right information and workflows.

Single access credential

As a result of HSPD-12, the deployment of smartcard credentials and applications is experiencing widespread adoption. The technologies allow the integration of physical access, network access, and other data onto a single credential. These technologies enable strong authentication for access to assets and data.

Bringing it all together

Correlating physical security and IT security events

By creating usable data through IP-enabled technologies, physical security events and IT security events can now be correlated that would have remained independent from each other in the past. For instance, access to the network should only be granted to employees who have used their secure credential to access the building. Access to certain areas of your building can be granted based on IT security threat levels. This event addition recognises threats by correlating seemingly disparate events. The data can now be compared on an apples to apples basis to drive an enhanced security policy.

Unified auditing and response of physical and IT events

Once you are receiving common data, you can create a common policy for responding to physical and IT events. This can be useful for meeting compliance regulations, but can be even more effective in managing your business through common response protocols across the organisation.

Learning and proactive event management in a realtime environment

Most IT and physical security systems are reactive and take action based on events. Proactive event threat management allows your business to correlate realtime information with historical events. The system learns how to manage the current environment and can react in a realtime manner, increasing the value of your system and improving your ROI. The benefits to an organisation using such a system can be substantial. By integrating several systems together to share information, an organisation is able to see vulnerabilities in realtime; a PC left logged on while an employee is at lunch, established VPN connections while the employee is badged into the building, and the ability to link IT security events with physical security responses all drive realtime security policy management. How organisations choose to implement these new toolkits is left up to them and their individual security and compliance requirements.

Going forward

Over the coming months, Honeywell will introduce several technologies that will allow your organisation to take advantage of the convergence between IT and physical security. Given all of the benefits of a converged system – productivity from common protocols, increased security of physical assets and data, and improved ROI on IT and security infrastructure investments – Honeywell is positioned to be your partner of choice for converged solutions. For more information, visit www.honeywellintegrated.com.

For more information contact Honeywell, +27 (0)11 695 8055, richard.creighton@honeywell,com, www.honeywell.com





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Detect fires in the early stages
Securiton Products & Solutions Fire & Safety
The SecuriSmoke range from Securiton offers various levels of coverage and power to suit every budget and application. What all the models have in common is that they can detect smoke in very small quantities.

Read more...
SecuriHeat ADW linear heat detector
Securiton Products & Solutions Fire & Safety
The SecuriHeat ADW linear heat detector uses sealed tubes positioned over the detection area, and a remotely positioned control unit detects pressure changes in the tubes brought about by changing temperature.

Read more...
Fire safety in commercial kitchens
Technews Publishing Kestrel Distribution Products & Solutions Fire & Safety Commercial (Industry)
Fire safety in commercial kitchens is becoming increasingly critical. Defender is Europe’s first EN 17446:2021-approved kitchen hood fire suppression system and offers the indispensable safety measures required.

Read more...
Secure, modernise and optimise CCTV
Surveillance Products & Solutions
Industrial and commercial organisations are navigating complex digital transformation processes. With SecuVue, companies can bridge the gap between operational technology and information technology for safer, smarter operations.

Read more...
Protecting solar panel installations
Technoswitch Fire Detection & Suppression Products & Solutions Fire & Safety
Vulcan Integrated Solutions partnered with Technoswitch and installed Protectowire’s Confirmed Temperature Initiation (CTI) Series Linear Heat Detection (LHD) system, specifically designed for harsh environments, to offer fire protection for solar panels.

Read more...
Water mist for optimal fire suppression
Fire & Instrument Services Fire & Safety Products & Solutions
Building owners, facility managers and other professionals are seeking fire suppression solutions that can meet the demands of modern buildings and facilities, including reduced water usage and environmental impact, while providing the necessary protection for assets and business operations.

Read more...
Smoke 'em out
Fire & Safety Products & Solutions
The moment an intrusion is detected, Smoke Screen’s high-powered fog cannons activate, flooding the area with a dense, harmless fog that reduces visibility to near zero within seconds.

Read more...
ESPRIT intelligent fire panel range
Products & Solutions Fire & Safety
The Technoswitch ESPRIT intelligent control panel range is ideal for small- and medium-sized sites that require a powerful, cost-effective, and networkable fire alarm system.

Read more...
Protecting battery energy storage systems
Technoswitch Fire Detection & Suppression Products & Solutions Fire & Safety
The calibration-free Combustible Gas & VOC Sensor by Technoswitch can be configured to detect various flammable gases, including electrolyte vapours (VOC), hydrogen, and is an indispensable tool for ensuring the safety of Li-ion battery storage systems.

Read more...
IoT innovation in water mist fire protection
Fire & Safety Products & Solutions IoT & Automation
Marioff, a provider of water mist fire protection, has introduced an Internet of Things (IoT) solution designed for high-pressure water mist systems, enabling real-time monitoring, smart alerts, and centralised control.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.