Successful enterprise security must be built on the convergence of information technology (IT) and building automation systems (BAS).
Logical security is that which governs access to the information networks, data storage and business applications. Physical security governs who has the right to access the enterprise campus and its facilities, and is a key application facilitated by the intelligent buildings’ backbone that is a key component of BAS.
While these systems are mutually dependent they are seldom integrated, although South Africa’s financial services industry is starting to take a keen interest in doing so. But predominately, physical and logical security systems in most enterprises operate in silos. The starting point for the integration is the Internet Protocol (IP) communications platform networking all electronic devices throughout the enterprise – from emergency door control and airconditioning through to CCTV and local area networks and data centres.
The multiple networks supporting these applications can easily share a single intelligent infrastructure if sufficient forethought is given to the economies of scale and potential efficiencies at the planning stages of a new building. In existing buildings, when the time for communication network technology refresh or addition of a new application is considered, this would be an ideal time to implement appropriate integration strategies.
The simplest example of why the integration of the systems is necessary is when an employee is dismissed and access to the enterprises premises and facilities must be denied. Through linking the human resources application to the building’s access control system, that person’s access card is electronically revoked, preventing entry to the building and use of facilities.
Currently this is done mainly by an e-mail or phone call to the building’s facilities manager requesting that person’s physical access rights being blocked and that security personnel be alerted to the changed status. A similar call needs to be made to the IT manager.
Having an integrated system enables management to immediately add or remove people from its database, or update their permissions and have that information immediately sent to all the enterprises’ applications. Using the enterprise wide area network (WAN) for centrally managed CCTV systems gives security personnel realtime monitoring of access points. This, together with security system software whose new algorithms can now identify suspicious behaviour, alerts security personnel to be proactive in preventing incidents.
Integrating access control with facilities management systems is another example of the advantages of integrating physical and logical security. Booking meeting rooms and the use of the equipment inside these rooms can be done from the organiser’s desktop and only those with appropriate access privileges will be able to gain entry to the room and use those facilities.
Having these systems integrated across the enterprises’ different campuses means that employees can more easily move between regional and branch offices if their access cards give them permission. Managing contractors’ or service providers’ access to pre-determined areas can also be managed by the division employing those people. Their access cards will ensure they can only enter prescribed areas and provides management with records of their movements and the times they entered and left these areas, and what facilities they used.
The goal of an enterprise security system is to protect employees and assets. Integrating the different components of the system helps lower the cost of security efficiency without adding aggravation to employees through too much physical and logical red tape.
© Technews Publishing (Pty) Ltd | All Rights Reserved