Bernard Senekal talks about sensor management and data security.
To date we have touched on the state of integration and how PSIM (physical security information management) solutions can enhance value of sub systems (CCTV/ACS/fire/intruder etc). PSIM ensures multiple disparate security systems across an enterprise can be integrated to a PSIM front-end in order to provide responses to events by mobilising human operators or ensuring other security sub-systems act according to the standard operating procedures defined. We have pointed out how these systems should work and which key elements users should identify when considering PSIM as an investment for their enterprise.
PSIM however expands beyond just integration with physical electronic security equipment. The rule essentially is that if you can give PSIM data on an IP network, this data can be used to do just about anything with. PSIM solutions are database driven applications. Moreover, by their very nature, databases can manage data back and forth and allow for exposure of functionality through a PSIM front-end that is typically not found in a vendor-based system.
So what else can be managed by a PSIM platform? Let us take a step back and look at banking and finance operation as an example of illustrating the point. In this case, the typical security estate consists of ATMs, cash handling operations, bank branches and corporate offices as well as VIP protection for executives. The security systems found inside these environments are anything from CCTV, ACS, fire, public address, smoke canons, vaults sensors, intruder, etc.
PSIM would typically be set up to allow for a view on the entire estate and the ability to mobilise physical presense and trigger other electronic security systems to manage incidents. PSIM would also be used to report current or historic scorecards of the health of the security of the organisation at certain points in time.
But let us add some other points of data to a PSIM system in a banking environment. To do this we need to understand other challenges that banking operations might have. How about ensuring we have control over HVAC? So should a fire break out in building A in the west wing, we are able to not only confirm visually (CCTV), notify evacuation (PA systems), ensure all the right doors are open and where relevant, locked down (ACS), but we are also able to ensure that the air-conditioning systems in the area of the fire are shut down in order to prevent the fire from spreading more rapidly.
What about if we start matching data network security to physical electronic security? A good example of this might be to set certain profiles of users that can authenticate on a corporate network to only be able to log in if the access control system shows that they have accessed the corporate building or bank branch.
Cybercrime activities are serious concerns for banking environments and much of the planning of this happens with colluding of organised crime circles and internal bank resources. So when one starts to profile data retrieved from physical electronic security systems and includes a view on electronic data one can start forming a picture and start asking the right questions.
For example, if I have a view on my SAP HR database and I can see that a contractor’s contract expires in two weeks from today, then why is this person accessing the building after hours (as per my ACS information) and why are they logging onto the network and accessing very specific resources or perhaps making use of ports on a computer such as a USB point?
One can take this much wider and start to create a profile for security inside an organisation, allow security to broadcast to the citizens inside a bank about riots or protests before these people attempt to enter a city centre to come to work as an example, so now suddenly we are linking news briefs and social networking and taking valuable information back to employees.
The possibilities are endless, open PSIM to the data and PSIM will open your mind to management in our sector that has been impossible before.
© Technews Publishing (Pty) Ltd. | All Rights Reserved.