In March 2019, Razberi Technologies conducted a webinar for integrators, end users, and consultants entitled, “Successful Convergence of IT and Physical Security”. There are many departments that depend on information technology (IT) to provide connectivity, host systems, and supporting infrastructure. Physical security systems and devices can bring many stresses to a network infrastructure.
Network infrastructure stresses
- High bandwidth systems, like cameras and viewing clients
- 100’s if not 1000’s of perimeter devices; cameras, access controllers, intercoms, and other sensors
- Hardening requirements
- Known vulnerabilities
- Devices installed external to the facilities
With these and other complexities, it can become the burden of the IT department to be responsible for service availability, cybersecurity hardening, and complying with security standards. Aligning departments can help reduce these stresses to the network.
How do you improve communication, increase productivity and manage expectations between physical security, information technology, and other key stakeholders?
There is no easy answer, but building and negotiating service level agreements, meeting IT and compliance standards are a great place to start. Aligning department service level agreements (SLAs) between departments of an organization can provide a wide range of benefits.
Benefits of aligning departments
- Improved communication between departments
- Increased productivity and performance levels
- Managed expectations
An SLA may require an IT department to monitor the performance, cyber activity, and audit trails of the systems. Selecting physical security systems that provide monitoring interfaces to IT management systems, can be an important function for all stakeholders.
As for IT Standards, meeting them can also present challenges. What is allowed to go on the network can play an important part of both the physical security system’s effectiveness and meeting the service level agreement of IT. There is always an opportunity to negotiate, as some functions of the systems may not always fit with the standards of your IT department.
IT standards negotiation example
As an example, parts of the physical security system do not provide SNMP monitoring, but does offer Syslog. It is quite possible that IT has a network or security monitoring system that utilizes Syslog, so this can be leveraged as part of the monitoring to meet the SLA requirements.
As businesses are faced with compliance and regulations, departments must adhere to and report on their status of the regulatory controls. Many digital systems fall into one or more compliance frameworks. Physical Security has become an equal player in this domain.
Building blocks of compliance
- Hardened controls
- Audit logs
As we are in a growing world of cyber threats that affect business continuity, brand, productivity, and ultimately revenue, every department must be vigil against these threats. As threats come at us in many forms, physical security is not immune, especially as more and more devices are part of our digital domain. Actively managing and monitoring cyber threats can be overwhelming for an IT department that is understaffed and has ever increasing workloads. Aligning departments can reduce workloads and adding systems that automate hardening tasks, provide real-time monitoring, and alert on cyber events becomes more important to physical security’s relationship with IT.