June 28, 2021
3 Ways to Better Integrate Physical Security with IT Systems
As digital transformation takes hold, organizations should take steps to protect these systems.
Physical security systems are undergoing a disruptive digital transformation. Long managed by physical facilities teams, these systems are now moving out of broom closets and into data centers and the cloud — where they’re managed by IT professionals. This transformation is quite similar to the shift in telephony that took place more than a decade ago, when we moved from analog and PBX systems to network-enabled Voice over Internet Protocol technology. It also presents some of the same challenges and opportunities.
Bringing these systems onto enterprise networks means that they must be carefully secured to protect both the physical security systems and their network neighbors. It also offers organizations the opportunity to use physical security data in new ways, improving their ability to protect people, property and premises.
Let’s take a look at three ways organizations can better integrate their physical and digital security systems.
1. Integrate Video Surveillance and Access Control Systems
Connecting physical access control systems to networks creates an excellent opportunity for integration with video surveillance and other technologies. For example, an organization that integrates these systems can have its physical access control system automatically tag live video feeds with physical access attempts. Investigators looking into a security incident may then quickly review all of the access attempts for a single individual and visually confirm his or her presence. Similarly, security specialists watching a video feed can see what credentials were used to access the building during an entry attempt.
Forensic investigations are only the tip of the iceberg when it comes to the power of integrating these technologies. Organizations may use automated license plate recognition to control vehicle access to facilities or video content analytics to trace a person’s path through the facility, among other enhancements to their physical security programs.
2. Build Strong Cybersecurity Around Physical Security Systems
In years past, legacy physical security systems were a closed network and were most often installed by integrators or facilities staff who lacked a cybersecurity mindset. This often led to weak security configurations, such as the use of default passwords and the lack of appropriate encryption technology.
As we bring these systems onto enterprise networks, we must secure them to protect against the modern threat landscape. Attackers might directly exploit these systems to bypass physical security controls or use compromised systems as a jumping-off point for a broader network attack.
3. Combine Credentials for Physical and Logical Assets
Multifactor authentication is everywhere in the modern enterprise. We use multiple, strong forms of authentication to access both physical facilities and logical systems. But while this technology is everywhere, it isn’t unified. In many cases, employees use one badge to access their building and a separate set of credentials to access digital systems.
Integrating these authentication systems offers added convenience for users and improves security for organizations. Using a single set of credentials for physical and logical access control allows employees to carry fewer credentials and enables administrators to quickly and efficiently disable user accounts upon an employee’s separation.
As physical security and IT continue to converge, business and technology leaders must begin to think of physical security solutions as IT systems. This requires building strong cybersecurity controls to protect these technologies, but it also creates opportunities to leverage this new data set for business benefit.