By Andrew Elvish, VP Marketing, Genetec, Inc.
For years, the worlds of physical security and information technology (IT) remained separate and often at cross-purposes. Even though computer infrastructure and data needs were becoming more important in the security industry, and video surveillance network traffic and access control data were becoming more interesting to IT professionals, the departments often worked in silos.
Today, these practices can no longer be divided. Physical security depends on network security, and vice versa. The result is the convergence of IT and physical security and it’s positively impacting the industry.
Where it all began
The transition from analog systems to IP-based systems began almost 30 years ago, with the introduction of IP video cameras and digital video recording. Although the earliest cameras couldn’t match the call-up speed and resolution of established CCTV technology, it didn’t take long for new devices to catch up. By the early 2000s, IP cameras were outperforming the old analog tech, and over the decade the cost of IP cameras dropped.
Around the same time, significant advancements in IP networking occurred. Network access became more widespread, with improvements in connection speed and reliability.
In response, the security industry started transitioning cameras from dedicated coaxial cabling and closed-circuit systems to Ethernet and IP networks.
Internet and network technologies became more capable and robust. It was possible to move video data over IP networks to the cloud, instead of storing files on physical servers. IT began to play an important role in purchasing and maintaining security systems as computer infrastructure, data storage, and cybersecurity became more significant for physical security.
Physical security professionals were experts in securing physical spaces, but many didn’t have a solid grounding in IP networking and infrastructure, or related fields such as cybersecurity. They started collaborating more with their IT counterparts to ensure that their systems were running smoothly and securely.
Today, physical security professionals have become much more IT-savvy. They have to be. Physical and network security are two sides of the same coin.
Challenges and opportunities of convergence
While significant progress has been made in getting IT specialists and physical security professionals to work more closely and effectively together, there are some common disconnects that hinder collaboration. Their priorities may be different. They have distinct ways of thinking and solving problems. Their skill sets are different, and they may not have the knowledge and expertise to understand each other’s areas of specialization.
The most successful physical security professionals today work hand-in-glove with IT. They take the time to gain a strong understanding of networking, storage, cloud computing, and cybersecurity best practices because they understand these IT concerns affect their ability to protect physical assets, people, and property.
Those who fail to consider the IT impact on physical security technology decisions may unintentionally introduce cybersecurity risks. Or they select a tech stack that’s difficult to maintain and keep up to date, resulting in more system issues, downtime, and less secure spaces. By aligning on goals and infrastructure requirements, physical security and IT teams can select solutions that meet current goals and are scalable as the organization grows.
The impact on technology
Sometimes technology choices create barriers between these specialties, which get in the way of collaboration. When systems are difficult to secure and update, IT teams have to dedicate more resources to their maintenance. For security teams, software that’s complicated to use creates friction in their day-to-day work and makes them less effective as security professionals.
An organization’s choice of technology can also encourage stronger partnerships between IT and physical security. Software that’s easy to set up, secure, and use, leads to fewer demands on IT resources and improved productivity for security teams. Physical security software that has a clear and unambiguous set of cybersecurity certifications from reputable third parties like ISO, AICPA, CPNI, UL, and others helps reassure everyone that they’re working with trustworthy and resilient technology.
IT specialists tend to favor unified platforms. There are fewer integrations to break. Keeping one piece of software up to date is easier than updating (and troubleshooting) several different systems that talk to one another through custom plug-ins and APIs. Managing access control, video surveillance, automatic license plate recognition (ALPR), and other physical security systems within one unified platform streamlines operations and makes it easier for IT teams to maintain cybersecurity strategies.
In many companies, IT is also highly aware of the benefits of cloud solutions. They’ve already moved email, CRM and ERP systems, and other important business systems out of their offices and into the cloud. As the racks of servers that IT professionals have to look after become fewer and fewer, it makes sense for them to consider whether there’s a way to migrate some or all of the video archives, access control records, and other physical security data to managed services in the cloud.
Cloud or hybrid-cloud deployments enhance convergence between physical security and IT by centralizing management and data integration, streamlining operations, and enabling coordinated security policies. They also alleviate some burden on IT and physical security staff by eliminating the need to procure, manage, and maintain servers – none of which are trivial tasks. Essential updates, including firmware and software patches, are automatically pushed to the system, ensuring consistent security.
Joint defense against cyber risks
Physical security and IT professionals have become aware that understanding what technologies are being used in physical security systems is essential to mitigating cyber threats. Now that so many devices are connected to the internet, IT needs to have a clear picture of what hardware is added to corporate networks so they can watch for potential cybersecurity threats.
In the 2010s, some teams overlooked the significant risks of selecting hardware without vetting the credibility of the manufacturer. Companies unknowingly purchased inexpensive video cameras produced by factories with ties to the Chinese government. Later, it became clear that these cameras were major vectors for cyber risks and were even the basis for the well-known Mirai Botnet, which instigated a massive DDoS attack on several well-known websites. Not surprisingly, many governments, including in the United States, have banned such cameras.
Sharing data between IT and physical security can provide an early indicator of potential breaches. With a unified security solution that cross-references both logical and physical security, you may notice unusual activity more quickly. If a person badges in to the office in London, but an hour later, they appear to log in to the network using a computer in Montreal, it could be an indication of either a cyber or physical breach.
Convergence is a critical step in the right direction
Today, online and offline security are tightly connected and only growing more intertwined. Both IT and physical security professionals can benefit by getting to know their colleagues’ perspectives and working collaboratively to maintain the highest possible standards of security, online and offline.
The convergence of IT and physical security is essential for addressing complex security challenges. By using a unified security platform and taking advantage of new technology, organizations foster stronger collaboration between these teams. IT and physical security teams can develop a comprehensive approach to securing the enterprise, ensuring both physical and cyber threats are effectively mitigated.
ABOUT THE AUTHOR:
Andrew Elvish, Andrew Elvish, VP Marketing, Genetec, Inc., is a senior technology marketing executive with a proven track-record in global high-end entertainment, media, and B2B technology markets. Strongly process and data driven, with core skills in building high-performance teams across Marketing, Communication, Product Marketing and Customer Experience domains.
Source: genetec.com