There is probably no higher priority information management initiative than security, whether for businesses, education institutions, or government agencies. Many point solutions exist in the marketplace, and it is typical for a single organization to have deployed several. But it also typical for the departments who operate them to be silo-ed, especially in the two worlds of physical and electronic security.
This is an outdated and inefficient approach. To truly keep your most important information and assets safe, one unified system should lock all your doors — whether those are actual physical doors or metaphorical network ones. Organizations who have realized this have proven the effectiveness of unified physical and cyber security systems, and the argument to shift to a converged approach gets stronger each week breaches make the headlines.
Making the change may not be easy, but it’s certainly easier than dealing with the aftermath of an exploited security vulnerability. To get the process going, you first need to gather your IT team and physical security team together in one room. And from our experiences providing data visualization software and dashboard tools we’ve distilled 5 best practices learned.
1. Adopt a single device for access
Standardize on a single authenticated device that grants secure access to assigned physical and digital entry points. This means that each device authenticates the identity of exactly one person, giving that person a consolidated, trackable access point and giving security administrators a unified view of security activity. The mobile phone makes a good choice as this device. Unlike identification badges and other traditional identification systems, people won’t share them, and they can be locked down remotely and instantly in the event of a breach.
2. Enable instant access control
As alluded to in the first recommendation, if breach is suspected, locking down assets and revoking access needs to happen quickly, and it should be able to be performed remotely. One deactivation must be able to immediately block access both physically and electronically in the event of a suspected compromise.
3. Increase intra-organizational coordination
Just like the natural problem in the data world of siloing, it naturally occurs in the world of security. It is even more understandable since cyber and physical security systems almost always require different credentials and have different access restrictions. At the very least the different departments need to coordinate regularly on policy creation. Better still, adopt a converged solution that allows you to implement a single set of rules, automatically creating a unified security ecosystem that allows you to manage all assets, and provides a single view into all user activity, eliminating ownership confusion and information silos.
4. Make authentication user-friendly
As is the case with any technology, if it’s too cumbersome or complicated, people don’t use it as proscribed. This issue is partially solved if each user uses a single device for all types of access. However, it is even more important to provide employees and administrators with means to verify the identity of those with whom they are communicating and sharing information. This should be able to be done both in-person and remotely.
5. Create unified reporting and analysis.
This is where our data intelligence solution comes in. Whatever your security infrastructure looks like, even if it has to remain an assembly of point solutions, unify the reporting and analytics layer with a single BI platform like InetSoft’s that can mash up data from disparate sources even if they are not inherently compatible. A unified, real-time dashboard with event-based alert triggering for both physical and cyber security activity provides a comprehensive view of potential intrusions or other abnormal incidents across all environments. A unified data environment also provides a clean audit trail for incident response.