Physical Security’s Role in Digital Transformation
The Process of Departmental Collaboration (Part-Ⅰ)
As threats become more sophisticated, organizations are being forced to take a long, hard look at how to best protect their facilities, people and data from physical intrusions and cyberattacks. Sometimes, these are even happening simultaneously. In the first of this three-part series, we focus on process and the need for departmental collaboration, highlighting security’s role in digital transformation.
A Two-Pronged Attack
The need for departmental collaboration to mitigate security issues is reflected in this all-too-likely scenario:
- At 2 a.m., the doors of a large organization are breached, and the security officer gets an alert.
- Three minutes later, the cyber team gets an alert that someone is trying to overload the network.
The Need of Digitize
Digital transformation, the use of technology to fundamentally improve performance or reach, has become an obligatory upgrade for companies across the globe. The strategy to digitize is shaping entire businesses and creating huge opportunities. A successful digital transformation is not just about implementing new technologies but transforming your organization to take advantage of the opportunities those new technologies provide. Digital transformation initiatives should be focused on reimagining customer experience, operational processes, and most importantly, the transformation of your business model.
Our insights reveal that digital transformation does not happen organizationally from the bottom up; it must be driven from the top down. Digital transformation is not just a technology change, but an organizational one, and therefore a change that must start with your leadership. This requires leaders to upend entire business models to envision how people, data, and processes can create value for their customers. This is a moment for leaders to rethink how their organizations work.
Security and Disruptive Technologies
Security within an organization is critical and almost always operates in a silo; physical security’s focus is on mission-critical, life safety events, while IT’s focus is on logical threats. Little coordination occurs when a threat impacts both worlds, as noted in the example above.
From a physical and cyber security perspective, industries are technically capable to quickly assess and address threats independently without the previous layers of reporting and approval protocols slowing down a response. Coordination and collaboration warrant a commitment to a digital transformation initiative.
We have identified four major innovation areas that can be leveraged by the adoption of transformative digital technology:
- Machine learning-based rules monitoring. Machine learning is used to analyze much more data than a human. Increasingly, machine learning algorithms are used to make operational conclusions, making decisions and acting on them, sometimes without human intervention, which streamlines the business process.
- Asset-focused proactive risk modeling. Threat modeling is how potential threats can be identified, enumerated, classified, and mitigated. It is a proactive approach used to understand how different threats and attacks could be realized. The purpose of threat modeling is to provide security teams with a systematic analysis of what countermeasures need to be implemented given the nature of the asset, the most likely attack vectors, and the assets most sought after by an attacker.
- Collaborative incident management. The process of dealing with an outage, service disruption, or other large incident from its inception to completion is known as incident management. While this definition may appear straightforward, the lifecycle management process is extremely complex, requiring cross-team collaboration, disparate technologies, and distributed systems to resolve issues quickly without jeopardizing the customer experience, brand reputation, or most importantly, the company’s bottom line.
- Highly secure, cloud-based architecture. In a cloud computing architecture, all applications are controlled, managed, and served by a cloud server. Its data is replicated and preserved remotely as part of the cloud configuration. A well-integrated cloud system can create nearly limitless efficiencies and possibilities.
These innovations will help deliver a key mission for life safety, employee security, and asset protection. Put differently, after you decide which digital path to take based on predefined and machine–learned rules, this will positively affect your physical and cyber operation teams by delivering a holistic picture of threats with deeper event collaboration.
In part 2, we will focus on the management of the Internet of Things (IoT) and security, and in part 3 we turn to administration and device mitigation. We’ll provide our takeaways when we wrap up the series.
The Management of the Internet of Things (IoT) (Part-Ⅱ)
In the second of this three-part series, we focus on the management of IoT, highlighting security’s role in digital transformation.
An IoT Primer
At the core of a robust IoT strategy is providing the ability to install and manage devices on a large scale, but device management is just one of five functions organizations typically are seeking to achieve. The others are lifecycle management, work orders and ticketing, reporting, and lowering security infrastructure.
Determining how to manage the myriad of devices in a security system is a critical decision because when you begin to network things like cameras, your vulnerability increases. You can use middleware to facilitate systemwide communication or make your devices IoT aware.
The device management process includes five important components:
- Device authentication—the act of securely establishing the identity of a device to ensure it can be trusted.
- Provisioning—the process when a device is first plugged in and connected to the local network; it “calls home,” and based on the credentials or other information such as model and serial number, it might receive further configuration data .
- Configuration and control support—the act of delivering attributes such as its name, location, and application-specific settings such as the amount of time between sending position messages and the ability to remotely reset a device to achieve a known-good state, recover from errors, and implement new configuration changes .
- Monitoring and diagnostics—the ability to minimize the impact of any device downtime due to software bugs or other unforeseen operational problems, which includes downloading program logs to troubleshoot and solve issues.
- Software maintenance and updates—essential to securely update and maintain remote devices, fix application bugs, add simple feature enhancements, or update the main running application software without touching the platform firmware .
Determining the lifecycle of security system components is critical to ensure there is no lag time when they need to be replaced. This includes keeping track of data such as where they were procured when they were deployed, what kind of warranty they have, their repair history, and their replacement cost.
Lifecycle management also focuses on the importance of being aware of design and development challenges that can arise from IoT. For instance, more flexible development methods that enable an efficiently deployed environment on a global scale must consider ease of integration. In addition, security is a paramount concern in IoT development. A robust security strategy must be factored in across the application lifecycle at the design stage.
Testing and debugging, deployment, and decommissioning also need to be taken into consideration under the lifecycle management umbrella. Perhaps the most critical value proposition of an IoT system is the ability to unlock and extract data from devices, aggregate, analyze, and make business decisions based on insights realized.
Work Orders and Ticketing
IoT can be invaluable when dealing with changes to a device state, as having an integrated work order solution and knowledge base with FAQs can result in streamlining the work order generation process. This may facilitate the ability to move tickets between categories, assign tickets to specific staff members, link or split requests based on their subject, and do a mass reply to multiple requests. Integrating alarm response with work order ticketing is rare today, but we consider it to be a solid strategy with next-generation solutions.
Integrated reporting in the IoT enterprise is extremely important. When something happens, you need to know why. Plus, having reporting technology that is ubiquitous and accessible anywhere makes it easier to justify expenditures and will help make a case for future spending. The real-time data ingest process should feed right into the same reporting engine.
Lower Security Infrastructure
Embracing the power of IoT has the potential to eliminate expensive infrastructure while enhancing functionality. For instance, access control can be implemented by leveraging cognitive services like facial recognition, biometrics, or other next–generation modalities to eliminate the plastic credential and card reader, and maybe even the presence of guards. In addition, relying on the power of cloud platform services may eliminate a middle application and break the traditional model.
Better Compliance and IT Security Tools
One of the biggest challenges facing organizations today is that most security systems devices are not IoT-compliant. Many of the legacy IT-based protocols like SNMP are not robust enough to support a more contemporary IoT strategy.
Forward-thinking organizations should be asking themselves how they can achieve better compliance by leveraging current IT tools to help with the following concerns:
- Log retention, management, and analysis—all in one platform .
- Analyzing logs automatically to detect malicious behavior directed at in-scope devices .
- Active and passive asset discovery and monitoring .
- Network and host IDs .
- Flexible reporting and dashboard .
- Auditor-ready report templates.
- Role-based access control for customized views.
- Custom report queries and fast searches .
What are the first steps towards an IoT strategy for your organization’s security system ecosystem? Start with an assessment of where you are today and follow that up with a feasibility study. Remember, your ROI has two components—monetary and efficiency. If you’ve uncovered a device vulnerability that requires 10,000 widgets to be updated, imagine the difference between having to do each one individually or having the ability to do a bulk update.
In part 3, we will focus on administration and device mitigation, and provide our takeaways from the whole series.
Administration and Device Mitigation (Part-Ⅲ)
In the third of this three-part series, we focus on administration and device remediation, highlighting security’s role in digital transformation.
The Need to Be Up to Date
It’s no secret that technology evolves at a rapid pace. Unfortunately, hackers do, too. What this means for organizations intent on protecting their facilities, people and data is that they must regularly update to the latest versions of whatever software they are using to keep their network-attached devices from intrusion.
Mitigation is defining proactive steps to defending network-attached physical security applications and platforms from malicious attacks. Devices may include:
- Surveillance cameras
- Access control panels
- Application and database servers
- Application workstations
- Other network-attached devices that support physical security
It is important to engage all affected manufacturers that have products deployed to obtain their best practices as part of the overall effort. Many vulnerabilities may be the result of inconsistent operating system (OS) patching, expired SSL certificates, and dated firmware; most security networks do not have direct access to the internet, so an operational gap may exist that leaves devices and applications without current software and firmware.
How can organizations make sure that does not happen them? It is critical for IT to come up with an updating process, perhaps deploying an update server solely for this issue. When best practices are used, meaning the most current software versions are running, this provides the greatest level of protection against hacks—and if an intrusion does occur, the liability shifts to the software/firmware manufacturer.
The Nuts and Bolts
To ensure there are no vulnerabilities in an organization’s ability to protect itself from cyberattacks, project teams must address each item of the following issues:
- Implementation of new SSL certificates
- OS patched based on manufacturer recommendations
- Migrate OS to a currently supported product
- Firmware upgraded to a currently supported version
- Default passwords updated and removed
- Simplified Network Management Protocol (SNMP) disabled
- Device flagged as the end of life (EOL)
Once the correct firmware and software are updated, new processes should be developed to ensure existing and new hardware/software follow a consistent patching schedule. The only way to have a fighting chance against hackers is to try to stay one step ahead of them; once they determine an organization’s security system is difficult to penetrate, they will likely move on to find one that is easier to pierce.
Throughout this series, we have focused on actions organizations should take to support security’s role in digital transformation. In short:
- Digital transformation is more than a technological change, but is an organizational one.
- Physical security and IT must work together, rather than be siloed, to address threats as a team.
- A robust IoT strategy should include device support, lifecycle management, work order/ticketing, and centralized reporting to streamline security infrastructure maintenance.
- Current IT tools must be leveraged to help organizations achieve better compliance.
- All security software and firmware must be up to date since it will be more challenging for hackers to penetrate current versions.
Our expert team at Atriade has helped countless organizations address security’s role in digital transformation at their facilities. Contact Us if you would like to discuss your situation.
Atriade is a security consulting firm. We provide security system design services for access control, perimeter protection, video and visitor management, and other physical security technologies. We also provide security master planning, program development, risk assessments, professional services, and project management.
Our client portfolio includes Fortune 50 companies, Ivy League universities, and leading technology firms in Silicon Valley.
Visit us online at Atriade.com
Connect with us on LinkedIn
Subscribe to our LinkedIn Newsletter: Take A Risk