Guest post by Gregory Gray
Recently I have been very busy speaking with CxO’s and small business owners alike. The spike in my travel and appointment calendar is due to recent events abroad and at home of acts of terrorism in Quebec and Ontario and network breaches.
The shocking events in Ottawa of a gunman fatally shooting Corporal Nathan Cirillo, a Canadian soldier on ceremonial guard duty at the National War Memorial and then storming Parliament Hill’s Centre Block has raised fear levels among Canadians. In September, earlier this year in the United States, the White House experienced yet another serious security breach after a man scaled the fence and ran through the main floor of the building. The intruder had a knife and more than 800 rounds of ammunition and a shotgun were discovered in his car. A secret service agent eventually apprehended the intruder. Secret Service director Julia Pierson was grilled by Congress and eventually resigned from her position due to a long list of mistakes made that could have been averted. These events clearly show that security breaches do happen anywhere, at any time, in any building, even those with heightened surveillance.
In the private sector, the past year has seen a record in online breaches. The giant retailer, Target had a security breach earlier this year, where 40 million credit cards were stolen. More recently, Home Depot had 56 million cards breached while Morgan Stanley saw the data on 76 million households taken by hackers.
During my meetings, the discussion followed a similar pattern: introductions, explanation of roles and a follow-up question I asked that seemed obvious to me. Why is physical security and network security handled by different people, departments and why do they have separate budgets? After all, shouldn’t the security of physical and virtual assets be part of a single comprehensive solution? Indeed, they should. I am continually amazed how many businesses do not structure their expectations along these lines. In a recent article in the Wall Street Journal, the newspaper confirms my question. They write,
“The biggest mistake that companies or governments make when they have a security breach is not to do a complete remediation across all the organization’s assets–physical, software and human. Followed by establishing an ongoing process to ensure the assets are current and hardened. In other words, complacency is the enemy of action”.
There are number of reasons why Physical Security [surveillance and access control] and Logical Security [network security and access control] should be structured and managed under a single “umbrella”.
I want to focus in on the three biggest reasons.
1. Ease of Management: With both solutions now falling under a single management structure, efficiencies are realized on in several areas as follows.
1a. Supply chain – the rapid transition and convergence of many security solutions into one focused IT network means that innovative integrators can provide a comprehensive and fully integrated security solution. A single source means only one phone call is necessary to resolve issues and avoid the headache of finger pointing and ‘blame the other department’. It also allows for procurement processes to take advantage of economies of scale.
A recent industry survey revealed that 68% of enterprise businesses and a surprisingly high percentage — 85% of small business owners — use separate providers for the configuration, implementation and in some cases maintenance of their Physical and Network Security solutions. Both systems either share the network and or share technological similarities.
2. Tighter Integration: Leveraging the skill sets and experience of a single integrator allows for a more cohesion and tighter integration. This in turn reduces downstream issues due to network conflicts between technologies and skills, used to deploy a solution. It also focuses knowledge and experience of your particular infrastructure.
3. Future Proofing: Using a single integrator as your trusted technology advisor also provides future proofing in that security is usually not the only solution in their portfolio. Many integrators have chosen to drive value by providing a suite of ‘convergent” solutions that reside on the IT infrastructure. Examples include Digital Signage, Unified Communications, Mobility and Cloud to name just a few.
Many of the CxO’s and small business owners, whom I have met, are in the process of changing their procurement processes to leverage these benefits. In fact, single sourcing or the dramatic rationalization of the procurement/ supply chain process is one of the biggest trends in business today. It helps to get ready for this. Consider asking IT support and managed services companies like Manawa how they can help you win in today’s dynamic and converging technology world. One thing is certain: Physical and Logical Security as we saw in recent private and public sector breaches has never been more important for small and large organizations.
Gregory Gray is the Category Development Manager (Physical Security & Access Control) for Synnex Canada.