Bill Gorski, president of the Security Industry Association and senior director of business development for Siemens Building Technologies, notes that more and more organizations are integrating (or considering integrating) their security systems with their information technology systems. He discussed this issue with SDM recently.
SDM: You have noted that youâ€™ve observed a greater interest on the part of businesses and other organizations in integrating their security and building automation systems with information technology systems, such as human resources. What business and organizational goals are driving this increased interest?GORSKI: The convergence of physical and logical security that weâ€™re seeing is the effect of business driving those two organizations together. A few years ago, it started out with the IT organization saying, â€œWe have networks already run through the business â€“ why canâ€™t we use those to effect physical security?â€ At that time, IT in the security sales world would have been called a â€œtechnical influencer.â€
Now weâ€™re seeing organizations with chief information security officers who are equivalent to the chief information officer, and sometimes theyâ€™re the same person. The thinking within corporations is to join all types of security together and make them work together. So, for example, when you say the word â€œaccess control,â€ it applies across the whole gamut.
Sometimes integrated access management is required by the government. And some companies see it as a way to increase productivity because they donâ€™t need so many people to administer the system. They also have better data quality because they donâ€™t end up with inconsistent user information spread over numerous systems. And sometimes they can link systems together so they can see information in one place instead of going through two systems. Being able to have access to the information you need when you need it is a fantastic benefit.
All the business drivers will either generate cost savings or cost avoidance.
SDM: What are the most popular applications involving the integration of IT with either security or building automation?GORSKI: Itâ€™s really about what makes sense for both customers and systems â€“ for instance, an access control with a human resources type of application. The required data for the HR system would be virtually the same as what would be needed in a physical access control system. The goal is to have only one database to enter for physical access that would also control logical security access defined in terms of access to financial systems, for example.
It makes for one card and one log-in, and provides one-button cancellation of a person if they decide to leave or are dismissed. You can also enter people into groups and can take an entire group and disallow access to one area and allow access to another. In a teaching hospital, for example, 100 students could all be put in one group.
SDM: What are the biggest challenges in integrating physical and logical security?GORSKI: The biggest challenge is a lack of standardization. Getting physical systems such as factory process control, access control, and fire query and reporting systems to be able to talk to IT back-office applications is a challenge. Thatâ€™s some of the work that the Open System Exchange is trying to do, and SIA will be working with them more closely to get that bridge built, at least on the security side.
The systems integrator has to play the role of making a bridge between the IT folks from a company, or the companyâ€™s IT subcontractor, and the physical system supplier to arrange for an exchange of information via some gateway or protocol.
Right now the process is clumsy, because you have to go through a special development, but later it wonâ€™t be so clumsy. Later, when you can say you conform to a certain standard, people in the IT world will look at you as something they can just plug in.