Identifying and Mitigating ThreatsUnfortunately, integrators are far too often engaged in the logical protection of an organization’s security systems after a breach has occurred. We must work with our customers to shift the focus from responding to crises to identifying and mitigating threats.
Applications such as access control and video, which were once stand-alone, are now part of complex, IP-based networks that connect devices such as cameras, access readers and intercoms. IP allows us to extend these systems beyond the physical boundaries of the facility. However, end users often don’t consider the steps they need to take to secure the new endpoint. Left unprotected, an IP intercom or reader could be easily removed from an unsecured external area, exposing full unauthorized access to an organization’s entire security network.
New vulnerabilities also exist at the front line. Let’s say an end user has a security workstation installed “as is,” right out of the box. The operating system isn’t secured and access permissions aren’t defined. The guards that commonly use these workstations can log in and out using default passwords or passwords that are shared by multiple users across an entire shift. As a result, guards may have unfettered access to security systems and limited accountability relative to how they’re using the workstation. In this scenario, what’s to stop a guard from accessing video, downloading clips and sharing them with the world via YouTube? And what’s to keep that same guard from downloading those clips to an unauthorized external device at the same time, infecting the workstation with a virus? If a workstation is left unprotected, this scenario could become a dangerous reality.
These are but two examples of the vulnerabilities that exist in physical and electronic security systems. There are countless other potential gaps and many important questions to ask. For example, what is an organization doing to protect all points of its security system â€” even those that extend beyond the physical facility? Do employees have access to all areas of the security applications or only those necessary for their specific job function? Are network passwords changed regularly? Do former employees, including security personnel and service technicians, still have valid passwords for secure systems?
Closing GapsMany of the logical gaps that exist in today’s security systems can be closed through collaboration between the integrator and the end user’s security and IT departments.
For example, Windows patching and antivirus measures are critical to any network. But oftentimes, the importance of these measures for security systems is overlooked because the systems are placed on “closed” or dedicated networks. Working together with an organization’s IT department, such gaps can be identified and addressed as part of enterprise-wide logical security activities.
Another way to close the logical security gap is to effectively monitor and control security system access points. Security workstations are often excluded from typical security measures. By extending such measures â€” securing the operating system, limiting the system to operate only core tasks, requiring individualized login to the PC, defining access permissions for users â€” end users can protect their security systems and help mitigate day-to-day threats.