How Cloud Access Solutions Can Help Solve Cyber Compliance Issues
In today’s enterprise business climate, physical security needs are of course as important as ever. But equally critical are the needs for compliance with increasingly stringent laws and regulations, many of which security systems can help with. For example, physical access control systems can track and count which people are in a specific area, what their access privileges are, and much more. This is of growing concern as the convergence of physical and cyber security becomes the norm for enterprises.
“Corporate governance, risk management and compliance with policies and regulations are in sharp focus for most organizations,” says John Szczygiel, executive vice president and COO for Brivo, Bethesda, Md. “In the context of physical security, compliance failures can result in data breaches, exposure to financial losses, denials of service, and even bodily injury to employees and visitors.
“The solutions that integrators provide are an essential part of an enterprise client’s risk-management plan. Accordingly, integrators must ensure that the technologies, people and processes they use to support enterprise clients measure up to the expectations of their customers.”
According to Szczygiel, Security-as-a-Service (SaaS) models that operate in the cloud are particularly suited to cyber-compliance needs. “Brivo’s SaaS delivery model supports continuous change by providing capabilities that can be rapidly deployed and retracted based on the needs of the enterprise customer. Our capability to release new features remotely without downtime allows integrators to keep their enterprise customers up-to-date without expensive fieldwork.”
What’s more, he says, the SaaS architecture itself simplifies enforcement of policies and audits for compliance by providing centralized capabilities to establish standards, along with the tools to track and report on compliance. “Brivo is able to provide evidence of our internal controls certified by independent auditors, thus eliminating the need for a subscriber or integrator to incur these costs,” he says.
It also helps the integrator with their own cyber-compliance issues.
“Enterprise customers are obligated to conduct detailed evaluations of the cyber security capabilities of the products and companies they use,” Szczygiel explains. “Physical security systems and the integration firms that install them are no exception. Integrators must be prepared to describe the measures they take to secure customer data and how the systems they deploy manage the myriad cyber risks we face today.”
In addition to the benefits offered on the compliance side, SaaS architecture also benefits the integrator with RMR-based income, and can also be helpful with the new ways of working and utilizing security technology.
“The mega-trends of remote working and increased globalization mean that enterprise customers have dramatically more complicated employee security environments,” Szczygiel says. “The movement of workers is fluid and inconsistent, requiring workspace design and security solutions to adapt to these growing trends.”
Security integrators should understand these changes, both in the technology options to secure these customers, as well as what they are interested in doing with them, he concludes.
“Savvy CIO/CISOs are building lithe organizations with systems and infrastructure capable of responding to threats and capitalizing on opportunities with amazing speed. Integrators are challenged to keep up with this pace by bringing a continuous stream of new ideas and capabilities to help enterprise customers respond effectively to these pressures.”