When Worlds Collide The Convergence of Physical and Logical Security White Paper



Similar documents
AD Management Survey: Reveals Security as Key Challenge

Securing Critical Information Assets: A Business Case for Managed Security Services

Managing the Unpredictable Human Element of Cybersecurity

Utility of the Future Virtual Event Series Monthly Virtual Studio Event Series for Utilities

Certified Identity and Access Manager (CIAM) Overview & Curriculum

Cyberprivacy and Cybersecurity for Health Data

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

Solving the Security Puzzle

SOLUTION BRIEF SEPTEMBER Healthcare Security Solutions: Protecting your Organization, Patients, and Information

National Cyber Security Policy -2013

The Path Ahead for Security Leaders

Incident Management & Communications. Top 8 Focus Areas to Mitigate Risk

The Benefits of an Integrated Approach to Security in the Cloud

ATA DRIVEN GLOBAL VISION CLOUD PLATFORM STRATEG N POWERFUL RELEVANT PERFORMANCE SOLUTION CLO IRTUAL BIG DATA SOLUTION ROI FLEXIBLE DATA DRIVEN V

Statement for the Record. Martin Casado, Senior Vice President. Networking and Security Business Unit. VMware, Inc. Before the

Building a Roadmap to Robust Identity and Access Management

Cyber Governance Preparing for the Inevitable Perimeter Breach

SYMANTEC MANAGED SECURITY SERVICES. Superior information security delivered with exceptional value.

Application Security in the Software Development Lifecycle

SECURITY CONSIDERATIONS FOR LAW FIRMS

The Business Case for Enterprise Content Management. A Collection of Enterprise Content Management (ECM) and Document Management Research Data

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

W H I T E P A P E R. Security & Defense Solutions Intelligent Convergence with EdgeFrontier

Water Critical Infrastructure and Key Resources Sector-Specific Plan as input to the National Infrastructure Protection Plan Executive Summary

Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions

Identity and Access Management Integration with PowerBroker. Providing Complete Visibility and Auditing of Identities

How To Create An Insight Analysis For Cyber Security

Preemptive security solutions for healthcare

An Oracle White Paper January Access Certification: Addressing & Building on a Critical Security Control

Reining in the Effects of Uncontrolled Change

ALERT LOGIC FOR HIPAA COMPLIANCE

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

A NEW APPROACH TO CYBER SECURITY

Seven Steps To A Superior Physical Identity and Access Management Solution. Enterprise-Class Physical Identity and Access Management Software

PROTECT, CONTROL, and MONITOR the security of your facility in real-time.

CYBER SECURITY GUIDANCE

Convergence of Desktop Security and Management: System Center 2012 Endpoint Protection and System Center 2012 Configuration Manager

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

Interagency Statement on Pandemic Planning

The Eight Dimensions of Customer Experience for Financial Services

Finance/Banking Security Solutions YOUR PARTNER OF CHOICE. Global Solutions For A Global Economy

NEW PERSPECTIVES. Professional Fee Coding Audit: The Basics. Learn how to do these invaluable audits page 16

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape

FREQUENTLY ASKED QUESTIONS

Security Solutions in the Aerospace/Defense Industry A Pinkerton Government Services White Paper

Establishing A Secure & Resilient Water Sector. Overview. Legislative Drivers

Avoiding the Top 5 Vulnerability Management Mistakes

Network & Information Security Policy

Chairman Johnson, Ranking Member Carper, and Members of the committee:

WHITE PAPER: STRATEGIC IMPACT PILLARS FOR OPTIMIZING BUSINESS PROCESS MANAGEMENT IN GOVERNMENT

Intelligent Security Design, Development and Acquisition

Best Practices in ICS Security for System Operators. A Wurldtech White Paper

6 Critical Impact Factors of Health Reform on Revenue Cycle Management

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Five Ways to Use Security Intelligence to Pass Your HIPAA Audit

The problem with privileged users: What you don t know can hurt you

Industrial Security Solutions

Thought Leadership White Paper Strategies for Effective Job Scheduler Consolidation

Corralling Data for Business Insights. The difference data relationship management can make. Part of the Rolta Managed Services Series

How To Manage Log Management

The Business Case for Enterprise Content Management. A Collection of Enterprise Content Management (ECM) and Document Management Research Data

State of Security Survey GLOBAL FINDINGS

6 Critical Impact Factors of Health Reform on Revenue Cycle Management

Cyber and Operational Solutions for a Connected Industrial Era

Bridging the Great Divide. The Convergence of Physical and Logical Security

658 Cedar Street Saint Paul, MN

Security and Availability: A Holistic Solution to a Critical Problem

Industry models for insurance. The IBM Insurance Application Architecture: A blueprint for success

Telecom Expense Management

The Importance of Data Quality for Intelligent Data Analytics:

Stay ahead of insiderthreats with predictive,intelligent security

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

Seamless Mobile Security for Network Operators. Build a secure foundation for winning new wireless services revenue.

TAC I/A Series Continuum Security Solutions Redefining Security for the Modern Facility

Increasing business values with efficient Software Configuration Management

White Paper. April Security Considerations for Utilities Utilities Tap Into the Power of SecureWorks

A Small Business Approach to Big Business Cyber Security. Brent Bettis, CISSP 23 September, 2014

VENDOR MANAGEMENT. General Overview

Cisco Advanced Services for Network Security

Breaking Down the Silos: A 21st Century Approach to Information Governance. May 2015

Transcription:

When Worlds Collide The Convergence of Physical and Logical Security White Paper www.honeywellintegrated.com

Table of Contents Two Worlds, One Mission...3 Laying a Converged Foundation...3 HSPD-12: The Birth of Convergence...4 If It's Good Enough for Uncle Sam...4 So You're Making the Move to Converge...Now What?...5 A Worldwide Call to Action...6 Going Forward...6 About the Authors...6 When Worlds Collide 2

Although traditionally separate entities, physical and logical security departments in the government sector are successfully joining forces to provide organizations with the maximum amount of protection. Is your organization ready to take advantage of convergence by integrating disparate security efforts? Two Worlds, One Mission All enterprises commission their physical and logical security professionals with the same mission securing critical assets. Whether to ensure only authorized personnel can access a building or a network, both ends of the security spectrum are focusing their efforts on letting in the right people. Ultimately, these two departments work toward the same goal, but approach it from different perspectives. With different approaches to security, why are physical and IT security professionals now working to integrate their systems? To answer this, let's consider the origins of security convergence. Traditionally, physical and IT security departments have been kept separate, but as risks continue to increase, federal regulations have made convergence a top priority for the federal sector. Now, as federal agencies achieve success with mitigating security risks, commercial organizations are beginning to mirror this convergence initiative. Laying a Converged Foundation Converging the efforts of physical and logical security departments allows an organization to significantly lessen security risks while also saving time and money. Once integrated, these two departments collaborate to ensure physical access to buildings is linked closely with logical access to computers and network resources. Similarly, actions to revoke an employee's physical access can be used to trigger automated network deprovisioning on the logical side ensuring both departments are consistently on the same page when it comes to enterprise security. To reap the full benefits of a converged security system, your enterprise must start with a solid identity management solution that is integrated with a physical access control platform, allowing you to closely tie physical and logical security initiatives together. The identity solution manages all user identities and protects information resources and business systems from unauthorized access, while the access control platform manages all physical access control, alarm monitoring and badging systems. With this integration, enterprises obtain an identityenabled infrastructure to automate the management of roles and secure access to information and facilities. Once this foundation is laid, automated user provisioning is critical to control user access across disparate systems while also gaining a holistic view of access occurrences. Convergence allows an organization to create a single unified security policy across the entire organization, removing the security silos of the past. Convergence also reduces cost and increases productivity by simplifying When Worlds Collide 3

the process of manually managing identity information across several systems. Now, user data can be automatically synchronized across multiple facilities and systems, allowing security personnel to maintain a single point of management for all users, update role changes and terminate user access. The end result is tighter security controls across all organizational systems. Considering the benefits convergence provides, why isn't it being widely adopted? Like any business model shift, a main driver is necessary to get the ball rolling. As such, the catalyst for convergence started in the federal sector in the form of a regulation called HSPD-12. HSPD-12: The Birth of Convergence Convergence is not a topic that was common or even considered for enterprises as recently as five years ago. Following the tragic events of September 11, government agencies experienced a call to action to significantly increase security efforts. The perpetual threat of terrorist attacks, combined with increasing occurrences of identity theft and unauthorized access to federal buildings and information systems, drove President Bush to sign Homeland Security Presidential Directive 12 (HSPD-12), a federal regulation mandating that all federal agencies implement a personal identification verification system. This act caused the federal government to embark on the largest convergence project in history. With a deadline of October 2008, HSPD-12 has motivated government agencies to be proactive in converging physical and logical initiatives. This regulation will not only allow government agencies to greatly increase their security standing, but will also save significant amounts of time and money. Fundamentally, by having the same ultimate goal to protect assets, both the physical and logical security departments encounter overlap as they perform their respective jobs. If It's Good Enough for Uncle Sam... With all the buzz around HSPD-12, it may seem as though the convergence trend is solely geared towards the federal sector. However, as government agencies achieve success by converging security efforts, the trend is spreading to the commercial sector and gaining momentum in several high-security industries, such as healthcare and financial services. Forrester Research has projected a tenfold increase in U.S. spending on merging physical and logical access control, across both the public and private sectors, from $691 million in 2005 to more than $7 billion in 2008. From the commercial perspective, insider threats continue to plague organizations, as many don't effectively monitor what each employee can access in terms of the physical building and the network. By converging security initiatives, each employee is provisioned to only access authorized enterprise assets, eliminating the risk insiders (whether malicious or ignorant) can pose. When Worlds Collide 4

As the mobile workforce increases, remote workers inevitably bring new security issues to light. With identity management, organizations use roles and access rights to block remote users from inappropriate systems when outside the firewall. Securing remote access is also crucial when deprovisioning terminated employees. If an employee is denied building access on his last day of work but can still access the network remotely for days or even weeks later, there is a window for disaster. By controlling who can enter a specific room or computer application, the potential for damaging security breaches is decreased considerably. Convergence is also important as organizations enter into mergers and acquisitions, or experience increased personnel growth. These transitions can be quite an undertaking, as thousands of users need to be provisioned to access the correct resources in a timely manner. Without this integration, enterprises have to manually provision and deprovision user access to all enterprise assets costing organizations a significant amount of time and money, and leaving gaps in enterprise security. It is the nature of business to constantly evolve and grow in complexity. Each day, organizations are faced with new challenges and opportunities allowing them to advance their operations. In order to effectively leverage each opportunity, organizations must ensure their security practices are rock solid. Converging enterprise security initiatives is the necessary step to prepare your organization for continued growth and success. So You're Making the Move to Converge...Now What? The case has been made for making the move to converge physical and logical security initiatives, but where exactly does one begin? The following list suggests tips and tricks to consult before integrating these two efforts. Do ensure the solution includes an identity management component that is integrated into an access control platform. With this foundation, you can be confident that access to both physical and logical assets is linked back to the user identity confirming only authorized users gain access. Don't strive to merge the two departments entirely. Forcing these disciplines into one security bucket will only cause chaos. Each department should maintain its role in the organization; however, structured collaboration is the key to success. Do make automatic provisioning/deprovisioning a priority. This feature is critical, as it relieves organizations of the tedious, manual task of provisioning saving precious time and money. It also increases employee productivity, protects from the insider threat and immediately denies access to all former employees. When Worlds Collide 5

Don't let fear or unfamiliarity hold you back. Research various solutions, best practices and approaches to determine what specific technology is the best fit for your organization. Convergence is the future of security, so it is imperative to understand the topic and how it can help your organization succeed. A Worldwide Call to Action Considering the various facets of security threats (terrorism, identity theft, data breaches, insider threats, etc.) one side of the security spectrum simply cannot protect an organization to its greatest potential. Integration provides a holistic view of access occurrences across the entire organization keeping a vigilant eye to ensure only the right people gain access to the enterprise, from the front door to the keyboard. In addition to enhanced security, automatic provisioning/deprovisioning allows organizations to save significant amounts of time and money, as manual processes waste valuable resources. An initiative that began with our nation's most secure networks and facilities, convergence is inevitably the future for enterprise security and continues to gain traction in the commercial sector. As businesses grow in size and complexity, security measures feel the brunt of these growing pains all too often. With a converged security model, efforts are combined to ensure organizations achieve a comprehensive view of all access occurrences, providing the highest level of security while saving valuable time and money. Going Forward Over the coming months, Honeywell will introduce several technologies that will allow your organization to take advantage of the convergence between IT and physical security. Given all of the benefits of a converged system productivity from common protocols, increased security of physical assets and data, and improved ROI on IT and security infrastructure investments Honeywell is positioned to be your partner of choice for converged solutions. For more information, visit www.honeywellintegrated.com. About the Authors Ivan Hurtt is the primary product marketing manager for Novell's Identity & Access Management products. Prior to this role, Mr. Hurtt served as the product manager for Novell's flagship directory services product, Novell edirectory. A member of the United States National Guard, Mr. Hurtt served in Afghanistan. Peter Fehl has been with Honeywell for the last four years and has held several positions within the $10B Automation & Control Solutions business. He currently works in the Honeywell Security business leading marketing initiatives and driving business development and strategic direction for the Integrated Security segment. Prior to this role, Mr. Fehl led the mergers and acquisitions group for the Honeywell Process Solutions business. When Worlds Collide 6