A Logical Security Convergence Starting Point: The Data Center
Physical logical security convergence has garnered increased attention over the past year, and we've had countless conversations with both IT departments and physical security teams about the people, process and technology issues that come with the territory. Integrating teams and policy, not just the technology, needs to be well thought out. Increasingly, the path of our conversations with prospects and customers interested in converging physical and logical access focuses on where to start that type of project. Though very interested in the promise of converged access, like any technology, people want to wade into the waters to make sure that it works as advertised technically, is easy to adopt for users, the kinks are hammered out in reporting and there is a clear understanding of the ownership of the integrated environment.
Security Magazine's Bill Zalud just moderated an interesting Webinar on the topic of converged physical-logical solutions with folks from Convergint Technologies, Tyco International, M.C. Peterson & Associates and the Open Security Exchange - check it out here. The topic of project ownership and budget, and inter-departmental communication were identified as primary hurdles to moving forward with a convergence effort. Let's be honest, the physical and IT groups within most organizations often don't communicate as much as one might think.
However, there is a strategic bridge for these two groups -- the data center. IT owns the servers; physical security is responsible for locking down the room. In most cases, the server room/data center is of tremendous importance in today's business and there is a smaller authorized employee base to manage/monitor, so both groups can certainly agree on the need to lock it down and ensure only authorized personnel have access. Finger-pointing and avoidance both get thrown out the door when the company's crown jewels (secret formulas, customer lists, financial reports - which are all stored electronically) are on the line.
The data center as a starting point can help physical and IT groups bridge the gap and start walking the walk, instead of talking the talk. The stakes are too high not to collaborate. In addition, leveraging existing investments tied to the data center makes it an easier transition - two-factor authentication can leverage physical security assets and infrastructure such as card readers. This inserts IT into the process immediately and helps ‘force' collaboration amongst the disparate teams for the common good.
The annual ASIS event is coming up in September (swing by booth #4024 if you're there!), and the topic of physical logical access convergence will be a hot topic once again this year. Come by Imprivata's booth and let's talk shop - I'd love to hear your thoughts on the data center as a physical-logical starting point... whether here on the blog, or at ASIS in September!
-Chip