by Ray Bernard PSP, CHS-III
These days I am always scouting around for educational sessions about the status of security and technology, cyber security, cloud services, and the future of security risk management.
Q: We have cameras going offline due to network glitches. The only thing we can do is create tickets in IT’s system, but for the last few months they are simply ignored. What do you suggest we do next?
A: Based on experience with this type of situation, I’d say that you and your boss will need to collaboration on an approach to resolve the problem.
This kind of situation can happen even if there is an SLA in place that defines the level of service IT will provide. If that’s the case, they it most likely will take director or VP level advocacy to resolve this from a strategic perspective. In my experience, this happens most often with network segments that are part of a Security LAN, and don’t carry any business-related traffic. In that situation there will be no pressure from the business side to address the network issues.
Before initiating or requesting action by someone above you, there is preparatory work to be done, which typically includes the steps described below.
Fully document the technical problems. How frequently and how long are the cameras offline? How do you know that the problems are network related? What is the basis for that claim? If it is a repeating problem, and you have previous completed service tickets that document the problem as being network related, then you may not need any other documentation besides a document containing the service ticket information and a list of the affected cameras. However, if it is a repeating problem then it’s root cause has not been found, or has been ignored. Multiple tickets for the same problem are proof of that, and the documentation should include that conclusion.
Summarize the security risks involved. What scenarios could occur in which live video and video recordings would be critically important? Why are the cameras watching what they are watching in the first place?
Consider the overall problem. The fact that service tickets are not being responded to as expected must also be addressed. If there an SLA in place that is not being lived up to, then IT has an explicit reason to rectify the situation. If there is no SLA or other documented agreement on the level of service to be provided, then that will have to be established. Usually there are IT policies and procedures in place that already dictate how IT should engage with other business units and functional areas. Get up to speed on that so you don’t suggest anything contrary to policy or current practice.
Document the previous good support from IT. If you have received good support from IT, whether on-demand or project-based or both, be sure to describe and acknowledge the previously good level of support. It’s better to talk from a “We miss IT!” perspective than to take an accusative attitude.
Be prepared for the possibility that IT is overwhelmed with business-critical matters. There are a number of situations that can result in IT being unable or unwilling to support a security-only network at the current time. Be prepared with one or more alternative solutions for the short term. For example, could an outside network service provided be tasked with troubleshooting and correcting the problem? Find out what that might cost (high/low estimate). Previous service ticket information, and information about that portion of the networking equipment could help keep the estimate realistic. Find out if IT already has a network services provider that they use now or have used in the past. Determine what financial resources could be available. Is the security systems integrator technically qualified to troubleshoot the problem?
This preparatory work will enable a higher-level manager or executive to take up your cause and advocate on your behalf.
Establish a Strategic Relationship
One reason that Security departments get blindsided by this type of situation is that they don’t have ongoing high-level communication with IT. It is common to have most of the Security/IT be project-based and technology-focused. Once the project for a new security deployment or a significant upgrade is done, Security personnel go on about their normal business, and the IT folks get back to their normal IT roles and responsibilities.
There are many points on which Security and IT should be collaborating. See my article titled, The State of Converged Security Operations. That will provide you and your advocate a good perspective to have a short discussion with IT around future collaboration. High-level discussions are important. Does IT have a technology roadmap that Security should be aligning with? What are IT plans for the future around Identity Management? Cyber security for electronic physical security system is another future discussion topic. Also see my column about Physical Security for IT.
A good strategic relationship will keep Security casually informed about what’s going with IT, and also keep Security from being in the dark about IT situations that could impact Security.
Write to Ray about this column at ConvergenceQA@go-rbcs.com. Ray Bernard, PSP, CHS-III is the principal consultant for Ray Bernard Consulting Services (RBCS), a firm that provides security consulting services for public and private facilities. For more information about Ray Bernard and RBCS go to www.go-rbcs.com or call 949-831-6788. Mr. Bernard is also a member of the Content Expert Faculty of the Security Executive Council (www.SecurityExecutiveCouncil.com). Follow Ray on Twitter: @RayBernardRBCS
© 2016 Ray Bernard