What would a future-ready security technology strategy do for you?
Done right, a new and future-ready security technology strategy can:
- Give you one or more new ways to easily fund next generation security technology
- Reduce your operations costs while improving the quality of contracted security officers
- Let you adopt video analytics that provide information helpful to business operations (if you are in retail you may already be doing this)
- Allow you to securely share video relevant to facilities, real estate, operations and emergency first responders
- Improve life safety emergency response capabilities with new-generation communications and notifications capabilities
- Make cloud-based real-time risk analysis systems useful to you
- Improve your detection and situational awareness capabilities through IoT-based solutions
Your Situation Will Be Unique
Every company’s situation is different, and every security department is different, but the purpose for developing a future-ready security technology strategy is the same:
Develop a risk-based technology strategy that aligns with all appropriate IT and facilities technology initiatives, business initiatives, objectives, mandates and directions, and which optimizes security operations and maximizes technology funding opportunities.
That’s a mouthful and a pretty wide scope, but it is a powerful element that many security departments are missing.
You start with stakeholder buy-in on a strategy for corporate security technology investments. You end up with approved strategic objectives that make getting project support and funding much easier and faster.
Let me share some example case study outcomes of developing such a strategy.
Note that these two case studies provide insight for just a small portion of the scopes and outcomes possible through an appropriate future-ready security technology strategy. There were other technology strategic plan objectives implemented in addition to those described below.
Special Note About LED Lighting Funding
Today (in 2019), many organizations are considering upgrades to LED-based smart ceiling lighting. Smart ceiling lighting can have lower installation costs than the previous generation of LED lighting, because it is uses Power over Ethernet (PoE) via network cables, rather than traditional 120-volt electrical power requiring conduit and electrical cable. The new generation of smart lighting fixtures contain Internet of Things (IoT) sensors, which can integrate via the network to building controls systems, optimizing temperature and lighting levels based upon occupancy and amount of sunlight in each individual room or building area.
New network switches from Cisco incorporate Universal Power over Ethernet (UPOE), which provides up to 60 watts of power, but also maintains that PoE power even while a switch is rebooted, such as for a software upgrade. UPOE-powered lighting can also be maintained during a power outage via UPS-powered network switches. Lighting can also be automatically switched off in areas that occupancy sensors show are empty.
Networked video cameras can also be powered by the same UPOE, keeping video operational during power outages.
Other safety and security features are available via smart lighting, such as two-way communication with area occupants, and strobing hallway lighting in the direction where building evacuees should exit building areas.
Given the integrated functionality of IoT sensors, LED lighting and electronic signage—significant safety and security capabilities can be achieved by integrating security technology improvements with smart lighting initiatives, all of which can be funded by the high ROI of a “smart ceiling project”.
Situation: In a company with 10,000 employees:
- Physical security technology planning and design was not synchronized with IT policies, procedures and standards such as those regarding product lifecycle management and critical systems continuity.
- Manual procedures for personnel termination notification and access privilege cancellation exceeded the mandated time frame for cancellation of access to company systems for terminated personnel.
- Redundant network paths were not being utilized for physical access control systems or network video. Redundant network paths were established to support corporate the corporate VOIP phone system ; Security was not made aware of them.
- In violation of corporate policy regarding critical systems, access control system servers were located in non-temperature controlled rooms using under-powered server computers, and not all had battery backup, File corruption and other problems occurred on power outages. Some computers had uninterruptible power supplies (UPSs), but the UPSs were not configured correctly (no IT involvement) and when the battery ran out, the computer was powered off with no orderly shutdown taking place; file corruption and other problems resulted.
- When the corporate business mandate was issued to automate manual business processes, Security was left out of the initiative.
- Security was also excluded from the upcoming BYOD initiative.
One technology strategic plan objective: Align the deployment and management of physical security technology with IT’s technology deployment practices for critical business systems and all corporate mandates applicable to information systems.
Result: A plan was developed for IT to provide specific support services, defined in a Service Level Agreement:
- All access control servers were moved into data centers on virtualized servers, which included the establishment of redundant automatic backup servers.
- Use of redundant network paths was established so an outage of a single network segment would not cause the server to lose communications with the access control equipment.
- The access control system was integrated with several business systems including the HR personnel system, and the cancellation of access for terminated personnel was accomplished automatically, and in an auditable manner (another business mandate), eliminating the manual process.
- Cybersecurity for the access control system servers was established according to IT standards; the servers were placed under IT systems management.
- This upgrade was funded by IT, as an incremental cost to the data center virtualization initiative.
Future-readiness: The future-ready aspects of this strategic objective include:
- As part of the overall IT systems management plan, the virtualized servers will be maintained, and the access software would refreshed, at scheduled intervals.
- The IT roadmap includes the upcoming adoption of an Identity Management System (IDMS). Thus the migration of the access control system integration from the HR system to the IDMS will be automatically handled and funded by IT as part of the IDMS initiative.
- Cybersecurity will now be automatically kept threat-current by IT.
- The upcoming BYOD initiative for tablet computers now includes the cyber-secure deployment of tablets for mobile security personnel (for video, emergency notifications and emergency response), with funding pre-approved per the corporate mandate. This is being implemented now.
- Smartphone based physical access control is included in Security’s technology roadmap, for the new headquarters expansion that breaks ground next year.
Situation: Strategy development triggered by turn-down of proposed safety & security lighting and video project.
- Portions of the lighting at one company’s more than 25-year-old headquarters facility were not up to desired levels of safety and security
- The high energy cost of much of the existing lighting was no longer acceptable given modern lighting alternatives. Additional traditional lighting was not approved due to the initial and ongoing costs involved.
- Security considered upgrading the outdoor video cameras to low-light network cameras – but that would not improve visibility for their people or for security.
One technology strategic plan objective: Align the deployment and management of networked security technology with other corporate initiatives by IT and other business functions.
- Discovery: Facilities had been considering a significant LED lighting initiative to achieve a 60% or better reduction in energy use.
- Security collaborated with Facilities with regard to safety and security lighting objectives, and the ideal locations for emergency video intercom stations and network video cameras.
- Parking lot LED lighting fixtures were found that contained provisions for wired network switches and wireless network access points.
- These fixtures enabled personnel to use their mobile devices with a WiFi-based personal safety application whereby personnel to request live video monitoring in the parking areas (“please watch me”).
- This aligned with a desire by IT to provide requested WiFi coverage in the parking areas, so that personnel could eat lunch in their vehicles but still have WiFi access like inside the buildings.
- The two-year ROI on the LED lighting project was extended to just under 3 years, to incorporate the network expansion and new security technology capabilities.
- The security upgrades included:
- Improvements to the security monitoring center for enhanced two-way communications and real-time interactive safety & security response capabilities
- Moving video storage into the HQ data center to accommodate high-resolution cameras and an increased camera count.
- Video license plate recognition (LPR) capabilities, part of the workplace violence prevention, to identify vehicles not authorized to be on the facility grounds.
- Other video analytics detect and track people moving away from their vehicles in the wrong direction (i.e. going deeper into parking lot and structure areas rather than moving towards the facility’s walkways and buildings.
- This program funded the security improvements, aligning them with with IT’s mobile initiative and facilities energy use reduction initiative.
Future-readiness: The future-ready aspects of this strategic objective include:
- Security is partnered with Facilities for incorporating safety & security improvements at any locations where energy use reduction will be considered
- Security is partnered with IT wherever network improvements are being considered.
- High-capacity advanced analytics servers will allow the future use of other advanced analytics as they become available, such as for people and vehicle counting, identification of abandoned vehicles within the parking lots and structures, monitoring snow accumulation and progress of snow removal, and so on.