According to recent survey results about
business risk mitigation, CIOs view Information Security and Business
Continuity as key priorities, with improved IT Functions and overall expense
reduction falling only slightly further down on that list. What complicates the
issue is that all of these priorities for CIOs are interrelated. So, how do we
begin to make things uncomplicated? We simplify the use and effectiveness of
technology for users at the lowest level of operations, first.
Simplified security automation helps to
extend and distribute responsibilities among the entire team. Evolving
technologies such as Wireless, Zigbee and 4G, apart from traditional TCP/IP, enables
connectivity between field devices and application software, along with choices
of smart controlling and operating options like smart phones and tabs, making
security automations more effective and more exciting than ever.
Below are 3 steps that may significantly
simplify the usages of technology, specifically electronic security automation
to increase the effectiveness of IT function among users, along with overall
lifecycle cost reduction for the organisation.
1. Unification of Security Access Systems
In a fast growing organisation, security
solutions, like those with access control systems for a new facility or
project, are decided by project teams with project managers, consultants and
PMC’s. No wonder that for them, project delivery capability of vendor and
project budgets always have greater importance over the right product
selection, especially when a CIO’s vision for product selection with overall
objectives are missing. By the time the need for a standard is realised and implemented, it’s
already too late and CIO’s or IT teams are left with the challenges of dealing
with separate islands (facilities) using different technologies for cards,
readers, controls, and software.
Either due to reinforcing vision or upgrading
technology, unification for security automation is being exercised by most
growing organisations in India, or even by MNC’s in each business sector, be them
large organisations like Wipro, iGate, Airtel, Crisil, HDFC, Tata Power,
Financial Technologies or mid-sized implementations like Bangalore Airport,
Delhi Metro or ZS Associates.
Solus has been closely connected in the
design and implementation of these unification projects for some very large
customers. Here are some experience excerpts from all those organisations
planning to unify their enterprise security systems at multiple locations in
isolation to a one unified solution.
When we are exercising unification, the, steps
should be in the order of Software >
Controllers > Readers > Cards. Often, organisations jump to take up
less relevant hardware, like cards and reader replacement first, simply because
it’s easier, leaving the unification project until later, which delays many of
the benefits until the full realization of the project.
A well-designed Integrated Security Access
Software, like iSOLUS, can collect data from multiple small purposely-built
software programs implemented at different sites, and can provide meaningful
MIS and alerts as the first step needed for unification. But this limits operations
ability to manage the multiple small software programs, databases, and indirect
control over systems’ controllers; therefore, it’s recommended to replace
application software and system controllers in One go.
Since controllers do support multi-tech
cards, changing readers and then cards will be the final and last step for post
stabilization of software and controller replacement. With unified software and
controllers, the major objective of unification, like common usage practices,
common MIS database are achieved seamlessly. The only challenge left to
overcome is the credential inter-operability access across sites, which is only
important when intra-site travelling of employees is high.
Multi-technology, or combination
technology, readers and cards are the tools for easy migration in the last step
of unification. Here, dual technology readers, those current and those to be
used in the future, are available from most reputable manufacturers like Solus,
and should be used to conveniently replace existing old technology readers.
This approach ensures that there is no disruption for users. Once all readers
are replaced, new technology card reissuance can be initiated. Card reissuance
can be very time consuming and should be done simultaneously with reader
replacements using combicards, which contain both old and new technology,
making reissuance painless and seamless.
When selecting cards & readers, go for
Open Source technologies on ISO Standards like Desfire or Mifare. If you use a proprietary technology controlled
by a card manufacturer, you will most likely pay higher costs without any
significant gain. This is because of the complex nature of changing your cards
and readers during recurring needs.
Unification projects at a live site are far
more different than those at a greenfield project and requires specialization;
hence, experience matters. Data migration from an older system to a new system,
along with a functional audit within a stipulated period (mostly between Friday
to Monday) needs experienced and skilful execution. Small mistakes here can
create an operational mess, hence the need for careful consideration while
selecting a right partner to perform this service.
2. Thoughtful Automations
Information security that also ensures
business continuity is only as strong as the weakest link in the security
implementation chain. Quite often, executors at the ground level, like security
guards, are not trained to be proficient in high end and high budget automation
plans. Unlike the Western world, India has a talented pool of trained security
staff available, and will continue to do so at a reasonable price, often far
less than complex or large size automation implementations; hence, the
automation and use of guards will continue to coexist.
Considering this fact, the objective of
automation should be restructured towards optimum use of both, rather than
replacing one with the other. Small assistance, such as timely intelligent
alerts, along with information about the next steps to be taken on the alert,
can easily turn deployed guards into the strongest wall rather than the weakest
link. Automation can take up routine and mundane activities like surveillance
and regular patrols, freeing up guards for more meaningful work such as dealing
with alerts & suspects. This makes the guard’s job more interesting, and
accountable.
Below are a few automation examples
collected from different users during their experience of managing operations,
which resulted in greater benefits through thoughtful automation.
|
Access Readers with color coding ( Click to Enlarge) |
Access Readers with Color Codes
The Access Control Systems at large
enterprises are designed to automate the process of gaining physical access to
the facility by employees, visitors and others. The system is pre-set with
security sensitivity of different doors, but often it’s known to only the
system software, not to the deployed guards who can really benefit from
prioritizing their attention for such sensitive doors. A reader’s colour coding
concept displaying security sensitivity information of the door, right on the
door itself, may be installed on RFID Readers. This is a simple concept to
implement and does not require complex training, once used uniformly across the
facility. (Courtesy: Solus Labs)
Photo Display System
A Photo Display System is another similar
concept used to verify the identity of cardholders at doors while they gain
access. A display of electronically stored information on an ID card, like
photographs on a common screen, allows a single security guard to take care of
multiple doors in a zone and sense any untoward activity proactively. This
hybrid use of electronic security, along with human intelligence, has proven
very effective on operations and cost. (Courtesy: iGATE Computer Systems Ltd.)
Random Check in a Campus Scenario
Random Check in a campus scenario is a very
useful tool for security guards to control intruders on a company’s campus. The
guards can instantly verify the validity of an access card off of any suspect
on the Random check readers installed across the open campus. (Courtesy: Wipro
Technologies)
Linking Employee's Attendance, with Access Control
By Linking Employee attendance with access
control, this ensures that unless the employees punch in their attendance in
the connected Biometric readers, they can't gain access at any facility doors. This
will enforce a positive discipline among employees. (Courtesy : ZS Associates)
Visitor Management & Guard Tour linked with Access Control
Visitor
Management & Guard Tours linked with access control can approve a limited time access for a third
party visitor, along with biometric authentication, quickly, over a remote
network. (Courtesy: Airtel)
These are just a few of the concepts, among
several other benefits, that can be derived from unification and security
automation investments, which can be added at a later date for free or
fractional costs.
Again, choosing a capable and agile partner
here is the key. Reliable Security Automations require professionals who can
enable such thoughtful innovations, evolving normal business operations, quickly.
Normally, such fine-tuning of requirements are learned and evolved over
repeated usage with time, and as such, cannot be defined in a project RFP.
Unfortunately, such desired solutions bring maximum benefit, but are shown the least
interest by large sized MNC security implementation vendors. They either deny
it directly or quote discouraging customisation costs.
3. Managed Services Outsourcing
Once systems are unified to a common
software and automated to meet business processes, they can readily be
outsourced for maintenance, bringing in expert services at lower costs. You
need not invest in the retraining of internal people for this specialized and
important job; therefore , managed services offered by a capable OEM should be
a good choice. The option of moving implementation to the cloud can be reviewed,
here. This may help bring about greater support efficiency.
Managed Services Partner selection is
important, as well. Most project sales companies don’t give equal importance to
after-sales like new projects with major revenue streams, as most of the time,
their key resources are engaged in key project executions. This also results in
inadequate training of field engineers who are necessary for efficient
after-sales support. Because of this, it is advisable that companies with a significant
local presence, remote service infrastructure with CRM
and automated ticketing systems with training focused on support engineers, and
a presence at remote locations should be considered with a desired service
level agreement in place for executing automation, as well as the integration
of electronic security systems.
For smarter security automation concepts
and detailed experience sharing and to see
how we can help you by managing operations that result in greater benefits through
thoughtful automation write to us at http://www.solus.co.in/contact or