| y’s world, the role of security is changing | | | | Gramm-Leach-Bliley (GLB), and Sarbanes-Oxley |
| dramatically. As technological capabilities have finally | | | | (SOX) |
| caught up with security theory, many organizations are | | | | Various vendors have tried to solve the problem using |
| now looking to bridge building and network access | | | | conventional approaches. These include multifunction |
| systems for unified enterprise security management. | | | | cards, identity management solutions, and consolidating |
| Despite their common purpose, physical access and | | | | reporting systems. However, these methods have |
| logical access technologies exist in parallel worlds. | | | | been unsuccessful for a couple of reasons. They |
| Physical access technologies, such as building security | | | | proved to be very costly and extremely time |
| systems and employee access cards, are controlled | | | | consuming to implement - often taking several years. In |
| by the corporate security department. Application | | | | addition, they failed to offer a comprehensive |
| passwords and firewalls are the domain of the IT | | | | converged solution that is unable to prevent security |
| department. Each group’s respective networks, | | | | violations from happening in the future or prevent the |
| technology paths, and user interfaces are completely | | | | use of a card by an unauthorized person. |
| separate. | | | | Physical and logical convergence enables organizations |
| That situation is changing, however, as physical and | | | | to create a single, converged security policy for use |
| logical security concerns mount and persistent issues | | | | across systems across the company. Taking |
| such as inadequate security policy and enforcement | | | | converged security a step further than simply |
| continue. Organizations are now asking why physical | | | | leveraging the building access keycard for network |
| and logical security systems cannot work together to | | | | access, organizations are gaining the ability to grant or |
| share data and strengthen each other. Additionally, it is | | | | refuse network access based on a user’s |
| now possible for companies to successfully merge the | | | | physical location, user role and/or employee status. |
| two culturally and technologically disparate worlds of | | | | This means that users must physically sign-in to use |
| building access and network access without new | | | | the organization’s facilities and networkand |
| investments. | | | | cannot access their company’s VPN while |
| For years, physical access security systems acted as | | | | already logged into the building. This prevents |
| the first line of defense against unauthorized logical | | | | redundant user log-ins, further raising the protection of |
| access. After all, if a person could not gain entry to a | | | | each user’s identity and the organization as a |
| corporate building, that person could not gain | | | | whole. |
| unauthorized access to corporate applications and | | | | Location-based authentication ensures that IT |
| data. | | | | resources are being accessed and utilized by |
| That changed with the advent of remote access. | | | | authorized users as determined by where they should |
| Remote access via VPNs, the Web, and wireless | | | | be, and eliminates the potential for redundant |
| networking has opened up IT resources that can no | | | | questionable user log-ins from different locations. |
| longer be protected by physical access systems | | | | Tying together physical and IT security effectively not |
| alone. Companies are gaining a more firm security | | | | only consolidates user credentials from disparate |
| posture by tightly associating building, LAN and VPN | | | | network, remote access, application and physical |
| access. | | | | access accounts, but also provides a single point for |
| With the convergence of physical and logical security | | | | administrators to instantly lock-out user access across |
| technologies, organizations now have new | | | | both physical and logical assets. With this approach, |
| opportunities to: | | | | events and alarms from physical security access |
| Strengthen and gain greater control over total | | | | systems are incorporated into network access |
| security | | | | decisions, providing a finer layer of authentication for |
| Add a practical and affordable second | | | | closing security holes and providing organizations with |
| authentication factor | | | | broader monitoring and reporting capabilities in order to |
| Better enforce both physical and logical security | | | | better demonstrate regulatory compliance. |
| policies | | | | When physical and logical access security |
| Enable the enforcement of company | | | | components work together, companies use them to |
| anti-passback/tailgating building access policies | | | | complement and reinforce one another. Convergence |
| Better coordinate security resources in critical and | | | | allows organizations to manage all forms of security |
| emergency situations; and achieve compliance with | | | | under a single umbrella for maximum control. Security, |
| regulations, such as the U.S. Homeland Security | | | | along with all types of risk, both operation and |
| Presidential Directive -12 (HSPD-12), Federal Information | | | | corporate, are now being done better and ultimately |
| Processing Standard 201 (FIPS-201), Health Insurance | | | | more cost effectively. |
| Portability and Accountability (HIPAA), | | | | |