Traditionally, the roles of digital and physical security in enterprises have been comfortably siloed. Physical security systems, including analog CCTV video surveillance and access control, were the responsibility of the facilities management and security teams. IT was responsible for securing the network and protecting against cyber attacks.
With the massive growth of connected devices and the Internet of Things (IoT), and as organizations have moved from analog to IP-based video surveillance, IT’s role is shifting dramatically. The IT department must now understand how the convergence of IoT and physical security broadly impacts the business and how it can support opportunities for growth.
IT’s influence on purchases and deployments of video surveillance is a relatively new phenomenon. Deploying IP-based video has broad implications for network infrastructure requirements, bandwidth usage and data storage consumption. As an example, for a national retailer, the security and loss prevention departments might introduce tens of thousands of IoT-based devices to manage. And in a school or commercial operation, it might be thousands of devices.
As these devices transmit sensitive information, they are vulnerable targets for hackers. IT needs to take steps to protect these network-based edge devices against cyber attacks and ensure that data is transmitted securely from edge to core. In addition, IT needs to collaborate closely with those departments responsible for physical security and facilities management to protect against physical tampering or sabotage of the devices.
Understanding the threats
Enterprises are facing security threats from inside and out. Most data breaches are due to simple mistakes or poor deployment of security systems.
Enterprises need to secure the network and encrypt data to protect against remote hackers. They also need to guard against corporate espionage and insider threats which can be perpetrated by an unauthorized person gaining access to a server room, for example.
Here are some of the potential threats and opportunities that IoT creates, and what IT’s role will be in helping protect the network against those threats.
• Helping the business implement IoT initiatives wisely.
Many enterprises are outlining visions for IoT that go beyond smart coffee makers and thermostats. IoT offers the opportunity to enable greater collaboration between employees, enhance security, and even increase employee performance. Enterprises will need to mitigate the risks to these devices and sensors from both physical and cyber threats. It will take close collaboration between IT, security professionals and other business units to carefully plan for the deployment of these IoT initiatives in a way that keeps data more secure and optimizes bandwidth and data storage requirements.
• Establishing policies around employees and their own IoT devices. Many employees bring their own smartwatches and fitness trackers to the workplace and connect them to the network. These devices, together with their other “smart devices” (phones, tablets, laptops, etc.) are vulnerable to being compromised, resulting in a potential loss of data. To protect the network, IT is responsible for establishing a policy to manage the use of these IoT devices in the workplace. IT departments will also need to work closely with security teams to ensure guests and visitors aren’t connecting their own IoT devices to the corporate network.
• Assisting law enforcement following an incident. In the case of a fire, sabotage, someone breaking into a server room and stealing information, or some other criminal incident, a speedy response is essential. Embedded, connected devices in a building – like smoke detectors, alarm systems, audio devices, gas sensors, access control panels and surveillance cameras – may provide data that law enforcement will need for forensic purposes or to investigate a threat. IT will need to work closely with security teams and law enforcement to retrieve the necessary data and help them respond appropriately.
IT’s opportunity to shape IoT strategy
Given all of these advancements in IoT-based physical security and their impacts on the corporate network, there are exciting opportunities for IT departments to shape the direction of their organization’s IoT strategy.
IT will never replace the physical security or facilities management teams. But IT’s involvement in supporting security technology implementations has grown in recent years, and IoT is accelerating this trend.
Now is the time for IT organizations to plan ahead for this inevitable collision between IoT and physical security, and think about how they can best support their organization’s business and security initiatives.
(About the author: Fredrik Nilsson is vice president, Americas, at Axis Communications).
Register or login for access to this item and much more
All Information Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access