Combining Physical Security Systems and IT Security Systems
Organizations can benefit from having a combined physical security and IT security systems as it offers a balanced and consistent advice from both areas of expertise. On the other hand, physical security systems and IT security systems are very diverse disciplines since they have different professional development and require the acquisition of varying skills and knowledge. Therefore, combining the two areas can be challenging to an organization (Huang, Zhou, Yang & Qin, 2015). This paper compares and contrasts the pros and cons of combining physical security and IT security systems in medium to large sized organizations with complex IT that operate globally.
Combining the physical and IT security similarly benefits the two areas as it helps in saving costs and facilitating a natural evolution for maintaining facilities and guarding operations. It helps in prioritizing of risks and creating a comprehensive security business plan that covers the two areas. For instance, physical security can be improved by having door-access equipment and video cameras IP enabled and ensured that employees are provided with smart card based badge for accessing buildings and computers (Campbell, 2015). Therefore, merging reduces duplication of costs in programs and overheads that can result in unproductive tuff battles for resources between security groups. It helps in creating a single point of visibility and control for both physical security and IT division that offers consistent and complete advice. Moreover, it creates synergies and facilitates the transfer of technology of skills and experiences that are hard to acquire. Both the traditional security managers and IT experts involved in converged security systems focus on offering solutions for the betterment of the firms. Amalgamation will also help in promoting smooth communication between all security stakeholders and constant sharing of information (Huang, Zhou, Yang & Qin, 2015).
Conversely, merging the physical and IT security systems presents certain challenges to firms that are associated with combining heterogeneous systems and the issue of upgrading a patchwork of physical access systems. Both IT experts and traditional physical security managers are likely to resist convergence due to the mistrust and discord that exists between the IT and physical security departments. Managers of physical security systems will be afraid of the IT department taking control of their function making them irrelevant in the organization (Campbell, 2015). According to Huang, Zhou, Yang, and Qin (2015), merging logical and physical security leads to the reduction of the influence and presence of physical security function in the firm. On the other hand, IT security experts will be afraid that the convergence will be very risky to the firms’ security. Additionally, combining IT and physical security also presents a major challenge for recruiting and promoting professional development due to the diverse skills and experience needed to take care of both subject areas. Organizations will also have to overcome physical challenges when combining the two areas. For instance, a firm with various locations may have physical security technology that is very outdated, and it may lack the interface needed to connect it to IT systems. This will prevent such physical security systems from becoming part of convergence. Another example is that the multiplicity of various physical access systems makes it challenging to have a single authenticator for users who will be moving to different locations (Campbell, 2015).
In conclusion, the merging of physical security and IT security systems results in benefits and challenges for firms. Firms should develop a new organization chart that will facilitate the smooth convergence of the two areas.
Campbell, D. (2015). The Best of Both Worlds: Combining IAM and PIAM for Comprehensive Identity Management. Security Technology Executive, 25(1), 38.
Huang, S., Zhou, C., Yang, S., & Qin, Y. (2015). Cyber-physical system security for networked industrial processes. International Journal Of Automation & Computing, 12(6), 567. doi:10.1007/s11633-015-0923-9