Security is becoming an increasing source of business intelligence

10 March 2010

Premises security has long been viewed by organisations as a necessity rather than an opportunity, but with the growth of intelligent buildings this is rapidly changing. Security is becoming an increasing source of business intelligence that helps to ensure a duty of care to employees and visitors and to support increased revenue generation.

As organisations have become aware of the need to manage their core assets more effectively and efficiently, and the variety of threats those assets need to be protected against has grown, security has become an ‘investment’ rather than an overhead. Organisations now need to look at how they can use security ‘intelligence’ to deliver beneficial improvements to the way they work.

Shattering myths and misconceptions, a physical security implementation should actually be more about letting people in, giving them optimal accesses to areas and services than locking them out. Security doesn’t have to be restrictive. In fact, if an organisation is to operate effectively it needs to provide the best possible access to facilities within a managed framework of ‘rules’.

There’s no doubt that today the level and variety of threats and vulnerabilities can be high as recent social engineering cases have shown, but the building needs to continue to function as normally as possible even when a potential threat is being dealt with. Lockdown is far from ideal because it impacts your organisation in big ways, reducing the chance to make money and putting fear into your employees for example.

The most powerful security systems are those which are integrated into the backbone of the building – in other words its IP based network – as these can be integrated with other systems to power intelligent decisions or automated processes. For example, a system which detects a break-in can be linked to the building’s CCTV system triggering a camera to point at and film the location of the action. Subsequently the chances of identifying and catching the intruder are better.

Compliance, for example with health and safety laws, is another opportunity on the agenda. Demonstrating compliance with regulations requires the ability to manage the organisation against them. A security system that is integrated with buildings management systems can assist this.

For example in an area that people should only enter with a ‘buddy’, the security system can ensure this is always the case and collect the data to create a report declaring who has used the facility and who accompanied them. Fire safety regulations may also state that a room has a maximum occupancy and the security system can be used again to ensure this is not breached.

The outcomes of failing to comply with regulation can be severe. For example, recent amendments to the Corporate Manslaughter and Homicide Act of 2007 also potentially increase the chances of organisations being prosecuted where there has been a gross failing, throughout the organisation, in the management of health and safety with fatal consequences. An effective security system has the power to help your organisation comply automatically and provide an audit trail.

Managing security in an open yet effective way get’s even more complex when you consider the recent growth in shared services, outsourcing and use of contractors, perhaps most strongly in public sector. Take NHS Trusts for example, now sharing doctors, buying in key services like catering and cleaning. Trusts can also be dispersed geographically and even share back office functions. At any time a Trust’s site is filled with employees, patients and also contractors who may change staff on a regular basis. A dynamic security system is needed to manage access for all of these different people, ensuring access rights are neither too lenient to create danger or too tight to restrict operation effectiveness.

Often one of the biggest failings in security management is the disconnect between digital and physical. There is no reason why these two aspects should be dealt with separately. You only have to look at the most publicised type of security breach – data leaving buildings on laptops and USB sticks then getting lost or stolen – to see that digital and physical security go hand in hand. Asset tagging and buddy tagging is an important development here, because this means that the whereabouts of digital assets, like information on a laptop, can be traced and managed alongside the physical aspect of who has left the building with it.

Knowing who is logged in to a computer system is simply not enough when passwords are easily shared for example among students, or indeed stolen. Equally door access and footfall data can be integrated with sales information to tell shopping centres or campuses who went where, what route they took, what they bought and where they stopped. This provides vast information to help reduce energy costs through intelligent environmental management and increases revenues as evidence of premium advertising locations.

It is encouraging to see much more responsibility for security being shared between heads of both IT and facilities. However they must remember it is not simply about having the right technology in place. Organisations must change their mindset if they are going to generate returns from their security and access infrastructures through an intelligent approach. Security is a powerful information source, both to protect people and ensure your duty of care but also to increase business intelligence.

To conclude, here are my top five reasons why managed access can improve returns for many organisations.

- Generate revenue from your precious or unused assets
By knowing who is working in the building and when, organisations such as universities and hospitals can open up portions of car parks to the general public for a fee. They can manage and control access to car parks through integrated ID access and billing systems.

- Sell the best locations at the highest premiums
In the current economic conditions being able to prove the benefit of a location is half the battle. Retailers, stadia and campuses can have the evidence to charge premiums on the basis of detailed footfall and visitor profiling.

- Pinpoint security threats quicker with far greater accuracy
Different pieces of physical and information access data are like the precise coordinates needed to find a needle in a haystack. You have the power to know when a breach is happening and deal with it, whether it’s intentional or accidental.

- Improve business processes through complex access management
If you outsource processes to third parties they will perform poorly unless they have accurate access for their needs. Managing access via IP networks means that you can tailor and adjust access as required and get your partners working optimally.

- Improve customer experience and thus loyalty
The data flowing from physical and information access systems on an IP network, and resulting ‘intelligence’ can easily be fed to customers to provide real time benefit. For example visitors to the Olympics can be informed about event start times, walking times to their seats based on their location and ticket access rights, straight to their mobile.