Why IT pros love PIAM for physical security

The acceleration of digital transformation initiatives is bringing a proliferation of internet-connected physical security devices to the workplace, blurring the lines between the security and IT departments. Increasingly, IT are not just a voice at the table when discussing physical security, they’re also responsible for implementing and managing physical security systems. Research shows that IT teams are hankering for greater involvement in selecting which physical security systems to deploy, to ensure that they’re compatible with existing infrastructure. This is because trying to manage and process actionable data from multiple, disparate systems that don’t interact with each other is among their top pain points, particularly in multi-site enterprises.

The problem: manual processes

Most of the challenges faced by IT professionals can be consolidated into one overriding issue: manual processes. Systems that can’t exchange data with one another require time-consuming manual interventions to get them onto the same page. Most on-premise systems need IT to physically come on site to maintain and update them. Passive CCTV systems require a person to monitor live footage or search for evidence post-incident in pre-recorded footage. Legacy and unintegrated access control systems require the manual updating of access privileges when employees join and leave.

Physical security systems laden with manual processes are not only more costly to manage but prone to human error. Harmonising disparate systems requires data to be re-keyed, and by definition re-keying data doubles the chances of it being entered incorrectly. A person can miss signs of wrongdoing or threat in CCTV owing to tiredness or distraction. And manual cardholder administration can lead to rogue cards in the system, both a compliance breach and a potentially disastrous security risk.  

Manual-process-driven systems also tend to produce an abundance of security data that doesn’t go anywhere, because the siloed nature of those systems makes it impossible to analyse. This leaves gaps in the security chain through which attackers can slip. 

The solution: automation and PIAM

Automation is probably the most popular and prevalent IT buzzword out there, and that’s because it makes everything easier, simpler and safer. Networked systems automatically exchanging information save IT teams a ton of administration, duplication of work, and onsite maintenance. Automatic extraction and processing of the most relevant data from all systems into actionable intelligence enables IT and security teams to thwart or mitigate threats before they become breaches. CCTV monitored by artificial intelligence (AI) is more proactive and more accurate, and the automated provisioning and deprovisioning of access credentials dramatically reduces the risk of rogue cards.

The pathway to achieving all of this security- and efficiency-boosting automation across the enterprise is another big IT buzzword: integration. Integration is the process that enables different systems to interact and exchange data, and allows IT teams to control and manage them remotely.

Integration can take two forms. It could be a literal integration built using open/public application programming interfaces (APIs), much like the Welcome Gate integration connecting physical security platform S2 with HR and finance system Workday. Alternatively it could take the form of a software overlay known as a physical identity and access management (PIAM) solution.   

A PIAM solution is an ideal choice where you’re dealing with legacy and on-premise systems that don’t have APIs and lack, therefore, the capacity to talk to one another. PIAM pulls the data from those systems into a new system with a single user interface, giving IT teams the ability to control, manage and report on those systems centrally. It means that although those systems aren’t technically communicating, they are, in effect, integrated.  

PIAM is much more streamlined and efficient than IT teams having to work with all the different security systems separately. It automates formerly manual processes relating to data analytics, reporting, maintenance, CCTV monitoring, and visitor and employee access control, including the provisioning and deprovisioning of access privileges. It also delivers levels of intelligence capable of turning traditionally reactive security models into predictive ones.

Importantly, it means that you don’t have to rip out all of your existing infrastructure and start again. As PIAM is a software overlay, the worst-case scenario is that you may need to update your readers and cards.

PIAM: the path to true convergence

We mentioned at the start of this article that the proliferation of connected devices in physical security is blurring the lines between IT and security teams.

The thing is, IT don’t just want blurred lines. They want actual convergence. In a past article, we talked about how cybersecurity and physical security are two sides of the same coin, with internet-connected physical security systems turning burglars into hackers. This makes it necessary for IT and security teams to know what the other is doing. In addition, convergence promotes efficiency across the organisation, eliminating assumptions and duplicate work between teams, and allowing organisations to automate physical access to resources for employees and other identity types.

In effect, PIAM brings logical access management fully into the physical security realm. It provides IT and security teams with a 360-degree view of identities in a single and fully interoperable platform. To know more about PIAM and what it could do for your business, contact Welcome Gate today.