Locking down the doors and conducting video surveillance of employees have long been staples of physical security across organisations. Now, as network access and monitoring become priorities within companies, a convergence between physical and logical security is only natural, the panel said.
Ron Moritz, senior vice president and chief security strategist at CA, said network monitoring has replaced guarding the filing cabinets at businesses - so merging the two practices of physical and digital security seems to make sense.
"Physical concepts are bleeding into the IT world," he said.
Deployments by federal agencies of smart cards, in light of Homeland Security Presidential Directive 12 (HSPD-12) mandates, are a sure sign convergence is taking shape. The cards contain chips that both grant physical access and validate identity for network access.
Irene Lam, senior product director at American Dynamics, a video-management solutions firm that produces IP-enabled software, said as mergers and acquisitions increase and organisations open more branch offices, headaches ensue.
"You're carrying two different (building access) badges and many times, you need access to two different networks," she said.
The Sept. 11 terrorist attacks, compliance requirements and lower cost of ownership have all served as major drivers for convergence, the panel's speakers said. Centralising management to streamline controls also has played a major role, said Boulton Fernando, CSO at Indymac Bank in California.
"For us, it is about speed, getting things done as fast as we can when investigating a breach," said Fernando. "(With convergence), it's all coming into the same spot, and we can put in the necessary preventative measures to stop the bleeding."
For organisations considering convergence, meshing the two disciplines and cementing the hierarchal structure presents significant obstacles, according to the panel. A convergence plan likely will result in employee anxiety over a potential personnel shake-up.
"The skill sets…are very different," Fernando said. "Getting them on the same page is a challenging task because they don't understand each other. You have to be a good moderator."
Click here to email Dan Kaplan.
From InfoSecurity NY: Physical, IT security coming together
By Dan Kaplan on Oct 25, 2006 11:22PM