asis presentation_07112013
TRANSCRIPT
Enhancing Physical Security through Enhanced Software Engineering
ASIS Western NJ Chapter June 11, 2013
Introduction
• Challenging long-held notions:– What’s included in a security project– Who supplies security solutions– Where does “security” stop and “technology”
start• Hidden Value
Concepts
• Database Integration• “bespoke” functionality
– Custom code– Edge development– Interoperability with external systems
• Platform Independence– Administering multiple PACS systems
• Managing Security through the Web• Re-engineering the Security Management Process
– Knowledge– Experience– Preparation
Technology Picture
• Integrator vs. Manufacturer– The P Word*
• “Security” vs. “IT”• Security ROI:
– New Rules– Metrics/Quantifiable analysis– Improved Security Process = Hidden Value
• Need for better processes within individual organizations*Proprietary
Security Industry- common perception
“Manufacturer”• Technology
Development• Innovation• Platform Standards
“Integrator”• Installation• Support• Configuration• Expertise
Why is the security environment changing?
• Moore’s Law• Increased Expectations
– Productivity• Software: Increasing Returns
– Cost vs. Performance– Hardware: Cost decreases, Productivity Increases
(Marginally)– Personnel: Cost Increases- increased productivity a
challenge• Big Data: more complexity of analysis
New Challenges for Enterprises
• Organization-specific System Requirements– Micro-development
• Inadequacy of mass-market response– Regulations/Audit
• Interoperability– Exchange Data, Process w/internal (or external)
business systems– Data mining: value of security data
• Systems, Process Evolution
Where is the ROI?
• Increased importance of business case• Environments for Increased Efficiency• Where are the opportunities• Improving Value- Improving Process
“Let’s Build it Ourselves”
• Insufficient Market Response• Pros & Cons
– Solution complies with Requirements– Diminishing returns:
• Maintenance• Development• Justification
Acquisitions
• Disparate Platforms– Difficult to maintain, administer multiple platforms– “rip & replace” options
• Personnel Integration– Personnel management– Permission/Function Standards
• Problems solved through technology
Persons MPP Total M Total H100,000.00 10.00 1,000,000.00 16,666.67
Total MD(H/8)
Total MY(MD/250)
Est. Savings(MY X $50K/Y)
2083 8 416,666.67$
Machine Interface
• Elevators• Separate PACS platforms/hardware• Specialized Applications• Micro-engineering
– Compliance with requirements on a local level
Data Integration Challenges
• Using technology to improve critical dataflow• Clean data= clean process
– Security data should be the most up to date• Consolidation of data from different sources• Routing data to serve different needs
– Reports– Statistics– Interoperability
Data Reporting- Operational Efficiency
•Statistics and Activity• Trending• Analysis
•Ad-hoc/On-demand Reports•Customized Dashboards
• Investigations• Reduce time and
complexity
Multiple-source Data Aggregation
I
HR DB
Card Access Management
Visitor/Vendor Management
Incident Management
Alarm Management
Fire/Life Safety/EAP Management
Machine DB
Corp RE
Floor Plans
Retail Locs
Business Continuity
Alarms
Lighting
Crime Stats
“Bad Guy” DB
3rd Party DB
Site & Threat Assessment
Management
Service Requests
Credential Management
Crisis Management
Transaction Database
Data Warehouse
Pre Processing
Integration
Automation
Web-oriented TechnologyProductivity Multiplier
• Hosted– Sub-metered
• Distributed Cost= lower per user expense• Benefits of High-volume Use• Diversified Organizations
– Tenants– Vendors– Stakeholders
Web-oriented TechnologyProductivity Multiplier
• Applications processed through web– Work orders, visitors, post requests– Aggregation/common database
• Data Security• Support & Service
– Updates– Training– Continuously working with current technology
Case Study 1False Alarm Reduction
False Alarm Reduction
Environment: Large Retail BankProblem: False AlarmsImpact: $3M+ (fines, overtime payments, lost productivity)Details: More than 3,000 US Locations
Solution:•Non-proprietary physical access solution•Authentication via web host (no server on site)•Auto-arm/disarm via card swipe•Instructions based on badge holder identity•Compact, ready-to-deploy solution in non-metallic enclosure (works with cellular data card)
Expertise Required:•Database•Machine Language/PLC•HTML
Results: Over 3 years- $1.2M Expenditure, est. $7.5 Million cost reduction first 3 years
Case Study 2Advanced Elevator Integration
Elevator Integration & “Way-finding”
Environment: Commercial Office Building, DD ElevatorProblem: Unlike traditional elevators, no I/O boards- controlled by logicImpact: Security integration complex, expensive; difficult to preserve advantages of DD systems
Solution:•Logical integration with DD Elevator Server•Security system polls elevator server, “assigns” cab to holder of valid badge
• Tenant (ID Badge) or Guest (Visitor Pass)•Special instructions for VIP, Executive Badges•Cab assignment displayed on turnstile or lobby monitorsExpertise Required:•Database•Machine Language/PLC•Industrial/automation process
Results: Successful integration with multiple DD systems, reduction of staffing, improved lobby experience. Deployment in several US buildings.
Case Study 3Security ROI: Direct Impact
Environment: Major UK Government Agency SiteProblem: 1) Lights left on 2) sensitive documents left unsecureImpact: Unnecessary costs; potential breaches of secure/classified documentsDetails: 3,457 Rooms, identification of room required; unsuited for implementation of presence sensors; cellular/wi-fi coverage spotty in some areas; self-built IMS inefficient, difficult to support
Solution:• New incident management IMS application with client
for PDA• Store & forward feature when not on line
• Custom reporting & compliance sets• Correlation between incidents, cost savings
Expertise Required:•Database•Mobile/PDA development•Operations process
Results: Measured, documented reduction of costs (& ROI), improved security compliance, sustainable solution
for incident & security management
Incident # Class Category Location Created By Date Occurred DescriptionLights Off Savings
HMT-1242 Environmental
Lights Switched Off
B/20.1 - FM Store Zubair Khalid Friday, 28 January 2011 12:25 AM
light on £4.29
HMT-1243 Environmental
Lights Switched Off
LG/10.1 - Office Zubair Khalid Friday, 28 January 2011 12:35 AM
light turned on £4.21
HMT-1244 Environmental
Lights Switched Off
LG/75 - General Office Zubair Khalid Friday, 28 January 2011 12:40 AM
light on £4.17
HMT-1245 Environmental
Lights Switched Off
LG/04 - Play Scheme Zubair Khalid Friday, 28 January 2011 12:45 AM
light on £4.13
HMT-1529 Environmental
Lights Switched Off
3/15 - Office Zubair Khalid Saturday, 29 January 2011 01:35 AM
light on £3.71
HMT-645 Environmental
Lights Switched Off
G/20 - Meeting Room Mario Artifice Sunday, 23 January 2011 05:20 PM
lights on i switched off £7.83
HMT-646 Environmental
Lights Switched Off
3/31 - Office Mario Artifice Sunday, 23 January 2011 05:35 PM
lights on and printer, i switched off
£7.71
HMT-647 Environmental
Lights Switched Off
4/25.2 - Meeting Room 4/25.2
Mario Artifice Sunday, 23 January 2011 06:20 PM
completed internal patrol £7.33
HMT-974 Environmental
Lights Switched Off
LG/CP.62 - Copy Point Bash Abdullah
Wednesday, 26 January 2011 12:20 AM
light on £4.33
HMT-975 Environmental
Lights Switched Off
B/03 - Gymnasium Bash Abdullah
Wednesday, 26 January 2011 12:35 AM
Light on. and all the TV On at 00.40
£4.21
Case Study 4Standardization: An alternative to “rip & replace”
Environment: US-based Major FinancialProblem: Disparate PACS, IDS solutions acquired through acquisitionImpact: Est. $1.2M “rip & replace” cost to migrate to “preferred” platformDetails: Removal, replacement of 3,000+ panels, significant business disruption
Solution:• Implementation of software overlay• Interoperability & full administrative
management of four (4) distinct platformsResults: Software-based consolidation results in
est. $800K savings, improves process by delivering custom interface
Events
Overlay
Plat. 1 Plat. 4Loc D
Plat. 3
Loc C
Plat. 2
Loc B
Loc A
Access Group:Loc A – CR1Loc B – CR2Loc C – CR2Loc D – CR1
Events
Overlay
Plat. 1 Plat. 4Loc D
Plat. 3
Loc C
Plat. 2
Loc B
Loc A
Access Group:Loc A – CR1Loc B – CR2Loc C – CR2Loc D – CR1
This document contains copywrighted material
???Comments?
Daniel Q. Kelly Jr.G4S Technology LLCSoftware Solution Division118 West 22nd StreetNew York, NY 10011(212) 414-0073 ext. [email protected]