Organisations embracing cloud-based security management systems will see benefits but must adapt to ensure they do not open themselves up to evolving risks. This was a message from the Association of Security Consultants (ASC) winter Business Group meeting on November 18, at the London Chamber of Commerce and Industry.
Inderpall Sall, pictured, technical director at NG Bailey IT Services, highlighted the progress towards the next phase of cloud evolution when everything will be connected to the internet. This would maximise the intelligence available, facilitate the convergence of building, ICT and business systems within organisations and routinely mean that analytics were available.
Examples given included access control data triggering whether lights were switched on or off at a particular workstation; an entry card being disabled and desk and parking space released when someone is on holiday; an American company using data from cameras to analyse behaviour on train stations with a view to preventing suicides.
Clients were now demanding cloud-based, mobile technology – “You’ve got to put a network in otherwise someone else will do it”. There was a move away from organisations requiring every system to have its own separate infrastructure and applications. He cited the examples of a client that had opted to have just one cabling infrastructure to manage and monitor everything and of a requirement to provide a very simple, single application with security, fire and building management sections available from one screen.
However, there was a need to consider the risks alongside the opportunities. If all information was on the network, the implications of getting hacked would be much more serious; effectively, it would be possible for someone to gain control of a whole building. To offset these risks, it was important to have substantial physical and IT security in place, give very careful consideration to enterprise security architecture and ensure that all functions involved with security provision are co-ordinating their activities effectively.
The intelligent buildings theme was continued with a presentation on security reporting from Brian and Steve Larkins of Verifi FMS. Despite all the technology developments of recent years, security officers had remained largely dependent on paper records. This could make organising and retrieving information (particularly where this related to events that had occurred some time ago) challenging. This session demonstrated VerFi EIDOS, a new cloud-based alternative, which required only a standard browser.
The event also included a presentation by Broadgate Estates security and business continuity manager Jonathan Schulten on the scale and nature of dealing with such a large property portfolio; the dynamics of the relationships with landlord, occupiers and property managers; and some typical challenges such as public realm management, for example during the 2014 World Cup as shown on giant screens in Exchange Square.
Speaking after the event, ASC chairman Allan Hildage said: “We’ve seen today how cloud technology can help to provide a consistently quality service and ensure different parts of an organisation work together more effectively to meet overall business objectives. However, we’re also constantly reminded that the speed of technology development is challenging everyone – the impact on systems’ integrity and the ability of the regulatory framework to keep pace were just two of the issues raised in questions from the floor. From a security and resilience perspective, it’s vital that we grasp the full implications and act on them if we are to maximise the benefits while minimising the risks.”
The next ASC Business Groups will run on March 3, and May 14, 2015. Visit the ASC website www.securityconsultants.org.uk.
