Public and Private Sector Security Essay.
Identify and discuss three essential elements of convergence within the realm of public and private sector security. Formulate a hypothesis as to the effectiveness and extent of convergence efforts over the next decade. Please note you must present a hypothesis and discuss it – not merely state a hypothesis alone. Public and Private Sector Security Essay.
Instructions: Fully utilize the materials that have been provided to you in order to support your response. Your initial post should be at least 350 words. APA citations.
What Is Private Security?
Simply put, private security is security offered by private companies. They have strict training and certification standards but do not have the same restrictions that public security may have.
What Is Public Security?
Public security, on the other hand, are police, detectives, and other public sector security officials. They are highly regulated and funded by the government.
What Are the Advantages and Disadvantages?
Now that you know the general difference between public and private security, it will be easier to understand the advantages and disadvantages to both. Public security does tend to face more disadvantages because it is often restricted by law and politics. Public and Private Sector Security Essay.Private security companies do not have the same restrictions that a public company might have. They may not have the same budget constraints either. This allows private companies to focus on technology and advancements whereas public security cannot spend as much money or time on new technology or the best security systems.
With private companies, the business itself can judge whether it is receiving the best possible security company. There is more control over choosing security that is up to standard. While public security, like cops, do have a higher level of training, this does not mean that private security officers are not well-trained.
The most important aspect of security is ensuring you have protection for your business. Public and Private Sector Security Essay.
ORDER A CUSTOM-WRITTEN, PLAGIARISM-FREE PAPER HERE
For many security professionals, recent high-prole data breaches have shifted attention to external cyber threats. Despite this newfound focus, the Institute for Critical Infrastructure Technology reports that more than half of all cybersecurity incidents can be traced to insiders with legitimate access to corporate facilities and networks. Another survey from the Ponemon Institute reveals that the majority of respondents are more concerned by outside threats than those that originate internally.Public and Private Sector Security Essay.
While external threats are very real, working to confront internal vulnerabilities can prevent incidents from happening in the rst place. By addressing both physical and logical access in a more unied approach, organizations can reduce their risk for a costly breach while also improving user experience and operational eciency. This idea is frequently referred to by the industry buzzword of ‘convergence.’
From a technical standpoint, convergence is dened as “the merging of distinct technologies, industries, or devices into a unied whole.” In terms of access control, convergence can be viewed as “the merging of physical and logical access control technologies to provide a more unied and simplied approach to identity management.”
“Convergence means a simplied approach,” said Sheila Loy, Director of Healthcare Industry, Identity and Access Management at HID Global, “That can mean many dierent things, but it’s essentially making it easier for the user to get both digital access and door access. That usually comes in the form of a card or a mobile device – something that can do both.”
While the notion of convergence is nothing new, this approach to security is becoming an increasingly viable way to mitigate threats. To explore this further, ASIS International recently partnered with HID Global to survey security professionals regarding their experience and related plans on convergence projects. The data in this paper is based on the responses of 745 ASIS International members who have direct responsibilities in physical and/ or information security. The benets of convergence: Improved user experience, operational eciency and security Security administrators are looking for solutions that are easy, convenient and fast. By introducing solutions that better blend physical access control (PACS) with logical access control (LACS), organizations of all types will enjoy three key benets including: 1) positive user experience, 2) enhanced administrative experience, and 3) improved security.Public and Private Sector Security Essay.
Prama Hikvision Introduces Dedicated Series in its DeepinView Camera Line
Search
The Convergence of Physical & Logical Access
National Product International Case Study Latest Feature Article White Paper Technology
9/14/2020 The Convergence of Physical & Logical Access
https://www.securitylinkindia.com/white-paper/2018/04/11/convergence-physical-logical-access/ 2/7
Positive user experience Oftentimes, the weakest link in even the strongest of security systems lies within the end user. If interactions with security technologies are confusing or cumbersome, employees will take shortcuts that introduce unnecessary vulnerabilities. Converged PACS and LACS solutions help reduce this risk by boosting convenience, particularly by requiring employees to only carry one card or mobile device. This type of solution also eliminates the need to constantly refresh passwords.
In today’s world, most end-users wear an ID badge to access facilities, which is a form factor they are accustomed to using. Even more, many employees either use a user name and password or a one-time password fob or token to access networks. While this approach may provide an additional layer of security, it is prohibitive in terms of convenience. Public and Private Sector Security Essay.Alternatively, providing a single form factor for both physical and logical access creates a more streamlined user experience, which ultimately increases user adoption to desired security policies.
“Building occupants who have entitlements to both physical areas and logical applications will see an enhancement in their experience,” said Brandon Arcement, Director of Product Marketing at HID Global, “Convergence results in greater employee eciency and a more pleasant work environment for building occupants. It’s easier for employees to carry one card or one mobile device to access both systems, rather than having to carry a card for the door as well as a fob for the computer or having to remember passwords.”
In terms of logical or network access, one major pain point for end users is the need to remember and frequently reset their passwords. When ASIS International members were asked, “How access to network and logical applications is done today,” a resounding 85% of respondents indicated that they use a user name and password.
85% of respondents also indicate that they have an organizational policy regarding the creation of passwords such as requiring numbers or special characters. Not only is this inconvenient for users and administrators, it presents another common security risk – employees writing their passwords on notes left visible on their desk. Enhanced administrative experience Converged access control solutions provide an improved administrative experience. When survey respondents were asked to rank a series of benets of PACS and LACS convergence, the top response was ‘easier to manage employee credentials,’ followed by ‘one card for multiple applications.’
These top responses reect two key angles within an improved administrative experience. First, many applications used to manage credentials are now web-based with secure, simple access for administrators. This allows security teams to issue, modify, or revoke credentials away from the oce or during o-hours. The second angle is the ability to deploy a converged ‘high value’ form factor that allows for multiple applications.Public and Private Sector Security Essay.
For example, using one card for multiple uses reduces costs for additional or replacement cards, as well as reduces the time required to produce multiple credentials for individual applications.
According to survey data, the value of leveraging smartcards for applications beyond physical access is more than theoretical – 73% of respondents agree that they have interest in using smart
9/14/2020 The Convergence of Physical & Logical Access
https://www.securitylinkindia.com/white-paper/2018/04/11/convergence-physical-logical-access/ 3/7
cards for applications beyond traditional physical access control.
Finally, more converged access control solutions provide security administrators with more visibility into audit data. This makes achieving compliance easier, thus reducing the potential for associated nes and damaged reputations. Improved security The most important benet of any technology is improved security. Innovative technologies for physical access include contact and contactless cards with encryption that adds additional layers of security upon entering doors, elevators or parking garages. Meanwhile, digital certicates loaded onto that same smart card can ensure trusted login to networks and applications, as well as encrypt e-mails and digitally sign documents.
Converged solutions improve security in three key areas:
Increased adoption rate of converged credentials: With a simplied experience, users are more likely to adopt desired security protocols. HID Global’s Loy says “Your employees may have had a badge to access doors for quite sometime. But when they don’t have to carry extra form factors like a fob or token, or they don’t have to take extra steps by entering a user name and password, it provides a streamlined end user experience that increases adoption rate.” Credential more closely guarded: A converged credential is used more frequently and is relied on for more daily activities, thus is more quickly noticed when lost or missing. “Whenever someone uses a credential for applications beyond basic physical access control, it increases value to that card and adds more reason to keep it handy – now that card becomes more closely guarded,” Arcement notes. Reduced need for strong passwords: Security is also improved because cards can eliminate the need for passwords, which are often the weak link in logical accesscontrol. Beyond reducing this vulnerability, leveraging a converged card requires users to remove their card to move around in a secure facility, automatically locking a computer upon card removal.
From improving user and administrative experience to strengthening organizational security, upgrading access control to leverage a more converged credential seems like a valuable exercise. However, when it comes to actually implementing convergence-based projects, multiple barriers can disrupt progress. Challenges to achieving PACS and LACS convergence Despite an increasingly relevant business case and a growth in available technologies, the implementation of convergence projects can be described as surprisingly slow. This lack of adoption can be attributed to two primary obstacles – organizational and technical challenges. Organizational challenges include common conicts between physical security and IT departments, like budgets and priorities, whereas technical challenges encompass the implementation itself such as upgrade paths and compatibility. Organizational challenges Organizational and internal communication challenges serve as a key barrier to implementing convergence projects, most often due to a lack of alignment between priorities and objectives. When asked what obstacles physical security professionals face when working with their organization’s IT department, top answers included:1) project prioritization and alignment, 2) conicting objectives, and 3) project ownership/ division of labor.
9/14/2020 The Convergence of Physical & Logical Access
https://www.securitylinkindia.com/white-paper/2018/04/11/convergence-physical-logical-access/ 4/7
“Traditional physical security professionals often have a background in law enforcement or military. They’re well skilled in forensic investigations, executive protection, and physical security measures – guards, fences and alarms,” Arcement says, “On the other hand, the IT teams are traditionally more comfortable with data protection and cybersecurity measures, but they are not as comfortable in the physical domain, even with something like cards. Because these departments have evolved separately, the two face challenges in collaboration and communication.”
Fortunately, progress in building stronger relationships is growing. When physical security professionals were asked how they currently work with their IT departments, a resounding 60% said that they collaborate to establish security best practices, with 55% indicating they look for new technologies together.Public and Private Sector Security Essay.
Budget is another common concern for convergence projects. IT departments typically enjoy much larger budgets than physical security departments, and they’re used to receiving funds for constant updates to keep up with advances in technology. Physical security departments, on the other hand, may invest in cameras and card systems that are expected to remain in place for decades. Such thinking is no longer practical as technology evolves and vulnerabilities are publicly revealed. Physical security equipment needs to be on a refresh rate closer to that in the IT industry.
Most convergence projects – 54% according to the ASIS survey – are shared in both the physical security and IT budgets, with 24% coming exclusively from the physical security budget and 22% from the IT budget.
Physical security departments should work to leverage IT budget and justify their investments by highlighting improved risk management and asset protection to the organization. They should stress to leadership that a budget that covers convergence would enhance user experience, which can attract better employees and be used to dierentiate the organization from its competitors.
Convergence can also help mitigate risk, which is especially necessary in light of the recent highprole hacks of companies including Home Depot, Target, and Equifax. “Executive leadership is willing to spend money to avoid similar outcomes for their organizations,” Arcement added, “There’s no guaranteed assurance, but they want to ensure they’re keeping up with risk mitigation best practices, which includes attention to both physical and cyber security.” Technical challenges Many organizations may be hesitant to adopt a more converged access control system due to implementation concerns including establishing an upgrade path, compatibility with existing systems, and overall complexity of the upgraded solution. Furthermore, there is an understandable fear of needing to rip and replace existing systems to complete the upgrade.
To illustrate this point, survey respondents were asked to identify their concerns regarding more converged PACS and LACS solutions. The top answer involved managing multiple credentials in various systems, which speaks to operational eciency, whereas other top concerns included diculty of implementation/ maintenance and increased technological complexity.
Despite these challenges, understanding implementation best practices, leveraging modern technologies, and collaborating with trusted partners can facilitate the introduction of converged access control solutions more easily than ever. Best practices to successfully launch convergence projects
9/14/2020 The Convergence of Physical & Logical Access
https://www.securitylinkindia.com/white-paper/2018/04/11/convergence-physical-logical-access/ 5/7
The primary technical challenge for organizations is the notion that introducing converged access control requires an interruptive rip and replace of existing technology. The reality, however, is that the process can be more simple such as by starting with converged cards.
“We’re seeing a trend toward converged cards where it’s no longer exclusively the physical access control credential. Organizations are looking to either extend the contactless technology on the card or to embed an additional contact chip on the card for strong authentication to logical access applications as well,” Arcement continued.
72% of survey respondents indicate that they would like to leverage smart cards for additional applications, with the most useful including network and computer login
Beginning with a ‘converged card’ approach essentially adds logical access to an existing physical access control system. By doing so, organizations can create a migration path that increases security and convenience but still utilizes existing infrastructure, access control systems and panels. This allows more converged solutions to be implemented without needing to rip and replace, making upgrades to newer technology less disruptive.Public and Private Sector Security Essay.
“In terms of logical access, this process usually includes adding credential management software solutions to the IT side of the house to manage the lifecycle of digital certicates on a single ID badge,” Loy said, “There can also be multiple integration points to help ease the workow of getting those cards provisioned for desktop use, making it as streamlined as possible. Some providers also oer professional services to support whatever is needed to get the system running as quickly as possible.”
Arcement also recommends that organizations rst pilot the technology before deploying it company wide. “A marathon starts with one step, and it can be overwhelming to think about all the things that need to be done during the transition of an entire organization,” he said, “We have seen companies be most successful by structuring pilots and deployments in phases and by starting deployment in a single building, oor or department. This enables the project team to clearly understand the opportunities they have with the new technology, the limitations that may exist, and the policy changes that might be necessary to consider before deployment throughout the entire organization.”
To overcome organizational challenges, increased collaboration between physical security and IT is key, particularly when budget is involved. Loy notes that while budget is a concern, the two departments can share expertise and information to be more cost eective. “Sometimes to get greater security you have to spend more money,” she said, “For example, companies typically spend under $10 on a card, but with a converged solution that card could cost $20. You must understand what you’re getting and why it’s more expensive, and you have to understand risks and associated risk tolerance. Think how expensive it will be if you become the next headline or ransomware attack versus making a change in your everyday security to shore up systems from a physical space and a digital space.”
Bridging the communication gap between IT and physical security presents another opportunity for increased collaboration. To start, both sides should acknowledge their shared objective – the security of the organization – and recognize the expertise that each side has in the equation.
9/14/2020 The Convergence of Physical & Logical Access
https://www.securitylinkindia.com/white-paper/2018/04/11/convergence-physical-logical-access/ 6/7
Hikvision participates at Retail Leadership Summit 2018
Invixium Multimodal IXM TITAN
Departmental leadership must understand that their security responsibilities are dependent on vulnerabilities on the other side of the house, because it can mean entry points that ultimately threaten the overall organization.
Facilitating a more collaborative environment can begin with physical proximity and project involvement. To start, IT and physical security can share a common work space such as an operations center or server room. These teams can also establish a recurring forum to provide updates, discuss vulnerabilities, and share audit data. Survey results shows that while 89% of respondents indicate they conduct a physical security risk analysis, only 2/3 of those respondents share the ndings with their IT team.
This collaboration should be leveraged to create joint proposals to company executives that show mutual benet. For example, with increased convergence, ticket volume to the IT help desk will decrease due to a reduced need to reset passwords.
Finally, once a convergence project begins, it is important to train users on the benets of the new approach. Arcement oers, “Managing expectations is critical as organizations move to more secure technologies – there is a slight change to the user experience.” He compares it to shoppers adjusting to using smart card chips on their credit cards instead of magnetic stripe, noting, “At rst, the change presented an inconvenience to the user, but cardholders accepted the change because they recognized the added security it provides in this age of identity theft. This oers a good analogy to share with your user population – that this transition is rst and foremost designed to elevate security for the organization and all who occupy its facilities.” Conclusion Physical security and IT departments are recognizing that now, more than ever, converged threats are real. Vulnerabilities that exist in both domains are fronts that have traditionally been handled separately. In isolation, they can be viewed as managed risks. But when malicious attacks or simple carelessness connect these vulnerabilities, the risks become more than the sum of their parts.
To meet the growing security needs of today’s organization, physical security and IT must better align their budgets and objectives to reduce risks while ensuring convenience so end users abide to company policies. While more converged physical and logical access technologies can help show the way, the ultimate responsibility lies within security professionals to chart the right course for their organization.Public and Private Sector Security Essay.