Using policy-driven software to seamlessly manage the entire lifecycle of all identities, these platforms provide a truly unified approach to physical and logical access control – helping IT pros manage identities, compliance and operations across multiple systems and sites. Managing the entire security infrastructure is simplified by automating formerly manual processes related to background checks, physical access privilege assignment and ter- mination, visitor access control and management of audit and compliance with regulations.
PIAM systems are designed to help IT professionals deploy and manage a more sustainable, secure environment by provid- ing a single policy-based platform that automates and simplifies physical identity and access management. These solutions pro- vide a comprehensive range of functions for IT pros to streamline the entire process, including automated cardholder administra- tion and role- or location-based provisioning, automated assign- ment of secure area stewardship to business owners, assured com- pliance with regulatory and environmental security requirements with real-time reporting, and more.
Security Convergence
By connecting their physical security operations closely to their IT infrastructure, IT practitioners are realizing the value of se- curity convergence, lowering their overall risk and benefitting from sustainable cost savings. For IT pros, adopting this type of converged approach means extending the traditional identity and access management (IAM) concept to automate physical access and audit reports, and aligning facility badging processes with the IT network. This converged approach allows organizations to automate physical access to resources for employees and other identity types based on their business roles as defined in the IAM system and/or their location as managed by the PIAM system.
From an IT perspective, this integrated approach can elimi- nate labor-intensive, costly and error-prone processes of manu- ally managing personnel information and access privileges across disparate, siloed, multi-vendor, multi-location physical access controls systems (PACS).
Policy Automation
Many of the challenges security professionals face can be over- come with a single capability: automation. Manual processes are costly, time-consuming and error-prone, which is hardly a recipe for physical security success. PIAM simplifies management of the entire security infrastructure by automating manual processes re- lated to background checks, physical access privilege assignment/ termination, visitor access control, and management of audit and compliance regulations.
The process of provisioning and de-provisioning identities is a particular challenge that PIAM can help overcome. By inte- grating with logical security and other systems, PIAM ensures synchronized and policy-based on- and off-boarding of identi- ties and their physical access privileges across multiple disparate security and non-security systems. The combination of a robust integration platform and policy and automation workflow au- tomation allows PIAM solutions to manage critical rules across the infrastructure to enforce internal controls, reduce operational costs and corporate risks, and to automate compliance processes. Some solutions also include predefined policies that enable com-
NS10
plete automation of the on-boarding and off-boarding of iden- tities from an organization’s authoritative data source and its physical access into the PACS.
In addition to separate physical and logical security teams, the responsibility for authenticating identities and performing back- ground checks also often includes an organization’s HR depart- ment. Without an automated, integrated approach, each of these three teams might duplicate or make assumptions about each other’s efforts, creating highly inefficient operations that also in- crease the likelihood of errors and additional risks and liabilities. With PIAM software, all of this integration is invisible as the so- lution works with existing hardware and infrastructure to create a single database.
Single, Organization-Wide Identity
PIAM solutions are capable of linking multiple PACS systems across multiple locations in real time with corporate IT systems, allowing PIAM to reconcile identity information and instantly establish a single version of each identity. This ensures that ghost accounts (those that consist of either blank cards with no as- signed history or where cardholder validity has been terminated in the IT or HR system) are locked out immediately and that compliance requirements are quickly met. PIAM solutions also provide actionable intelligence for risk mitigation and threat pre- vention using robust reporting and analytics.
Return on Investment
Deploying a PIAM solution for managing physical security al- lows organizations to realize a better return on investment (ROI) by maintaining focus on their core competencies. Simultaneously, they can leverage their PIAM provider’s expertise and core com- petencies in the physical security space. Many solutions are de- signed to identify issues in current processes and close any loop- holes or potential vulnerabilities in the way systems operate.
Many PIAM solutions not only allow organizations to man- age the lifecycle of identities and their authorization for physical access, but also serve as a highly scalable platform that automates key processes and simplifies control of all identities across an en- terprise – ensuring that each identity is assigned the right access to the right areas for the right length of time. By adopting a uni- fied approach to physical security management, PIAM allows IT professionals to seamlessly manage identities, their physical ac- cess and their correlation with physical security events in a multi- stakeholder environment while delivering the added benefit of providing real-time compliance.
As more and more IT professionals find themselves respon- sible for deploying and managing physical security systems, the traditional challenges these practitioners identified in the recent Spiceworks study are certain to multiply. However, this does not have to be the case, as advanced PIAM solutions offer the fea- tures and functionality to overcome many of these obstacles. Automation, integration, ease of use and centralized identity management are just a few of the many PIAM capabilities that provide IT practitioners with the tools and processes to ensure the most effective and efficient protection of organizations’ digi- tal and physical assets.
Don Campbell is the vice president of products at Quantum Secure. 0517 | NETWORKING SECURITY