Implementing a
Data-centric Approach
Reducing costs is as equally important goal in operating an enterprise BAy Kim Rahfaldt
company is much more complex than an IT depart- ment or a number of buildings. It is always evolving and adding more servers, buildings and systems, and therefore, obtaining more risk, costs and threats. As COOs look at the multitude of objectives across an
organization, they need to evaluate how to increase profits, manage risk, or provide a cost-effective route for improving processes, manag- ing incidents, or securely operating an enterprise.
To manage risk, organizations must manage people and the sys- tems they utilize. Using a dashboard to manage system intelligence will identify behaviors, reduce costs and mitigate risk. How does an organization accomplish this? How can security managers and C- Level executives understand how applying a data-centric approach can eliminate data silos, combat convergence of IT/OT and reduce the multitude of risks an organization faces?
First, an organization must determine the types of data to collect to help protect business and mitigate risk. To best protect assets, peo- ple and infrastructure, it’s best to collect access control, video, visi- tor management, case management, burglar/fire, BMS and IT data. Companies normally collect much of this type of data, but don’t use it to make good business decisions. Analyzing the data to centrally manage business will help organizations become more efficient.
Once the data is collected, organizations must:
• Eliminate silos and analyze data simultaneously
• Centrally manage the data
• Improve efficiencies based on new information learned
Organizations must use this information to not only operational- ize their business to improve processes and meet compliance, but to best protect their people, property, and assets. Streamlining all data into one dashboard using a data-centric approach will narrow the gap between physical and cyber security and help predict behavior and patterns.
Key Issues with Collecting Data
Interconnectivity. Most of the systems and sensors do not talk to one another and have different device standards.
Information Overload. A typical dashboard can only show so much information and the human brain can only assimilate and sort through so many inputs at one time.
Large and unstructured data streams pose challenges; Hard to understand and recognize patterns in the data. Some of which can be overwhelming in volume and unstructured.
Turning data into intelligence requires a combination of elements. Within a security framework, using a deliberate posture and roadmap to understand the interacting systems and use cases is key to driving better outcomes. Ultimately, the key systems need to lie within the overall security apparatus.
Case Study, Digital Realty
Digital Realty supports the data center, colocation and interconnec- tion strategies of more than 2,300 firms across its secure, network-rich portfolio of data centers located throughout North America, Eu- rope, Asia and Australia. Digital Realty’s clients include companies all over the world, of all sizes, ranging from financial services, cloud and information technology services, to manufacturing, energy, gam- ing, life sciences and consumer products. By implementing a data
arka38/Shutterstock.com
centric approach, they were able to streamline operations, while offer- ing a more consistent, qualitative and cost effective solution to their customers across their portfolio of data centers.
Here are some key results:
• Implementing a self-service visitor process decreased the risk as- sociated with manual access assignment, reducing man hours by 60 percent.
• Reviewing the combined visitor and alarm activity periods, pro- vided an opportunity for an 18 percent annual reduction on guard service requirements.
• System growth translated to 24 percent increase in support ser- vices. Digital Realty used data to validate the anticipated increase in workload.
• Excessive alarms resulted in response complacency. The data col- lected justified changing Design Engineering Guidelines and op- erating procedures. Now responses to actual events are consistent, providing a more secure environment and streamlined operation. Adopting a data-centric approach helps organizations reduce
costs, mitigate risk and meet compliance. Customers can reduce costs by operationalizing existing security infrastructure on a global scale, reduce manual processes that are labor intensive, repetitive and error prone, and future proof investment by enabling new technology.
Organizations can mitigate risk by standardizing their security processes, and ensuring the right people, places and authorizations are in place.
Implementing a data-centric approach will help companies meet government, organiza- tional and industry regulations. They can moni- tor infractions and enforce security policies and rules, while creating automated reports and au- dit security procedures.
Kim Rahfaldt is the public relations manager at AMAG.
WWW.SECURITYTODAY.COM 15
RISK MITIGATION