Bringing IT all Together
Any IoT device connected to the physical security system is a potential gateway
By John Nemerofsky
Systems integration has been an industry catchphrase for more than 20 years. Yet, many campuses still lack a holistic, integrated approach to security, both physical and logical. Operating disparate devices within separate silos removes many of the benefits resulting from integration – including better protection of buildings, assets and people. Integration typically enables superior performance, customization, convenience and lower overall costs.
Physical and Logical Security
The essential campus integration is the convergence of physical and logical security. These vital operations can no longer operate in separate silos. Most campus systems now include many Internet of Things (IoT) devices such as wireless cameras, access readers and sensors. Any IoT device connected to the physical security system is a potential gateway for hackers targeting critical campus data.
Once in the system, a talented hacker may be capable of shutting down services such as the entire security operation or obtain the contents of the campus data center, leading to potentially catastrophic security and privacy risks. Ransomware attacks threatening to shut down whole campuses are an almost weekly event. It is not enough to react to attacks. The goal of campus security and IT teams is to prevent successful hacks.
Virtually any campus is vulnerable. A hacked system puts a campus’ reputation at risk while also leading to legal and financial liability issues. Security directors and integrators must familiarize themselves with basic cybersecurity tactics and terms to work effectively with the campus IT professionals.
Prime Targets
Cutting-edge research that is conducted on many campuses make them prime targets for both physical and logical security attacks. Sophisticated attacks from organized crime rings or foreign governments have replaced lone wolf hackers with nuisance viruses.
A study released last year by a pro- consumer website found since 2005, school districts and colleges have suffered more than 1,300 data breaches, with nearly 25 million records affected. Most of the intrusions were the result of hackers or the campuses accidentally releasing information. Yet, 15% of the cases resulted from lost and
stolen laptops and other portable devices. Security integrators play essential roles in hardening campus cybersecurity. Here are a
few examples:
• Changing manufacturer’s original device
passwords that often are no more
challenging than 123456789
• Pushing to upgrade outdated or insecure
devices that lack today’s strong
cybersecurity capabilities
• Run vulnerability scans on devices before
connecting them to the campus network and continue to monitor their health once deployed
• Install two-factor identity authentication, often using biometric devices along with card readers, on critical sites such as campus data centers
Physical security benefits from cybersecurity. For example, the fear of a successful cyberattack may lead campuses to delay installing IoT devices that improve video surveillance and access control. A robust and well-deployed cybersecurity plan creates greater confidence in the overall security strategy.
The Clery Act
The 1990 federal Clery Act drives much of higher education’s embrace of security systems integration. The act requires all colleges and universities receiving federal funding to report annually about campus crime incidents. Campuses that fail to follow the regulations run the risk of heavy fines and the loss of government funding. Students and their parents use the data to select a safe campus.
The Clery Act significantly increased the need for integrated security technology. Security integrators must be familiar with the act to ensure their work meets strict regulations. Before beginning work on campus, integration firms must conduct thorough background checks on all employees.
Today, most campuses working with reputable systems integrators have surveillance cameras that respond to alarms from the access control or intrusion systems. Monitoring and controlling a dozen or more different systems takes place from a single security operations center. So, why is traditional systems integration still a topic? With technological advances, it’s reasonable to expect higher-level performance from integrated security devices on campuses of all sizes.
Cloud-based, hosted video and access control services easily integrate with other devices while eliminating the space required for on-campus servers. The system host, either an integrator or manufacturer, handles software updates and regular health checks. Apps provide authorized smartphone and tablet users with remote system controls, such as monitoring a single camera to ordering an immediate campus-wide lockdown.
Automatic Event Responses
Artificial intelligence presents tremendous opportunities, including automatic event responses. Facial recognition technologies use AI-based software linked to access control systems to enable approved students
Disparate Devices
Tada Images/Shutterstock.com
40 campuslifesecurity.com | NOVEMBER/DECEMBER 2021