Analysis: Physical/Logical Security Convergence

Physical and logical security staffs have the same goal--protect enterprise assets--yet they exist as independent factions ... and not always peacefully. But now technological shifts, budgetary realities and a major government initiative are doing some converging of their own and driving enterprises to question whether business as usual is hurting the bottom line.

It's a nascent movement, but not for long. Last year Forrester Research projected a tenfold increase in U.S. spending on merging physical and logical access control, across both the public and private sectors, from $691 million in 2005 to more than $7 billion in 2008. That's still not a huge number--enterprises will spend $8.3 billion on CRM this year alone--but a large-scale U.S. government program, HSPD-12 (Homeland Security Presidential Directive 12), suggests healthy growth will continue.

Meanwhile, CFOs are increasingly feeling a sense of budgetary déjà vu. When the heads of facilities and IT both request capital outlays for new access-control systems, complete with per-user hardware authentication credentials and identity-management software, plus recurring budgets for end-user training and helpdesk support for replacing lost tokens, something's going to give. These overlapping budget requests reflect the evolution of physical access-control technologies: More and more, these systems depend on TCP/IP networks, servers and digital storage mediums--resources firmly in IT's domain. Many physical security pros find this trend worrisome, however, and with good reason.

Impact Assessment Click to enlarge in another window