Analysis: Physical/Logical Security Convergence: Page 9 of 30

While IT rode the unpredictable innovation wave, the mature physical-security industry stayed its course, settling for vetted approaches. Current standards in physical-security topology design and hardware configuration have proven levels of high-availability and reliability. Clearly, physical security groups bring a lot to the table.

Now, they're being hit with convergence initiatives and requirements sourced from IT philosophies, which can be at odds with well-established physical security practices.

Availability, for example, is an important aspect of any PACS (physical access-control system). PACS downtime can result in employees being unable to enter or move around within a facility in a "fail-closed" model, or in a lapse of all authorization and access control in a "fail-open" model. Therefore, these systems have very high availability expectations--AMAG's Ella says his company's access controllers can easily go five years without having to be taken offline for rebooting.

Now propose moving the PACS under the control of IT, which is perceived as struggling with downtime on a regular basis. Even when taken offline for legitimate reasons, such as patching and upgrading, the systems are still down. To the physical-security group expecting virtually no downtime, periods of interrupted physical access control is an unacceptable security and safety concern.

Convergence Achieved Click to enlarge in another window