Physical Security: A New IT ChallengeBy Guest Author | Posted 2014-04-28 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
When the IT department is involved from the onset of an IP surveillance initiative, it improves the chances of a smooth, on-time and on-budget implementation.
By Ned Miller
When you think of IT threat management, you typically think of the terms phishing, spoofing, viruses, port scanners, worms and Trojan horses. More and more, though, IT and emergency management professionals are coming together to combat a new realm of security threats: the physical world.
Physical security, whether it relates to preventing break-ins, deterring theft or protecting individuals from attack, has long been the purview of security departments, which are typically staffed by individuals with law enforcement backgrounds. In the 1970s, when security departments began to augment human surveillance with closed-circuit television (CCTV), they had no need for help from IT, any more than facilities management would need help with an automatic sprinkler system for lawns.
Times have changed.
The early CCTV systems were analog systems, with their own dedicated wiring and power supplies. Now, however, digital IP surveillance is becoming the dominant technology. Once affordable only to large enterprises, IP cameras are now much less costly.
Digital storage is more reliable than tape and is less labor-intensive, since there is no need for personnel to mount, replace and store tape cartridges and deal with all the other small but time-consuming problems endemic to tape. With IP surveillance, security staff, personnel administrators and other authorized parties can access CCTV video from any location on a 24-by-7 basis—and from a variety of devices.
In addition to these benefits, vendors and security system distributors also tout the fact that the IP traffic from their systems can piggyback onto the existing IP network. In most cases, the network will be expected to carry not only the video traffic, but also the power for the IP cameras, via power-over-Ethernet (PoE) technology. That's why organizations can often benefit from IT involvement—and the earlier the better.
IT personnel can provide insight on how the trade-offs among resolution, frames-per-second and compression algorithms affect system performance and required memory. Too much video traffic can overwhelm a switch, resulting in gaps in the surveillance record, which are obviously unacceptable.
Too much traffic can also have a negative impact on the performance of other applications on the network. Either one of these conditions can lead to budget overruns resulting from the need to upgrade the network.
When the IT department is involved from the onset of an IP surveillance initiative, these problems and others like them can be avoided, greatly improving the chances of a smooth, on-time and on-budget implementation. This is exactly the approach we have taken at Des Moines Area Community College (DMACC).
Keeping Six Campuses Safe
Under the Clery Act, American colleges must report campus crime data via an annual report. This information is used by the staff and students to determine the level of security they can expect.
DMACC’s sprawling 1.4 million-square-foot property spans six campuses, has 48 buildings, and serves nearly 75,000 full-credit and noncredit students, as well as 3,000 full- and part-time staff. Our security organization faces the daunting task of securing this vast physical space. Like all colleges, DMACC deals with a variety of security challenges ranging from accidents and theft to student misconduct, and it relies heavily on its surveillance system to capture these incidents on video.
DMACC’s crime report is a public document that is used as a recruitment tool to attract new students, which gives our security team even more incentive to preempt potential problems and stay ahead of the curve. Although the college has a low crime rate, we are not immune to the problems that have plagued other campuses.
When we first took a hard look at the surveillance system that was in place, we discovered a mismatched collection of cameras—mainly analog—that belonged to several standalone systems. We wanted a centralized system that was up-to-date and provided both the coverage (in terms of numbers of cameras) and the resolution necessary to resolve incidents (e.g., to read a license plate).