Regulatory Compliance as a System Selling Point
New identity management and access control platforms are helping a range of end-user customers meet regulatory requirements. With the right expertise, dealers and integrators can open new revenue streams.
Photography ©istockphoto.com/courtneyk
Software Offers Integrators Rock Solid Opportunities
Rules-based software can bridge the gap between technology and operations by integrating adherence to security policies as part of a unified identity management program. Unifying hardware solutions with security policies using rules-based software that is custom-configured to a site’s needs is a cost-efficient and effective route to managing risk.
Software today can manage global identity, compliance and risk assessment using one integrated Web console, offering a holistic approach to identity and access management by integrating logical security with physical security. Large organizations throughout the world, including global Fortune 500 enterprises, depend on software systems to streamline their physical security operations. Some of the world’s largest airports and leading government institutions have also realized a strong return on investment while minimizing the risk of theft/fraud and noncompliance.
For installing security dealers and integrators, software to address enterprise-wide identity management presents an excellent example of how security systems can help customers meet regulatory requirements as well as work to protect people, facilities and assets.
To expand their business to incorporate such high-level solutions, dealers and integrators must first understand their customers’ pain points and how various technologies, including identity management software, can help. Then the opportunities — and new revenue — will follow.
Ajay Jain is President and CEO of San Jose, Calif.-based Quantum Secure, a provider of physical identity and access management platforms.
Regulatory Compliance for Various Verticals
Companies face a long list of compliance requirements, many specific to certain vertical markets, including:
- Health care: Health Information Portability and Accountability Act (HIPAA) Title II requirements governing access to patients’ private health-care records.
- Energy: North American Electric Reliability Corporation (NERC) requirements such as criminal background checks, timely update of access rights, mandatory training programs, operational and procedural controls to manage physical access, and retention of physical access logs for at least 90 days.
- Airports: Requirements of the TSA, credentialing for the Security Identification Display Area (SIDA) and the American Association of Airport Executives (AAAE) employee ce
rtification program. - Government: Identity programs such as Federal Information Processing Standards Publication 201 (FIPS 201), Homeland Security Presidential Elective (HSPD)-12, and Identity, Credentials and Access Management (ICAM).
- Food and drug: Compliance requirements such as FDA regulation 21 CFR Part 11 (related to electronic records) and DEA Security Regulations 21 CFR 1301.71 through 21 CFR 1301.76 (providing controls and procedures to guard against theft and diversion of controlled substances).
- Petrochemical: Chemical Facility Anti-Terrorism Standards (CFATS) and the U.S. Maritime Transportation Security Act (MTSA) requirements to implement the Transportation Worker Identification Credential (TWIC) program.
- Financial: Corporate governance, documentation and reporting regulations such as Basel II (banking standards) and Gramm-Leach-Bliley (GLBA) (covering financial services modernization).
- Corporate: Sarbanes-Oxley (to protect shareholders), Statement on Auditing (SAS) Standards 70 and ISO-27000 [International Organization for Standardization] security standards.
For information about new opportunities and trends in the access control marketplace, check out SSI’s September issue for a special section devoted to the topic.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Related Content
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.
A FREE subscription to the top resource for security and integration industry will prove to be invaluable.
