Using the Basics to Protect Security Systems
How to protect your data with simple solutions.
Today’s integrators are now including strategies and protocols for pursuing the most recent security culprits causing massive complications for businesses – from terror-related threats to cyberattacks to data breaches.
While adding comprehensive safeguards can be a significant part of the total security solution – given the migration of key security components now functioning inside the customer’s network – we don’t want to miss the core points of vulnerability that potentially exist within the system architecture.
Let’s review the basics and focus on the essential core issues that make security systems vulnerable to points of failure, which are usually avoidable and can be easily alleviated with foresight and expertise.
Basic redundant reporting of critical systems or providing a method to audit access to an area or appliance is at the core of what we provide customers.
Beware of Network Services or Upgrades
As a reminder, the security enterprise itself consists of basic components typically spread out over a vast network of remote locations. Sometimes, these areas are shared or provide common space for other systems that may be left unsecure, or simply accessed by other vendors servicing their network-based devices, such as life-safety or environmental systems, for example.
Left unattended, these situations can become critical points of failure and lead to tampering or disconnecting of systems often leading to a host of other issues.
Many times, the problem is simply a missing form ‘C’ tamper switch on a critical control device that may not be programmed or tied into the security enterprise, thus, not able to provide a security alert if the IP device is accessed.
Another example is securing the power supplies with a tamper switch and adding simple locking devices to ensure the power transformers are secure, helping to safeguard against accidental power loss.
Other points of failure may result when someone is accessing a remote junction box or conduit trough when trying to trace a cable or locate a splice point.
In this scenario, because the device accidentally becomes disabled, the security function fails to signal or report the event and, unfortunately, no record will exist documenting when it was accessed or serviced.
Oftentimes, other third-party vendors or the customer’s own IT support staff accidentally disconnects network security devices in the process of making network changes or upgrades. If access points are tampered with, log events can be created each time there is an access breach.
This establishes awareness for often-used points and generates hard information that can be reviewed on a regular basis, ensuring only authorized personnel are gaining admittance.
More Monitoring Solutions & Redundant Reporting Strategies
In addition to basic tamper reporting of the security platform, integrators should educate their customers about what more can be monitored by the security enterprise, as well as the benefits gained by adding redundant reporting of other critical systems.
Major systems such as HVAC or other plant operations, for example, have robust reporting capabilities, and can bring value by notifying a customer of a potential system failure or simple service requirements. Having some basic core functions in place, such as temperature or humidity sensors – either independent or simply as an auxiliary output – can “save the day” should the primary system fail.
In an office setting, other monitoring solutions may include securing basic equipment such as copy or fax machines, which in most business environments have a regular pattern of work flow that, over time, generate a normal level of access operation.
Traditionally, in a 9-5 working environment, there is no reason for certain office devices to be functioning beyond a normal window of time when the business is closed or dormant. These devices can be monitored with the data being used to determine if an illicit activity is occurring.
With the rise in identity theft, many HR and legal departments now install tamper switches on filing cabinets and other equipment to determine who and when files and sensitive information are being accessed. By installing basic tamper-resistant solutions, the customer no longer needs to review lengthy video files following an event.
Tying a plunger switch into the security enterprise will notify clients of unusual activity in real-time. Dormant area detection is another business application that was developed for customers who never officially close.
By installing a motion detector or other device for those businesses storing hazardous chemicals or with high value areas, for example, customers can determine suspicious activity by reviewing the access report or log. They can, then, decide if authorities need to be notified or the situation can be dealt with internally.
At the very least, every point of access to the security enterprise needs to be accounted for and secured, which, in most cases, can be accomplished within a customer’s budget. As security integrators, we need to continually think about bringing additional value and other monitoring options to our customers that address the entire scope of today’s security issues and challenges.
READ: Predictions and Internet Security Advice for 2017
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add sales to your bottom line.
A free subscription to the #1 resource for the residential and commercial security industry will prove to be invaluable. Subscribe today!