It is becoming increasingly complicated to manage both the physical and digital access security needs of corporate, institutional and government facilities. The rising incidence of insider threat reports within organizations has led to the development of physical identity and access management (PIAM) software solutions to help manage this complex, demanding market, according to Matt Frowert, director of marketing for Tyco Integrated Security, Boca Raton, Fla.
“The potential now exists for analog and manual systems to be replaced with intelligent, integrated networked systems that offer improved security and cost efficiencies,” said Ajay Jain, president and CEO, Quantum Secure Inc., San Jose, Calif.
With the right PIAM software, open architecture protocols can enable central control of diverse security systems on a single platform, providing higher levels of operational efficiency across the enterprise and improved standardization of policies and procedures.
What PIAM does
Security departments monitor different types of physical identities, including permanent and temporary employees, short- and long-term contractors, vendors, service providers, and visitors. However, complications arise when there is no central place to manage this data, and information resides in multiple, disparate systems or databases. This setup leads to significant error-prone manual intervention, including duplicate identities, unauthorized access and missing access assignment audit trails. PIAM software creates a single identity for each individual across all the physical security systems.
“PIAM enables businesses to manage the identities of people accessing controlled areas and better equips security departments to centrally monitor, define and manage identities and their physical access, correlate identities with physical security events, and provide real-time compliance,” Frowert said.
“PIAM is a ready-made solution for organizations looking to upgrade and enhance their physical security strategies, to remain compliant with mandated regulatory requirements, or to integrate and maintain alignment with security policies during and after a corporate consolidation,” Jain said.
Although PIAM automates key processes, simplifies identity and access control, and ensures each identity only has access to the correct areas, it does not manage an organization’s access platform; it integrates with it.
In addition to aggregating access information from various enterprise and security systems, PIAM software encompasses details (such as risk level, multiple approvers and prerequisites for access) and provides audit trails of all transactions.
“PIAM software is an holistic approach to controlling access, and it manages details, such as biographic and biometric information, and streamlines time-consuming and inefficient manual processes, including issuing ID badges, managing databases and assigning access privileges across multiple access control systems,” Jain said.
Role of mobile technology
The ability to control and manage identities from a mobile platform has become an essential security tool for every organization of any type and size.
“These platform integrations are game-changers because they enable security departments to better connect with the customer, help improve organizational and employee operations and productivity, and enrich user satisfaction,” Jain said.
Tablet and smartphone apps that are already on the market enable users to review, approve and deny physical access requests from inside a facility or remotely; to track access-controlled areas; and to manage infractions, citations and badge issues. Apps can speed up the visitor- registration process by providing intuitive self-service interfaces to their hosts on mobile devices and allowing visitors to check in using a smart device.
According to Jain, PIAM solutions that integrate identity management and physical security provide electrical contractors with opportunities for new business development in integrated building systems beyond conventional video surveillance or access control systems.
“The contractor should be familiar enough with the solution to know what, if any, infrastructure requirements will need to be met for the software to be implemented and for it to be integrated with other systems on the network,” he said.
If the contractor understands the features and functions of a PIAM software solution, it will be better able to fit to the organization’s needs.
“Understanding the needs of the organization allows the contractor to scale identity-management activities and implementations based on a strategic plan or business needs,” Jain said.
Any contractor considering PIAM should start with a comprehensive security-needs assessment of the building.
“The contractor can then work with experienced security consultants or integrators, or bring in stakeholders from across departments within the customer’s organization, to begin the selection and deployment process,” Frowert said.
About The Author
Darlene Bremer, a freelance writer based in Solomons, Md., contributed frequently to ELECTRICAL CONTRACTOR until the end of 2015.