|
Interestingly this has been at the core of a project that we have been doing for a client of ours. The company is implementing an organisation-wide access scheme using a single card – this can then be used for building access and for single sign-on. It is a large multi-site organisation, so you can imagine the complexities involved.
IP-enabled physical security brings a number of benefits, particularly in multi-site organisations, allowing centralised access management as well as health and safety and environmental benefits (knowing who is in a building, automatic lighting etc).
From a security viewpoint there are key benefits such as:
Integrated management of building and IT access, which helps to solve those 'starters' and 'leavers' issues
Ability to collate audit trails – x had access to area y and then x accessed system z etc
The difficulty with implementing these systems is in the understanding and agreeing of all the requirements from a diverse set of interests (business, facilities, physical security, IT, audit, HR etc.).
One way we simplified the process to develop the requirements for our client was to develop a stakeholder plan identifying the stakeholders, their interests, their requirements, and what decisions required their approval.
I don't think it really matters who takes the lead in a project such as this. The important thing is to get the right people involved and to get their buy-in.
|
