Today’s integrators are now including strategies and protocols for pursuing the most recent security culprits causing massive complications for businesses — from terror-related threats to cyberattacks to data breaches.
While adding comprehensive safeguards can be a significant part of the total security solution — given the migration of key security components now functioning inside the customer’s network — we don’t want to miss the core points of vulnerability that potentially exist within the system architecture.
Let’s review the basics and focus on the essential core issues that make security systems vulnerable to points of failure, which are usually avoidable and can be easily alleviated with foresight and expertise.
Beware of Network Services, Upgrades to Security Systems
The security enterprise itself consists of basic components typically spread out over a vast network of remote locations.
Sometimes, these areas are shared or provide common space for other systems that may be left unsecure, or simply accessed by other vendors servicing their network-based devices, such as life-safety or environmental systems, for example.
Left unattended, these situations can become critical points of failure and lead to tampering or disconnecting of systems often leading to a host of other issues.
By installing basic tamper-resistant solutions, the customer no longer needs to review lengthy video files following a [security breach] event.
Many times, the problem is simply a missing form “C” tamper switch on a critical control device that may not be programmed or tied into the security enterprise, thus, not able to provide a security alert if the IP device is accessed.
Other points of failure may result when someone is accessing a remote junction box or conduit trough when trying to trace a cable or locate a splice point.
Oftentimes, other third-party vendors or the customer’s own IT support staff accidentally disconnects network security devices in the process of making network changes or upgrades. If access points are tampered with, log events can be created each time there is an access breach.
This establishes awareness for often-used points and generates hard information that can be reviewed on a regular basis, ensuring only authorized personnel are gaining admittance.
More Monitoring Solutions & Redundant Reporting Strategies
In addition to basic tamper reporting of the security platform, integrators should educate their customers about what more can be monitored by the security enterprise, as well as the benefits gained by adding redundant reporting of other critical systems.
Major systems such as HVAC or other plant operations, for example, have robust reporting capabilities, and can bring value by notifying a customer of a potential system failure or simple service requirements.
Having some basic core functions in place, such as temperature or humidity sensors — either independent or simply as an auxiliary output — can “save the day” should the primary system fail.
In an office setting, other monitoring solutions may include securing basic equipment such as copy or fax machines, which in most business environments have a regular pattern of work flow that, over time, generate a normal level of access operation.
Traditionally, in a 9-5 working environment, there is no reason for certain office devices to be functioning beyond a normal window of time when the business is closed or dormant. These devices can be monitored with the data being used to determine if an illicit activity is occurring.
Dormant area detection is another business application that was developed for customers who never officially close. By installing a motion detector or other device for those businesses storing hazardous chemicals or with high value areas, for example, customers can determine suspicious activity by reviewing the access report or log.
At the very least, every point of access to the security enterprise needs to be accounted for and secured, which, in most cases, can be accomplished within a customer’s budget.