streamline physical identity and access management€¦ · by integrating identity access...
TRANSCRIPT
Streamline Physical Identity and Access ManagementQuantum Secure’s SAFE Software Suite automates key processes and empowers IT teams to implement, streamline and manage physical access
Table of ContentsIntroduction ............................................................................................... 3
Controlling Physical Access: Key Challenges .......................................... 4
Bridging IAM and PIAM ........................................................................... 5
The Need to Converge .............................................................................. 6
Quantum Secure SAFE: Next-Generation Security ............................... 7
Conclusion ................................................................................................. 9
IntroductionAs digital devices become critical to everyday business, they have also become an easy target for attack. In response, IT organizations worldwide are ramping up their “logical security” by implement-ing state-of-the-art authentication programs, developing stronger access controls and installing robust firewalls across their networks. But what about physical access to resources?
Traditionally, physical security measures—that is, building badges, employee biometrics and so on—have been outside the domain of IT. And yet, according to a recent Spiceworks survey1, most IT decision makers are now responsible for deploying and managing their organizations’ physical secu-rity systems. Employees, temporary workers, contractors, vendors, partners, service providers and visitors, all need access to assets, facilities and resources. But how much access is too much and possibly unsafe? How can IT pros holistically secure physical and logical access to critical resources?
Management of physical security systems has lagged behind other IT modernization efforts—resulting in a complex mix of tools and manual, inefficient processes. Yet, to ensure the highest level of security for important assets, organizations need an integrated approach to physical identity management and access control.
Quantum Secure’s SAFE Software Suite™ provides a single, fully interoperable and integrated physical security policy platform that can help IT pros manage security identities, compliance, and operations across multiple sites and systems. It simplifies the management of the entire security infrastructure by automating manual processes related to background checks, physical access privilege assignment/termination, visitor access control, and management of audit and compliance regulations.
In a recent Spiceworks survey, 60% of IT pros were responsible for deploying and managing their organizations’ physical security systems.1
4
$
Controlling Physical Access: Key ChallengesFor IT professionals charged with deploying their organization’s physical security infrastructure, managing access directly within physical access control systems (PACS) can be frustrating. Often, the access controls for disparate PACS are not integrated with logical security systems, making it neces-sary to manually manage identities and their physical access. What’s more, the enforcement of sec- urity policies is also manual, making it an inconsistent and error-prone process.
In fact, according to the Spiceworks survey, IT pros identified these top 5 challenges with deploying and managing physical security systems:1
Cost
Top 5 Challenges with Managing Physical Security Systems
Moreover, in addition to different teams managing physical and logical security, an organization’s HR department is also typically responsible for authenticating identities and performing background checks. In the absence of an automated, integrated approach, these teams often duplicate each other’s processes, leading to operations that are highly inefficient, while increasing the probability for errors and additional risks and liabilities.
Complexity Ease of deployment
Reliability Ease of managing access
Bridging IAM and PIAMBy integrating identity access management (IAM) and physical identity access management (PIAM) solutions, organizations can get a 360-degree view of identities. It gives them a way to bridge IAM into the physical world.
At a basic level, an IAM system automates lifecycle management of user roles, identities and access rights across the logical domain (IT applications and infrastructure) whereas a PIAM system auto-mates lifecycle management of identities and their access rights across the physical domain (physical security applications and infrastructure). PIAM solutions provide a unified approach, utilizing poli-cy-driven software to seamlessly manage the entire lifecycle of all types of physical identities. While there is a clear line of separation between the capabilities and functions of IAM and PIAM systems, in both cases, the end goal is the same: control access.
6
Advanced Integration of IAM and PIAM systems
IAM
IAM’s Connector
IAM Resource Center
IAM Resource Fulfillment
PIAM &Self-ServicePIAM Data Source Agent
PIAMDB Agent for Catalog
PIAM Data Source Agent
Network
Create/Update/TerminateUsers for Logical Access
ODBC/LDAP/XML
ODBC/JDBC
ODBC/JDBC
Generate DB View ListingIAM Resources as a Catalog
Provide Status Updates toPIAM Fulfillment Requests
Synchronize with IAM toCreate/Update/TerminateUsers for Physical Access
Synchronize IAM Catalogas DB View from IAM
Create/Update/ApprovalsVia Self-Service Portals
Setup/manage physical access
Manage operational taskssuch as urgent terminations and visitors
Synchronize with IAM to create/update/terminateusers for physical access
Create/update/self-service approvals of users and entitlements
1234
USERS:Physical Security Team Use PIAM to:
On-board/off-boardpersonnel requiring logicaland physical access
Managing personnel changes
Managing catalogof IAM resources
Fulfilling requests for IAM resources submitted by PIAM
1234
USERS:Business Users Use IAM For:
7
The Need to ConvergeFor IT professionals managing the organization’s security infrastructure, adopting a converged ap-proach means extending the IAM concept to automate physical access, audit reports and align facility badge-in/badge-out with the IT network. Using the converged approach, organizations can automate physical access for employees and vendors to corporate resources based on their business roles as defined in their IAM systems and/or their location as managed by the PIAM system.
From an IT perspective, this integrated approach can eliminate labor-intensive, costly and error-prone processes of manually managing personnel information and access privileges across silos of disparate multi-vendor, multi-location PACS.
Quantum Secure’s PIAM solution, SAFE Software Suite, is a web-based solution that allows organi-zations to manage the lifecycle of identities and their authorization for physical access. It is a highly scalable platform that automates key processes and simplifies control of all identities—employees, contractors, vendors, and visitors—across an organization to ensure each identity has the right access, to the right areas, for the right length of time. By adopting a unified approach for physical security management, SAFE seamlessly manages identities, their physical access, and their correlation with physical security events in a multi-stakeholder environment while providing real-time compliance.
8
Quantum Secure SAFE: Next-Generation SecurityQuantum Secure’s SAFE Software Suite represents the next generation of PIAM software. Designed to help IT professionals deploy and manage a more sustainable, secure environment, SAFE centralizes systems into a single policy-based platform that automates and simplifies physical identity and access management.
SAFE Software Suite provides a comprehensive range of functions for IT professionals to streamline the entire PIAM process, including:
Automated card holder administration and role-/location-based provisioning
Automated assignment of secure area stewardship to business owners
The ability to configure access groups/zones to business needs across facilities and physical access control systems
Automated metal keys administration and role-/location-based provisioning
Assured compliance with regulatory and environmental security requirements with real-time reporting
Quantum Secure’s SAFE software automatically adjusts permission levels for each identity through every type of change, including authority level changes, access system updates or new compliance regulations. SAFE makes integration invisible, working with existing security hardware and infrastruc-ture and creating a single web-based database.
By connecting physical security operations to IT infrastructure, users can quickly lower operational costs, improve compliance and lower overall risk. Businesses can use Quantum Secure’s SAFE software to manage identities enterprise-wide and streamline processes such as issuing ID badges, managing disparate databases, reporting across systems, adding new employees, responding to terminations, and assigning access privileges across multiple PAC systems.
9
Quantum Secure’s SAFE software is already powering leading private and public entities across the world, cutting the time, cost and effort of managing physical security, automating key processes and simplifying risk management of employees, vendors and other third-party identities across organi-zations. By connecting their physical security operations closely to their IT infrastructure through Quantum Secure SAFE software, IT pros are realizing the value of security convergence, lowering their overall risk and benefitting from sustainable cost savings. Some of the key features of the PIAM solu-tion include:
Automates PIAM Policies SAFE integrates with logical security systems to ensure synchronized and policy-based on/off-boarding of identities and their physical access across multiple and disparate phys-ical security systems. Its robust integration platform coupled with its unique policy and workflow automation engine manages critical rules across the infrastructure to enforce internal controls, reduce operational costs and corporate risks, and to automate compli-ance processes.
SAFE PIAM also includes pre-defined policies for completely automating the process of on-/off-boarding an identity from the organization’s authoritative data source along with its physical access into the PACS.
A Single Identity Organization-WideSAFE Physical Identity & Access Manager reconciles the identity information from various PACS systems and maps them to the centralized authoritative HR identity source such as a logical IAM, simultaneously detecting and removing ghost accounts—accounts in a PACS system comprising either blank cards with no assigned history or where the cardholders’ validity is terminated in the IT/HR systems.
Since SAFE Physical Identity & Access Manager links physical systems across the globe in real-time with corporate IT systems, it can instantly establish a single version of an iden-tity across all physical security systems, ensuring that ghost accounts are locked out and compliance requirements are quickly met. SAFE also provides actionable intelligence for risk mitigation and threat prevention through robust reporting and analytics.
Better ROIBy adopting Quantum Secure’s SAFE PIAM solution for managing physical security, orga-nizations achieve a better ROI by maintaining focus on their core competencies. Custom-ers will always have the power to hold Quantum Secure accountable for the progress and the quality of their work. At the same time, they can leverage Quantum Secure’s expertise and core competence in the physical security space. SAFE is designed in a way to find the issues in current processes and fix the cracks in the way your system works.
ConclusionIT professionals seeking to secure their business premises with a PIAM solution frequently grapple with the decision to build or buy the solution. In many cases, a commercial, off-the-shelf solution is better equipped to accommodate ever-changing security requirements. These solutions usually deliver better ROI over the long-term as they provide more robust features, greater reliability and scalability at a lower cost than maintaining an in-house solution.
Quantum Secure’s SAFE Software Suite is an ideal choice for effective, off-the-shelf PIAM. It enables busy IT pros to connect disparate physical security, IT and operational systems; automate manual security processes; and reduce both costs and risks. Quantum Secure’s SAFE is the leading solution for managing physical identities and provisioning access across physical security infrastructure. Organizations of all types, across Fortune 100, financial, government and real estate vertical markets, have turned their investment in SAFE into a strong and sustainable ROI.
Quantum Secure’s SAFE: Key Benefits
• Reduce operating costs by automating identity/access management
• Centralize physical access control of all identities across disparate PACS
• Minimize risks around manually enforcing provisioning policies
• Reduce delays in on-/off-boarding identities and their physical access in PACS
• Demonstrate compliance with security regulations such as Sarbanes-Oxley
• Gain useful analytics and reporting with regular updates
Learn More
Source:1 Spiceworks Voice of IT research panel of 128 IT decision-makers in the U.S., on behalf of Quantum Secure, October 2016.