Main problem that CSOs (chief security officer) / companies are facing nowadays is given by the lack of awareness in what’s happening within their enterprise and remote security operations. A singular site could be somehow under control, but if has to manage multiple assets the problems escalate; almost zero awareness among remote locations, having no idea if security procedures are being followed, if there is any level of threats, if the security contractor is doing the job for which it is paid, if assets are safe. Most of the CSOs just get informed eventually by the security contractor, after an incident occurred, and has to physically go on site and try to get evidence from different sub-systems in the scope that maybe the CCTV system caught the reason and individuals that caused the incident. In addition, quite often it happens that the time is not synchronized between the security sub-systems, which cause more time spent on post-event investigation and evidence collection (if available) for being given to low-enforcement. It is worth to be mentioned about the loses (direct and indirect) generated by a security incident realizing that such a scenario could have been prevented or avoided if remote sites would have been monitored centrally in real time.
This white paper focuses upon the intelligent use of available technology and assumes that proper risk assessment was performed and security policies & procedures are already implemented. These two components are mandatory and represent the base in developing the technology architecture and requirements that shall match the operational requirements of each particular enterprise.
Step 1 – Establishing the Command & Control Room
In order to start central monitoring and managing your security operations, it shall be a priority to define and put bases of the command & control room / dispatch. The entity shall be owned and managed by the beneficiary. The operators though can be internals (recommended) or can be subcontractor’s personnel. The control room shall be sized based on the complexity of the enterprise’s assets and activity that need to be controlled. As biggest it is, more intelligent the technology shall be in order to efficiently manage the operations with lower dispatching personnel. Further changes in the human resources structure within the command & control room can be performed based on the events & alarms load.
Step 2 – Communication Infrastructure
Remotely monitoring and controlling geographically dispersed locations and assets require communication infrastructure. This means that each location shall be connected in the same network with the command & control room. This can be achieved by using different methods taking into consideration the necessary bandwidth, available connections (providers), information security policies, particularities of each location and so on. Once remote locations are in the same LAN it is just a matter of starting connecting the distant sub-systems. The entire architecture of security System shall be edge-to-core. Nevertheless, the control room shall be backed up by a data centre that will host the brain of the centralized solution.
Step 3 – Centralized Video Surveillance
Main step for centralized monitoring and management is to use a VMS (video management software) based solution. In each site, all cameras shall be connected to a NVR (network video recorder). The NVR can be either a box with embedded operating system (proprietary software) or can be a COTS (commercial off-the-shelf) machine with Windows OS and VMS instance installed. Remote NVRs shall be part of the centralized Video Management System. Therefore, centrally, each remote NVR is assimilated into core VMS, seen as remote site, but within the dispatch all remote sites are part of a unitary system. Thus, all cameras can be monitored and controlled by the operators without the need to separately access each location. There will be one GUI (graphical user interface) presenting all locations, all cameras or devices belonging to the surveillance system.
Step 4 – Centralized Access Control
Using the same architecture as video surveillance, each access control instance within a remote location shall be part of a centralized access control system. In order to achieve this, access control software application shall be used so that each location to be part of the same system and all remote controllers and readers to be seen as a unitary solution. Does not matter either is a physical controller or a software one as long as the access control software can monitor and manage all from the central server. In this way, all access control points can be centrally managed, applying access control rules and levels among the entire enterprise and making sure that a user badge works in any of the Enterprise location based on the associated access rights. In addition, access control can be consolidated by implementing an access management application on top allowing the full control of users, access zones, access levels, rights and permissions.
Step 5 – Interconnection of Sub-Systems
Video surveillance and access control are the only systems that can be self-centralized if they are software based. They can be interconnected at the central level (using software connection e.g. SDK/API) so that the video system to react on access control events or vice-versa. The rest of the sub-systems such as intrusion detection, motion sensors, fire detection and any other sub-systems on site cannot be self-centralized and depend on video management software, access control software or Integration Platform (e.g. PSIM). Interconnection between subsystems is mandatory to achieve centralized monitoring and management. It will allow reaction of video surveillance system to any event or alarm generated by access control, intrusion, fire detection and any other sensor that has a video camera in proximity. Having this interconnection, not only that all the subsystems will have a unique timing, but the operators from the control room are instantly notified upon these events and receive real-time images from the scene for visual confirmation. Interconnection between subsystems can be either at local level or centrally, depending on the systems, complexity and alarms load.
The Icing on the Cake
With these 5-steps presented already, centralized security operations can be achieved. One big move ahead has been done, from almost no control among remote locations and operations to centralized real time monitoring and understanding of what is happening within the enterprise. But more can be achieved, using Integration. The 5-Steps approach was already preparing your environment for this last step – integration – for an easier and cost effective one. Depending on the size and complexity of operations, the icing on the cake might not be necessary. Integration is shaped through a software application instance, fully independent of the sub-systems, and able to bi-bidirectionally communicate with them. This provides not only monitoring the systems, but also their management. Thus, the operators get events and alarms and can also send commands to remote sub-systems. In addition, complex filters and criteria can be applied in order to automatically determine the severity level of an event and generate a real alarm to operators. It allows full customization of how the system reacts depending on alarm type. SOPs (standard operating procedures) are embedded into the platform, so the correct response procedure is applied by the system that provides to operators full guidance for reaction and resolution of the alarms.Contact us to discuss how you can benefit from the tailored version of this 5-steps approach in order to get the highest value of investment that meet your security challenges and address your operational needs.