Convergence of Physical and Information Security - Research Paper Example

?Convergence of Physical and Information Security: Table of content: Introduction: Existing Scenario: Keywords: Objectives: The X- Factor- Technology: Defining each concept: Present Scenario: Risk Management Techniques: The downside: Cyber Crimes: Recent Developments: Surveys and Findings: Debate of Partial to Holistic implementation: Manner of Integration: The Need: Synergetic concept: The salient and potential advantages: Conclusion: References: Introduction: The modern digital world is driven by information technology. This comes along with various conditions and pre requisites (Purpura 2011, 161); security concern is one of the most concerning one with regard to its usage and applicability. This factor becomes more prominent in cases when large scaled organizations are involved and cooperation is required with regard to the safe operations. Existing scenario: With lack of support, knowledge, tools techniques, expertise and research work, the two mediums are being kept apart from one another and the physical layer of security operates in a totally different sphere than the information security layer. This leads to double work and double protective working towards the protection of the overall network and infrastructure. The field of information technology is at its best with regard to the services providing over security matters. State of the art means and mechanism is present that allows for proper scrutiny and monitoring of the physical assets through various means. Banks, government organizations, data centers, educational institutes all are in the domain and spectrum of the potential convergence trend and each of them can possibly find many advantages. Detailed study and investigation would allow for better understanding, however accepting it in the first phase is vital to see and extract the maximum possible advantages from the Keywords: Convergence, synergetic effect, considerations, benefits. Security factors. The X Factor-Technology: The presence, dominance and success of technology cannot be ruled out nor denied and it has changed the overall outlook of various functions and tasks that were being conducted in past, the organizational activities are no exception to that and they have undergone massive changes and have become direct subject and dependence to the technology. In such scenarios the physical security is largely in need of technology in order to make the overall network of organizations more secure, less cumbersome and more reliable at the same time leading to more customers satisfaction and ultimately more gains and productivity. Objectives: The objectives of this paper are to look into the overall trend in the surroundings, the challenges faced, the possible solutions in form of convergence, the benefits of convergence, the conditions that must be taken into account in parallel and finally the conclusion and recommendation supported by the ground research that has been conducted in recent times with regard to the affectivity of the convergence. Defining each concept: Before going into the details, knowing the nature of job and work being performed under the umbrella of each. The physical security sector entails the on ground work such as the legal actions, preparation of the rules and regulations, the defining of needs, the tasks assignment, groups’ development, apparatus devising, policies envisioning and most importantly establishing a particular unit such as risk management one which is being implemented in major organizations in present day. The information system related technologies include the hiring of the experts, the technology to be implemented, the compatibility factor and numerous other similar events and conditions. Surveillance over the organizations, the lockers, the secret vaults, the daily activities, the daily customers who make to the organizations and banks in some cases would be monitored through these devices and would make it easy to keep a record of the overall activity and the man factor which can be cause of turbulence. In the case of technological installation, routers can be installed along with firewalls for the purpose of protecting the data and information and only allowing access to the authorized members with in the network. several antivirus softwares, along with various components such as security monitoring systems can be installed for the purpose of making the overall organizational outfit a secure one and less prone to the challenges in form of breaches and physical attacks (Roebuck 2011). The concept of convergence is not just limited to the security aspect, rather it is a broad concept and term and it entails factors like the productivity, the benefit to the clients, the workers and personnel involved, ease of work, the stakeholders, the speed with which tasks are being performed, and various other factors that are not just valuable and important with regard to the security rather a totally modified and enhanced technology equipped and embraced infrastructure. Familiarity factor: Introducing the familiarity such as the possible benefits that may be extracted in terms of the work, the monetary aspect and other comforts must be done so in order to make the trend more sought after and successful. Removing the myths and the possible hurdles that stand in the way and minds of individuals and organizations is one of the step towards it which would help smooth transfer from the physical domain to the virtual and information system enabled domain. Present scenario: At present very few organizations and enterprises can be enrolled into the ranks of having fully adopted and implemented the converged models spectrum with both physical and information systems enabled security network. Complete implementation may take a little while as the trend is still in its infancy, and more than the practical work, the realization and potential benefits must be conveyed to the stakeholders in order to make it a success and easy to comprehend and install in the local environments. Risk management techniques and strategies: The concept of risk management is on the rise and numerous organizations have established separate units within to look into the potential loopholes, areas of concern and various other dimensions which can serve as a threat in longer or short term. The integration of both the mediums is one of the most debated and suggested idea in the overall concept and consensus of the risk management units that are being established in recent times. The downside: The downside is faced in form of the extra costs with regard to maintenance, equipment support, man power control and facilitation and various other entities and variables which can be otherwise saved and can help the organization spending the time and financial services in other zones. The potential challenges faced could be in terms of the level of familiarity and the possible misuse of the given technology, the lack of familiarity, the existence of the malware in the surroundings, online pilferages and many more similar events and accounts that may be due to the usage of online and information technology enabled devices and softwares. Potential rift with regard to the level of control and command over various resources could be the possible factor that must be taken into account and can possible show up in case of the converged environmental framework. Cyber Crimes: A menace exists in form of cyber crime that makes up for billions of dollars loss every year, and the possible integration would mean introduction of the cyber crime domain. This area must be thoroughly worked out and investigated in order to eliminate the potential pitfalls that may come along in form of cyber crimes. Attacking the physical infrastructure through the means of information technology enabled network could be one of the most easiest tasks, thereby this is one of the major downside and challenge that must be met with proper homework and research in order to the intended convergence an overall success. Recent developments: A gradual inclination and feel has established and developed over period of time and this has led to the exploration of convergence between the two domains for the purpose of better working and less hassle in the overall atmosphere of organizational operations. Surveys and findings: In recent times, vigorous research has been conducted with regard to the potential convergence and efforts towards knowing the people’s response and organizational inclination, according to one of the study and finding, (Richardson, 2012) over 300 enterprises were being surveyed and questioned with regard to the their decision making in longer run about the convergence, much to the surprise a totally split response was recorded and as much as over fifty percent of the surveyed organizations reported in negative for the present status and the possible future embracing of the technology in their physical existence. Other surveys conducted have shown that less than 10 percent of the organizations stand fully equipped or fully prepared towards a migration step towards the converged phenomena, and this fact stretches back to no later than late 2012. Findings from other research and survey showed some positive trends and according to them, over 60 to 70 percent members acknowledged the fact that the potential implementation and introduction of the converged model designs would lead to better working and overall better output in longer run with no or little vulnerabilities with regard to the security of respective organizations that have long been target of all kinds of attacks (http://www.securitydirectornews.com/commercial-and-enterprise/two-surveys-expose-clashing-opinions-physical-and-logical-security). A fluctuating trend has been exhibited and observed through the surveys and the possible reason termed for it is the adaptability to change and possible lack of interest with regard to overall new setup and new integrated configuration which would include new trainings, new devices, and overall new working routines and procedures. Debate of partial to holistic adoption: A prevailing trend has been that of the change in a complete manner or mere change of some aspects and introduction of few elements. These elements in the latter case are more so related to the security aspect and the few factors which may not require overall hauling. The second trend is that of overall change and complete computerization and digital interface adoption. The first case is prominent in scenarios and places where the trend towards change is a little stiff and is being resisted, while in the former case, the holistic approach is being advocated, and in parallel welcomed in those segments who are considerably flexible towards the new trends and the potential changes that might be needed to be implemented in parallel. Manners of integration: The manner of integration requires detailed investigation of the both domains and parallel comparison of each with regard to its affectivity and parallel compatibility. In simple words it is the usage of the technology and digital devices for protection and support of the physical network. The physical network can be in form of the private records, cash and valuables, clients information and data, and other numerous resources which can be used against the organization in cases of breaches and compromise in security and services. Use of softwares, installation of application programs and scanners and other monitoring systems at the terminal points are few of the examples and forms in which the information technology and digital devices can be used and implemented for the purpose of physical data and content protection within the organizations and outside as well. The need: A clear gulf exists between the two and many established organizations are still considerably away from acquiring this combo and implementing it to the benefit of overall organization. This is so because of the aforementioned factors and conditions those exist in the practical field. Assessment would require the scrutiny and investigation with regard to the affordability of the technology, the impact over processes and overall output of the organizations, in case of no or little dividends the overall concept would stand little ground in terms of its implementation and a step in form of migration towards it. Further factors that need to be addressed are the highlighting of the commonalities between the two trends and components at the same time out marking the factors that are in total contrast and may not be of any value to the combined effect of convergence. On technical and practical front, the need is relevant to the overall change in the approach, the architecture and infrastructures, the trainings and guidance, and overall aptitude which would take some time, although all would bring about more easy and comfort yet new concepts, and new technology is bound to take time before it totally settles in and allows for adjustment in the mindset of the personnel who are involved in the manual and physical functions generations after generations. Other needs fulfillment include the factor of hiring of technical staff and expertise pertinent to the use of information technology and other digital devices and equipment which may include the usage in form of security protection as well as the general usage over the digital devices. Synergetic concept: The integration would lead to a synergetic concept and deliverance with overcoming the short comings and highlighting and capitalizing on the potentials that are being possessed by the organizations at each end thereby making overall life easy, productive and less vulnerable to the obstacles that are being faced otherwise. The salient and potential advantages: The potential advantages that can be served through this integration are multi fold. This has been tested and evaluated through various studies, research and implementation on small to medium scale in various organizations for the purpose of determining he benefits and the advantages not only to the organization, but the stakeholders and the members and personnel involved in the working. Cost reduction is one of the most front line factor and advantages being tagged and pinned towards the integration concept. This is followed by the concept and potential factor of the security, since massive scams and scandals have come to forth in recent times due to lack of established information technology enabled network and systems that would allow protection and security in a large and successful manner. The communication Factor: Communication is another factor which would benefit from the digital convergence, with everything being done and conducted through the state of the art means of communication, this adherence to it would allow for quick actions and quick responses, one prime example is the use of video conferencing and calls which has already been in practice and usage and has changed the pattern of physical meetings which would otherwise need a lot of time and resources going physically to a specific destined point. Rapid transmissions, multiple channels capacity and multiple users and clients entertainment are few of the gifts that can be extracted only through the technology and communication. Authorization of actions and steps are two most salient features and advantages provided by the integrative intent, it would allow for balanced operations and check over every step and would minimize the possible attempts of reaching to the most protective information and material possessed by the organizations which can be either the customers assets or the organization’s self resources and abuse of it would lead to massive destructions and damages. Other advantages associated include less hassle, more mechanized and automated working and less reliance and need of physical work, which in other words mean less chances of error and more accuracy since machine provides accurate operations and reduced chances of error that are likely in case of manual and human operations. Collaborative work: A joint venture between the two can allow for not only working to the advantages but also eliminating the potential loop holes and the weaknesses that may exist in each of the medium, such as the one of online spamming and email retrieving in the information technology enabled medium, while in the case of latter, protection via online monitoring. Relationship establishment: Creation of relationship between the two factors can allow for ease of transfer from manual operations to the automated and thereby possibly make the overall concept a success and beneficial for the overall stakeholders involved. This relationship can be established by chalking out the areas of interest, commonality and areas of differences and the potential aptitude of individuals towards the migration. Other relationship establishment factors may include the factors such as determination of whether a giant step should be taken with regard to its implementation or incremental steps may be taken which would allow for adjustment and smooth transfer from one medium to another. Conclusion: The prevailing trend is for convergence and recent results from the surveys conducted have shown the incumbent organizations inclination towards the convergence and immediate installation of the given infrastructure. The fruit can be tasted and understood only after truly and fully implementing it. The overall concept still seems to be in its infancy, yet the positives outsmart and beat the negatives and potential threats and every new technology and trend in a given scenario and environment is packed with challenges and obstacles, overcoming them and making it a success is reliant of the users and practicing members in form of the organizations, thereby the convergence concept is bound to stay around and is a trend of future which will not only ripen up with time but also provide many benefits ot the members and organizations that implement them full scale. References: Purpura, P. P. (2011). Security: An Introduction. CRC Press. Richardson, W. (2012, January 18). Two surveys expose clashing opinions on physical and logical security convergence. Retrieved from securitydirectornews: Roebuck, K. (2011). Physical and It Security Convergence: High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors. Emereo Pty Limited. Read More