Physical/IT Security Convergence:
What It Means, Why It's Needed, and How to Get There
Today's corporate security infrastructure is a patchwork. Most organizations maintain multiple, separate physical and IT security systems with no integration among them. This situation has become a growing liability as security concerns and the need to address privacy and regulatory compliance issues grow. At the same time, it prevents organizations from realizing an array of cost, control, and responsiveness benefits.
The Open Security Exchange (OSE) was formed to address these concerns and enable these benefits. The Open Security Exchange(SM) (OSE) is a not-for-profit association of security experts that provides a forum for end-users, manufacturers, integrators, consultants and allied organizations to mutually define opportunities for converging physical and IT security. Its goal is to help improve enterprise security through the collaborative development of reusable models, definitions, vendor-neutral interoperability specifications and best practice guidelines that accelerate the convergence of security systems.
This article discusses what convergence means for businesses, the business drivers for convergence, and the OSE's Convergence RoadmapSM to help organizations plan for and achieve convergence.
What is Convergence?
The OSE defines convergence asthe migration of physical and IT security towards common objectives, processes, and architectures.
Open Security Exchange
This migration includes:
Cost reduction/Revenue enhancement/Regulatory compliance
Improve asset/personnel protection
Improve operational efficiency of physical/IT security staff
Collaborative planning between physical/IT staff on security strategy
Identify/eliminate security gaps
Best practices and policies for converged security
Strategic, tactical and operational security modeling
Interoperability standards and policies for physical and IT systems
Combined credentials for physical and logical security
Physical/IT security convergence will enable vendor-neutral interoperability among diverse security components to support overall enterprise risk management needs. As physical and IT security merge, networked computer technology and associated applications will provide enterprises with increased operational efficiencies and intelligent security.