AlertEnterprise Builds Case for Physical-Logical Security Convergence

| 0 Comments | 0 TrackBacks
JasvirWINSrsa09-thumb-240x240-7.jpgWhen it comes to physical and logical security solutions, what you don't know can very definitely hurt you. The concept that converged physical, logical and control access systems can uncover otherwise unknowable current and potential risks won Fremont, Calif.-based AlertEnterprise the "Most Innovative Company" award at the recently concluded RSA Conference 2009 in San Francisco.

What interested Security Squared about the win was not just the convergence angle, but the fact that the RSA Conference is very IT security oriented--yet AlertEnterprise plays not just in the IT space but in a very physical world of buildings, warehouses and assets. It's another example of IT-oriented vendors driving physical and logical convergence from their perspective. For AlertEnterprise founder and CEO Jasvir Gill (pictured above), his view is that the security convergence story hasn't yet been compelling enough.

"Convergence for the last few years hasn't resonated with a lot of companies," said Gill in an interview with Security Squared on April 30. "The reason is integrating IT and physical access is not good enough."

 He said companies are looking for productivity and business gains but simply tying together physical and logical technologies doesn't necessarily accomplish that. "Unless you are doing risk analysis across all these environments, people really don't see the value," Gill said.

Convergence Across Silos

That's where AlertEnterprise comes in. The company bridges the gaps among IT access, physical access and control system access to identify blended threats that are "otherwise impossible to find," said Gill. One example he offers is of someone who uses her legitimate physical access credentials to enter a warehouse and remove valuable goods--and then uses her authorized access to an Enterprise Resource Planning (ERP) system to hide the theft by making inventory and accounting adjustments.

Each access, taken separately, appears innocuous; it's the two in proximity that raise questions--and risk.

Multiple physical and logical identities and roles and risks embedded in silos of applications have made it difficult to correlate actions to pinpoint risk or security breaches, said Gill. Further, the process of credentialing most enterprise employees lacks compliance. "There's no converged identity and access management," he said.

Streamlining identity and risk management

AlertEnterprise's value, said Gill, is that its solution automates risk identification and mitigation across those silos. It starts with user provisioning: When human resources creates a personnel record, the AlertEnterprise system uses the person's position to automatically propose what kind of access that person should have to the network, software applications, buildings, warehouses, and physical assets, from laptops to forklifts. It also automatically checks the person's background.

"Our unique differentiator is before I get any access, the system automates risk analysis," said Gill. It looks across the permissions and systems and then shows the administrator the risks associated with them. Then it will offer ideas for mitigation controls that align with the permissions, such as automatic notifications if the person enters a specific warehouse after hours.

The risk patterns and rules AlertEnterprise draws on to automate the risk analysis and alerts come from work done by large business consulting firms, such as KPMG and Deloitte, on identifying common frauds perpetrated in various vertical industries and the best practices associated with mitigating them.

"Then we sort of think like an evil person," said Gill, to anticipate other ways in which someone might do damage to the enterprise.

 Almost any action can be linked to an alert, from personnel matters such as someone denied a promotion or financial bonus to operations activities, such as a missed step on scheduled equipment or plant maintenance or an error in a routine, daily procedure.

"Examining the alerts in totality, the system can correlate the yellow alerts and turn them to red" as necessary, said Gill.

C-Level Acceptance

To correlate the alerts across an enterprise regardless of application or location, AlertEnterprise connects with many disparate business systems. It also communicates with physical security systems and their components, such as linking to surveillance cameras when prompted by specific alerts or incidents. The company claims particular strength in integrating with enterprise applications, given that Gill's first start-up was Virsa, later acquired by SAP and incorporated into GRC, its application level security solution.

Virsa's offering was Fortune 1000-level compliance software. From that work, Gill came to know the C-level view of risk and compliance in large enterprises, holding user groups with CSOs, CIOs, CISOs, risk managers and compliance officers. It's these C-level titles that respond most enthusiastically to the AlertEnterprise solution, said Gill.

They are particularly receptive about building risk analysis into daily processes so that it's as automatic as possible, letting them focus on core business issues, he said. "They want all of this risk management, identity management, access management, compliance, happening automatically. They feel that should be part of the process," Gill said.

By contrast, IT and physical security professionals often have a mixed response to AlertEnterprise, he said, apparently because the scope of the solution goes beyond the bounds of what they perceive as their territory. Yet being able to analyze and correlate risk across physical and logical systems can help both IT and physical security professionals demonstrate to business end users how and why some authorizations and activities create risk.

"We've made it very intuitive," said Gill of the way AlertEnterprise visually maps relationships and risks. That means business professionals no longer have to take IT or physical security's word that some action will cause a problem, but can actually see for themselves how the risk is created.

At least one risk management executive found the picture of risk in her enterprise powerful enough to bring AlertEnterprise's solutions to the attention of her company's IT security staff. "She was sorting of fighting with her IT security guys to give us access," said Gill.
 # # #


 Query: How well is your enterprise able to correlate potential risks among and between physical, logical and infrastructure control systems? Who is ultimately responsible for identifying and mitigating correlated risks?


 

 

JasvirWINSrsa09-thumb-240x240-7.jpgWhen it comes to physical and logical security solutions, what you don't know can very definitely hurt you. The concept that converged physical, logical and control access systems can uncover otherwise unknowable current and potential risks won Fremont, Calif.-based AlertEnterprise the "Most Innovative Company" award at the recently concluded RSA Conference 2009 in San Francisco.

What interested Security Squared about the win was not just the convergence angle, but the fact that the RSA Conference is very IT security oriented--yet AlertEnterprise plays not just in the IT space but in a very physical world of buildings, warehouses and assets. It's another example of IT-oriented vendors driving physical and logical convergence from their perspective. For AlertEnterprise founder and CEO Jasvir Gill (pictured above), his view is that the security convergence story hasn't yet been compelling enough.

"Convergence for the last few years hasn't resonated with a lot of companies," said Gill in an interview with Security Squared on April 30. "The reason is integrating IT and physical access is not good enough."

 He said companies are looking for productivity and business gains but simply tying together physical and logical technologies doesn't necessarily accomplish that. "Unless you are doing risk analysis across all these environments, people really don't see the value," Gill said.

Convergence Across Silos

That's where AlertEnterprise comes in. The company bridges the gaps among IT access, physical access and control system access to identify blended threats that are "otherwise impossible to find," said Gill. One example he offers is of someone who uses her legitimate physical access credentials to enter a warehouse and remove valuable goods--and then uses her authorized access to an Enterprise Resource Planning (ERP) system to hide the theft by making inventory and accounting adjustments.

Each access, taken separately, appears innocuous; it's the two in proximity that raise questions--and risk.

Multiple physical and logical identities and roles and risks embedded in silos of applications have made it difficult to correlate actions to pinpoint risk or security breaches, said Gill. Further, the process of credentialing most enterprise employees lacks compliance. "There's no converged identity and access management," he said.

Streamlining identity and risk management

AlertEnterprise's value, said Gill, is that its solution automates risk identification and mitigation across those silos. It starts with user provisioning: When human resources creates a personnel record, the AlertEnterprise system uses the person's position to automatically propose what kind of access that person should have to the network, software applications, buildings, warehouses, and physical assets, from laptops to forklifts. It also automatically checks the person's background.

"Our unique differentiator is before I get any access, the system automates risk analysis," said Gill. It looks across the permissions and systems and then shows the administrator the risks associated with them. Then it will offer ideas for mitigation controls that align with the permissions, such as automatic notifications if the person enters a specific warehouse after hours.

The risk patterns and rules AlertEnterprise draws on to automate the risk analysis and alerts come from work done by large business consulting firms, such as KPMG and Deloitte, on identifying common frauds perpetrated in various vertical industries and the best practices associated with mitigating them.

"Then we sort of think like an evil person," said Gill, to anticipate other ways in which someone might do damage to the enterprise.

 Almost any action can be linked to an alert, from personnel matters such as someone denied a promotion or financial bonus to operations activities, such as a missed step on scheduled equipment or plant maintenance or an error in a routine, daily procedure.

"Examining the alerts in totality, the system can correlate the yellow alerts and turn them to red" as necessary, said Gill.

C-Level Acceptance

To correlate the alerts across an enterprise regardless of application or location, AlertEnterprise connects with many disparate business systems. It also communicates with physical security systems and their components, such as linking to surveillance cameras when prompted by specific alerts or incidents. The company claims particular strength in integrating with enterprise applications, given that Gill's first start-up was Virsa, later acquired by SAP and incorporated into GRC, its application level security solution.

Virsa's offering was Fortune 1000-level compliance software. From that work, Gill came to know the C-level view of risk and compliance in large enterprises, holding user groups with CSOs, CIOs, CISOs, risk managers and compliance officers. It's these C-level titles that respond most enthusiastically to the AlertEnterprise solution, said Gill.

They are particularly receptive about building risk analysis into daily processes so that it's as automatic as possible, letting them focus on core business issues, he said. "They want all of this risk management, identity management, access management, compliance, happening automatically. They feel that should be part of the process," Gill said.

By contrast, IT and physical security professionals often have a mixed response to AlertEnterprise, he said, apparently because the scope of the solution goes beyond the bounds of what they perceive as their territory. Yet being able to analyze and correlate risk across physical and logical systems can help both IT and physical security professionals demonstrate to business end users how and why some authorizations and activities create risk.

"We've made it very intuitive," said Gill of the way AlertEnterprise visually maps relationships and risks. That means business professionals no longer have to take IT or physical security's word that some action will cause a problem, but can actually see for themselves how the risk is created.

At least one risk management executive found the picture of risk in her enterprise powerful enough to bring AlertEnterprise's solutions to the attention of her company's IT security staff. "She was sorting of fighting with her IT security guys to give us access," said Gill.
 # # #


 Query: How well is your enterprise able to correlate potential risks among and between physical, logical and infrastructure control systems? Who is ultimately responsible for identifying and mitigating correlated risks?


 

 

No TrackBacks

TrackBack URL: http://www.securitysquared.com/cgi-bin/mt/mt-tb.cgi/35

Leave a comment