Before I start discussing the support solutions I had promised in my first post of this series, I want to talk about the responsibilities of operating today’s sophisticated security systems. With much power, comes much responsibility.
The intent of this series is to reduce anxiety, but it is important to understand that all of the amazing security technologies we have available to us today also bring risks of their own. While these solutions are valuable to address and mitigate specific risks, they must be implemented and managed so that new risks are not introduced to your organization.
When implementing new systems and technologies, there can be operational risk. Without proper planning and training, security staff can become distracted from their responsibilities in the commotion to figure out the new systems. Also, poorly implemented systems can create havoc when they interfere with business operations. There is also a potential for liability risk. Without proper policies, training and management, systems that are not utilized correctly can actually create more liability than if you didn’t have them. There are, of course, also technological risks. Since nearly all security systems are now connected through the corporate network, unintended risks may be realized in new vulnerabilities to your infrastructure. There have been too many examples in the last few years of network breaches to major companies that were achieved by exploiting a weakness in a building automation systems communication. My point in this blog entry is that effective systems’ operations begin well before any equipment is purchased and continues throughout its operational life.
For large organizations, the number one factor to help manage the unintended operational risks is to identify and empower personnel with that responsibility. It may be IT staff, a Security Production group, or an external resource, but someone needs to pay attention to systems health and operation. My personal recommendation for larger organizations is to have in-house Production staff. You can review my blog, Take Control: In-house Production Services for more information on that approach. Regardless of whether you develop in-house resources, or engage outside services, there are important solutions that can help monitor and manage your systems. We’ll start that conversation in my next posting.
After that, we will start looking at solutions that help manage the overall operation of your systems and the information they use. That is what I call the Security Systems Management Platform.
Click on the Blog HOME button to read the entire series.