The role of security is changing dramatically.  As technological capabilities have finally caught up with security theory, many organizations are now looking to bridge physical and logical access systems for unified enterprise security management, and as these companies are realizing the benefits of a converged solution, the industry is beginning to redefine the role of security.

Despite their common purpose, physical access and logical access technologies exist in parallel worlds.  Physical access technologies, such as building security systems and employee access cards, are controlled by the corporate security department.  Application passwords and firewalls are the domain of the IT department.  Each group’s respective networks, technology paths, and user interfaces are completely separate.

That situation is changing, however, as physical and logical security concerns mount and persistent issues such as inadequate security policy and enforcement continue.  Organizations are now asking why physical and logical security systems cannot work together to share data, strengthen each other and ultimately allow a more cost effective overall security solution.  Additionally, it is now possible for companies to successfully merge the two culturally and technologically disparate worlds of building access and network access with minimal disruption to current security investments. 

The concept of converging physical and logical access security is not new.  It has been around for some time, but historically, implementation has been a problem.  Because physical and logical security systems traditionally operated in totally independent worlds with no reason to interconnect, convergence has been thought of as costly and complex.  Various vendors have tried to solve this problem using approaches such as multifunction cards, pure identity management solutions and the consolidation of reporting systems.  For a variety of reasons, these efforts have proved costly and extremely time consuming to implement, coupled with major investments – all ingredients for failure.  However, an opportunity now exists for the worlds of physical and logical access security to come together at last. 

Although they come from separate disciplines, what these two areas have in common are that they both deal with identities and they have a need to enforce policy.  The term “security policy” used to mean different things to different people. For the facilities management department, it covers physical access points and teaching staff to lock all doors and windows before leaving for the night.  For the IT manager, it means keeping up to date with the latest patches and ensuring that users can only access the applications and data that they are allowed to.  This situation is changing with IT and physical security being managed together.