What are the security challenges of the enterprise market?
17 Jan 2018
Enterprise customers provide a large, and very lucrative, business opportunity for the physical security market. These customers include big global companies with plenty of revenue to spend and employees and facilities to protect. As a group, enterprise customers also tend to be a demanding lot, requiring systems that are large, scalable, that can operate across a wide geographic area, and that provide top-notch system performance. Enterprise customers set the standards of performance for the entire market, and they challenge manufacturers to up their game. We asked this week’s Expert Panel Roundtable to reflect on the industry’s biggest customers: What are the security challenges of the enterprise market?
I’ll address five major security challenges of the enterprise market. The first one is cybersecurity, both in terms of vulnerabilities in general and in particular, susceptibilities of physical security infrastructure. Second, enterprise customers often have multiple locations in different geographies, so seamless integration of security operations could be challenging. Third, designing and deploying an enterprise-class security infrastructure needs significant IT expertise, which could be difficult if physical security personnel don’t have the necessary expertise and/or the IT department doesn’t have resources to allocate to physical security. Fourth, more so than in other markets, enterprise customers often have many stakeholders that need to come together to execute a successful security strategy, which is often a significant challenge, especially in organisations where such interdepartmental collaboration is limited. And last but certainly not least, obtaining the necessary budgets for enterprise security infrastructure and personnel is always a challenge.
The main security challenge that faces the enterprise market is the fact that individual locations, divisions and branches of large and/or global organisations each possess diverse needs when it comes to streamlining operations and overall safety. Enterprises demand elevated integration capabilities across multiple security, event management and human resources systems, and in the access control market, this requires manufacturers to provide systems that are easy to administer and manage to allow roles to be updated quickly and efficiently. Due to the elevation of cybersecurity threats, enterprises also need to ensure best practices for employees at all sites in keeping data safe, as one small mishap can lead to larger complications. Business continuity and risk management procedures must be maintained across the enterprise for day-to-day users of security technology and employees/visitors to ensure comprehensive preparation for a security incident or emergency.
Security leaders at enterprise organisations are responsible for protecting critical resources including intellectual property, personnel and assets from natural or manmade emergencies through video, access control and other solutions. Organisations are consistently affected by mergers and acquisitions, regulatory compliance mandates and system lifecycle transitions. Additionally, emerging cybersecurity and active shooter threats have pinpointed vulnerabilities that highlight potential operational flaws such as traveling employees and vendor site visits. Often the biggest hurdle for enterprise end-users is understanding that physical security standards on a national or global scale is more than just technology and product, it’s a programme and a process. To achieve a holistic view of disparate systems on a vast scale, enterprises should utilise an experienced integrator to develop a layered approach with a transition and scalability plan that expertly addresses change management and business continuity.
The challenges of the enterprise market haven’t really changed over the past several years. It is important for manufacturers to know and fully understand their customers. That is the only true way to be able to deliver a solution that works for the customer. It also provides valuable feedback that manufacturers can use to help improve and enhance their solutions.
Although the security industry has already embraced the idea that cybersecurity and physical security are merging into one, it is taking some quarters of the enterprise sector longer to fully grasp the concept. Security is crucially important for enterprise businesses, and it’s vital that the sector is fully briefed by us security professionals. A recent statistic from Morgan Stanley suggests that just a 10 percent cut in enterprise security breaches could save these businesses an impressive $17 billion a year. Commercial espionage is big business for criminal elements, and the threat needs to be crushed. Interactive buildings and security systems can make the threat even more acute if they are not properly planned and operated with prevention in mind. The Internet of Things is bringing this to the fore, so it is essential that enterprise organisations look very closely at the risks and what they need to do.
Enterprises are increasingly challenged by the growing number of Internet of Things devices deployed across their locations, including IP surveillance cameras that are connected to the corporate network. There are three key issues with this. First, streaming surveillance back to centralised servers for recording can negatively impact the network and force tradeoffs in video quality. Second, hackers can use exposed cameras or other IoT devices to launch cyberattacks. Third is ensuring that IoT devices are operating 24x7x365. In 2018, enterprises should seek solutions that can optimise the network with smart architectures. To mitigate cybersecurity threats, they must automate cybersecurity firewall and “hardening” of devices in a scalable way. Lastly, to ensure reliability and uptime of IoT devices as well as the video surveillance system, enterprises require the ability to monitor and view data analytics. These are all addressable but need proactive attention by enterprise security and IT leaders.
As office environments continue to change, location has quickly become a large obstacle for the enterprise market. For instance, the distance between employees, management and safety officials can delay essential communication during emergencies. Whether offices are spread out across different buildings, states or include remote workers, it’s critical to have immediate access to the location information of each employee in the event of an emergency. As remote workers and multi-office location expansions continue to increase in the enterprise market, executives must also increase their investment in both lone worker and onsite employee safety. Having multiple office locations can often hinder essential information from reaching employees simultaneously during an emergency, resulting in longer response times and expanding business downtime. Employee communication obstacles such as these can be mitigated through the use of modern technology. Tools like two-way communication devices help to manage ongoing incidents in real-time and increase the employee engagement.
The security challenges of the enterprise market are vast and a separate set of challenges than typical customers in the market. With large enterprises come more complexity and requirements for a security system; whether that be in the number of users, geographically disperse locations, or the management of high security products. In addition to the complexity and requirements, large enterprises are at a higher risk for breaches, hackers and other cyber and physical crimes. The combination of the complexity and higher risk require large systems that are fully integrated and can utilise the best and most reliable technology. As the market and technologies have expanded, the ability to manage and meet the needs of the enterprise market have become simpler and more cost effective. As the cloud, mobile and open technologies begin to take the security market to the next level, they have allowed the enterprise market to pick the best solutions and on a more reasonable budget.
The lack of industry capability in relation to cybersecurity and GDPR are undoubtedly two of the biggest challenges. The enterprise market is transitioning from “on-premise” solutions to cloud SaaS, and security manufacturers continually innovate with increasingly sophisticated solutions designed to leverage these new technologies. This rapidly-evolving IT landscape goes to the heart of the challenge: expertise in the design of physical security solutions is no longer enough, becoming experts in cybersecurity, GDPR and cloud SaaS are now fundamental requirements, but it’s essentially a completely new language. The industry is beginning to respond but it needs to do much more before we see the norm of security professionals fluent in both physical and information security. Training and recruitment working in partnership with industry associations and standards bodies will undoubtedly play a major role, I hope ultimately driving to the codification of these skills.
The enterprise market presents a long list of challenges to manufacturers and integrators in the physical security market, including cybersecurity, seamless integration across multiple locations and divisions, protection of critical assets, and a need for the most complex and effective systems. While meeting the needs of the enterprise market is an ongoing challenge, it also affords a lucrative opportunity for the security industry to deploy the best it has to offer.