Over the past 18 months COVID-19 has brought unprecedented human and humanitarian challenges. Many organizations around the world have risen to the situation, acting swiftly to safeguard employees and migrate to a new way of working that even the most extreme business-continuity plans had not envisioned. This was uncharted territory for security professionals.

As organizations are now reopening and working through “Return to Work” challenges, organizations have instituted OSHA ETS1 mandating COVID vaccinations, mask wearing, the redesign of spaces to ensure physical distancing, etc.

With challenging times comes innovation. COVID has initiated a wave of digital transformation of physical security operations and amplified the need for frictionless access. As a result, there has been a major push for more automation and a need for the promise of safer and more efficient workplace operations. As automation finds its way into physical security’s tool bag, it becomes increasingly crucial for the infrastructure that delivers it to be automated as well.

Automating return to work, workforce identity and access management is making a dramatic impact in post COVID world. The results? Faster compliance, lower costs, and reduced risk.

Artificial intelligence (AI) based on machine learning (ML) is the ideal foundation for automating physical security-related workforce identity and access management. When AI is supplied with rich data representing all aspects of identity (including physical, logical, network access logs), it can streamline and automate intelligence across all Physical Identity & Access Management (PIAM) and Physical Access Audit use cases such as: access requests, access audits, enabling/disabling badges based on vaccination status, etc.

Instead of forcing employees or physical access area owners to manually correlate volumes of disparate data, AI-driven real-time analysis can proactively find access risks and supply recommendations for quicker decision-making. Unlike legacy PIAM that use rule-based hard-coded approaches, next-generation PIAM and AI algorithms are self-learning and can accurately identify abnormal physical access usage and excessive access privileges, providing confidence scoring that physical security teams can use to make actionable decisions.

One of the most important benefits of using Vector Flow’s AI-driven PIAM solutions is the ability to automate existing or new security processes. Vector Flow discovers, monitors, and improves physical access, enabling physical security operational processes to become adaptable. As an example, automation can initiate onboarding at home including photo capture from new hires (verifies new hire background is plain and bright, and there are no objects covering face) so their badge can be generated for pick up or mailed to home for activation (just like the way a new credit card arrives in the mail). Another example is risk remediation such as automatic badge suspensions based on COVID mandate violation or cloned/badge sharing detection. This pushes actions directly back to the existing Physical Access Control Solution (PACS).

In addition, automation paves the way to expedite audits. Leveraging AI, Vector Flow can automate approvals of low-risk, high-confidence personnel, or make recommendations to business managers. This greatly reduces the workload of business managers or physical access area owners who now only need to approve a small set of access requests in between annual or biennial physical access audit campaigns.

Vector Flow delivers the industry’s first AI-powered PIAM solution, harnessing automation to implement and enforce physical security policies. Vector Flow provides complete enterprise-wide visibility into the physical access landscape, utilizing AI transparently to provide insight, recommendations, and automated remediation. As a complementary solution to existing PACS, it helps organizations achieve regulatory compliance, mitigate risks, and reduce costs. Vector Flow uses AI techniques to collect and analyze all identity data from the business. It collects data from physical and logical access systems, and other relevant sources of data such as HR or Contractor Management to identify physical access and risk blind spots. This ensures a comprehensive, real-time view of identity across the entire organization.

Armed with every badge holder’s physical access usage and a thorough understanding of the reasoning behind each type of access, the Vector Flow solution looks at how closely the attributes of an identity with given physical access privileges match the attributes of other identities with the same access. The closer the match, the greater the confidence that a given identity is justified in being granted this specific physical access to a secure area such as a data center or this level of access (for e.g., 24×7). Vector Flow assigns a confidence level for each individual who is provided such access, determining what both good and bad access look like across the entire enterprise. Similarly, it can recommend relevant high-confidence access rights that have not yet been granted to employees.

Importantly, the solution does not replace existing PACS solutions. Instead, it coexists with these solutions to augment and maximize the business value of identity investments already made. This breakthrough approach helps CSOs or VP/Director of Security bring physical identity and access governance to a new, post-COVID era of automation, while maximizing previous investments and preserving budgets.

1 https://www.osha.gov/coronavirus/ets2

By: Vik Ghai, VP/CTO and Janette Evans, Director of Strategic Sales | December 21, 2021