In our previous blog post we discussed the value of data-driven automation, especially as it applies to physical security operations. We outlined how Vector Flow’s automation platform uses AI and machine learning to convert raw physical security data into intelligent insights and how those insights can be used in a security setting to reduce costs and deliver business results. You can read more on that here, but today we are diving deeper to discuss data-driven Physical Identity and Access Management (PIAM) and how you can use it to meet challenges within security operations and beyond.
Leveraging Your Existing Data for PIAM
One of the most important benefits of using Vector Flow and similar data-driven automation solutions is that the platform provides a 360° view of what is happening in all of your facilities through a single platform using the existing data you already have. To illustrate this kind of visibility, we can look at challenges related to traditional PIAM solutions and physical access as it is being used today.
At present, legacy PIAM solutions do not leverage data insights from existing systems, so they can take 1 to 3 years to deploy – causing headaches for enterprise organizations. Moreover, legacy PIAM utilizes batch processing techniques, thereby making decisions either too slowly, too often, or incorrectly, as they were not able to absorb identity/card/usage changes in real-time.
By leveraging AI-driven identity insights, organizations can analyze all PIAM data (i.e. badges, roles, access assignments, access usage, occupancy, vaccination status, etc.) from business systems. This can include employment status data from HR software, access history gathered from physical access control systems (PACS), and even data from systems such as Active Directory. Brought together, this data collectively provides enterprise-wide visibility to all identities and their physical access across the entire organization.
To mitigate these risks, data-driven automation can perform tasks such as badge suspensions based on a pre-defined mandate violation or cloned/badge sharing detection. This pushes actions directly back to the existing PACS with little to no intervention from personnel – thus saving time and resources.
Using Data-Driven PIAM to Identify Insider Threats
Insider threats are those individuals and identities present within an organization that pose a risk to security, physical or otherwise. This can be employees past or present as well as visitors and contractors. Insider threats are traditionally hard to spot because they often look just like everyone else. But insider threats who seek to sabotage or exploit an organization’s assets are not acting at random.
Before carrying out their attack, insider threats follow a pathway of planning or research and anomalous activities. They engage in troubling behavior that is observable as anomalies such as visiting a site at odd hours, accessing areas they have never visited, and attempting to enter restricted areas where they are not authorized, which may alarm co-workers or security personnel or go undetected.
Vector Flow effectively uses data driven PIAM and automation to detect, monitor, notify of, and take action against such insider threats. How?
First, the anomalous activities noted above are all recorded and buried in the PIAM data recorded by various business systems. Vector Flow brings the anomalies to the forefront using machine learning algorithms tuned to inspect various parameters like timestamp, location, door, address, device, transaction patterns, high-risk alarm codes, peer groups, etc. The system monitors for any deviation from an individual’s normal behavior that may be indicative of a threat.
Vector Flow also automatically detects poor data hygiene issues such as blank or null records, duplicate records, incorrect formats, wrong encoding, missing values, etc. When it comes time to remediate these issues, Vector Flow offers a standard set of procedures to remediate, and track successful mitigations from threats. This could mean revoking physical access and/or sending an email/text message asking for identity confirmation. This helps organizations proactively identify potential threats they cannot see today, without increasing work for already overloaded security teams.
Data-Driven PIAM Applications Beyond Security
Once you know the PIAM data you have, you can start to ask yourself what else you can automate. This could be simplifying existing processes or creating a new process that was too difficult to do manually but would be easy via data-driven automation. Now is the time to look around the office and work with other departments to look for opportunities for data gathering and usage.
In fact, there is a good possibility that the data needed to make better space planning decisions already exists and can be drawn from your existing physical security system! The Vector Flow platform has the capability of integrating with your existing physical security system and capturing valuable PIAM data relating to workspace occupancy and usage. Vector Flow’s software modules then perform deep mining to identify invisible access patterns, revealing specific facility usage and occupancy information for each space.
This data enables space planning teams to effectively track and forecast occupancy in whatever way provides the most actionable information. Think of it – leveraging an existing physical security system to provide occupancy and usage data is a win-win, and makes office utilization and workspace planning processes faster and less costly.
When it comes to costs savings specifically, consider the information gathered using data-driven automation and existing physical security systems in terms of occupancy usage. Post-pandemic, organizations are looking at flexible workspaces in particular as one way to accommodate the evolving needs of the workforce and address rising costs, but without the proper tools, space planning teams lack experience and understanding about how best to set up such spaces and plan for efficient operations. But armed with workplace insights and recommendations supplied by data-driven automation, property managers will be better armed to match office space to the needs of the organizations in terms of costs, identifying areas that may no longer be needed based on utilization.
Another significant solution further lending itself to improved cost-savings and efficiency is Vector Flow’s SOC Systems Health Dashboard, which automatically performs device configuration assessments which has proven to detect that at least 30% of physical security devices are wrongly configured, and about 5% of them require repairs. As the systems proactively identify failing devices, and identified the root cause remotely, the number of truck rolls and eliminating any overtime-related costs can be dramatically reduced. The topic of SOC automation will be discussed in-depth in the next blog, so stay tuned.
Until then, you can always contact us to learn more about data-driven PIAM. We have a team of experts who can help you walk you through the process of implementing data-driven PIAM.