The proliferation of IoT devices now deployed across the enterprise in virtually every organization and business category is estimated to exceed over 43 billion devices by the end of 2023. Each of these devices is a potential source of valuable data that was previously not available until just a few years ago for physical security and business intelligence operations. Much of this data is generated by physical security systems such as Video Management Systems (VMS), and most notably Physical Access Control Systems (PACS). The challenge is harnessing this data so it can be used for actionable intelligence.

Legacy Physical Identity and Access Management (PIAM) solutions were developed to fill this void, providing a new data-driven approach to physical security and business intelligence. However, conventional PIAM solutions simply don’t have the processing power and innate intelligence to fulfill the demands for true digital transformation. Legacy PIAM solutions employ hard-coded rules and rigid structures that cannot adapt to rapidly changing roles, responsibilities and organizational needs. This is especially true when considering today’s trend towards purpose-based access in hybrid work environments which require a more dynamic and proactive approach.

Modern PIAM 2.0 solutions leverage the vast quantity of unstructured data to create intelligent AI models that strengthen the overall security and business intelligence capabilities of an enterprise while reducing operational costs. The extensive amount of data gleaned from PACS and other IoT sources adds tremendous economic value for both end users and systems integrators by enabling data mining for a multitude of operations. Providing “Data as a Service” provides a way for systems integrators to generate new streams of revenue, while end users proactively reduce exposure to risks and liabilities while leveraging new sources of business intelligence to improve operational efficiencies.Learn how to gain complete visibility across your workplace portfolio >

Many large organizations are struggling to manage workers’ access to different doors at different locations. This represents the shift of traditional regular office access to purpose-based access in hybrid and remote work models. This shift demands that PIAM 2.0 solutions provide data that can be used for better office planning, occupancy rules and environmental resource allocation, and the accommodation of wide-ranging hybrid workforce access routines. PIAM 2.0 enables individual levels of historical and real-time data analysis with predictive capability to ensure office workspaces are being used most constantly optimized in such environments. This helps organizations reduce costs and increase utilization of the space they have.

PIAM 2.0 employs purpose-built AI and ML algorithms to detect anomalies and potential security breaches, and does not rely on hard-coded business rules and rigid structure as is the case of legacy PIAM offerings. It relies on data and dynamic rules to manage access. By correlating data streams from badge access, video, IT, and other various networked systems, organizations can proactively detect and thwart potential threats. With the ultimate goal of all security operations being the ability to protect people, property and assets, PIAM 2.0 delivers real-time intelligence, eliminating the latency in detecting, reporting and analyzing activities from legacy PACS and PIAM solutions. PIAM 2.0 manages the rules associated with every worker’s profile and attributes, delivering frictionless and predictive management of access permissions and the inherent risks associated with this process.

Additionally, PIAM 2.0 allows organizations to autonomously manage every identity over their entire lifecycle across the enterprise. This includes gaining key insights into potential risks through the automation of tasks related to onboarding and offboarding. In this way, PIAM 2.0 takes the pressure off administrators and allows them to focus on more mission-critical assignments.

By monitoring for deviations from an individual’s normal behavior, PIAM solutions alert security teams promptly so they can initiate appropriate remedial action. These advanced systems significantly improve visibility and understanding of potential insider threats, helping organizations to prevent unauthorized access attempts than with legacy PACS alone more effectively. With PIAM 2.0, organizations effectively eliminate the need for siloed systems managing isolated pain points, thus achieving a more efficient and effective access management approach.

In an industry hit hard by recent staffing shortages and rising labor costs, hospitals and healthcare providers are turning to temporary and contracted workers. These types of workers provide flexibility in managing workforce needs, allowing businesses to scale up or down based on demand. However, they also introduce the risk of security/access violations and may even require various types of access based on their current work assignments.

Healthcare facilities are also unique in that they are highly regulated, yet public places. Hundreds, potentially thousands, of employees, patients, contracted workers, and visitors are coming and going from the facility each day. Managing access for each of these identities manually is both time-inefficient and practically impossible based on the sheer volume of identities. Allocating more staff to address access provisioning and visitor management is not possible given the aforementioned labor challenges, creating a security issue if left unaddressed. PIAM 2.0 solutions address these concerns with ease, using software instead of people to keep hospital operations running as safely and efficiently as possible. By providing a holistic view of all identities across all potential healthcare campuses, modern PIAM 2.0 solutions allow administrators to manage their entire third-party staff from a single-pane dashboard, consolidating insights and ensuring policies are consistently and accurately enforced.

PIAM 2.0 also makes it possible to implement automated contractor requirements, including automated badge application review and approval processes, automatic termination of physical access immediately upon expiration of pre-requisite criteria, or a secure application process that collects all pre-requisites (training confirmations, identity documents, background checks, etc.) required to confirm work assignment eligibility. In this way, many of the headaches associated with contractor management are effectively eliminated.

Achieving regulatory compliance is also imperative for many of today’s largest healthcare enterprises. To confirm compliance and avoid infractions, automated PIAM 2.0 solutions can be deployed to continuously check actual operational data against policies and historical data patterns. In essence, this approach can be described as a “continual audit”, automatically enforcing and proving compliance to keep any operation audit ready at all times. Management can easily review access sorted by person, by area, by approver, or any other relevant factor to answer urgent needs. These capabilities extend to all industries that are subject to regulations including FAA, CCPA, FISMA, GDPR, HIPAA, and more to help ensure 100% security compliance across all facilities and avert costly infractions. See solutions for healthcare here >

In the highly regulated banking and finance industry, security and compliance are top priorities but need to be implemented while also maintaining the most positive customer experience possible. Perhaps the biggest single threat to such institutions results from insider threats – premeditated or unintentional due to lax enforcement of operating procedures and processes. All the preemptive and proactive security benefits previously cited for healthcare facilities apply to banking and finance with the added ability for PIAM 2.0 solutions to transcend traditional physical security to provide actionable business intelligence across the enterprise. This is only possible by harnessing, aggregating and standardizing data from PACS and other IoT sources across the enterprise, while effectively simplifying processes and providing a positive user experience.

Insider threats at banking and finance institutions can take on many forms factors ranging from the CEO’s office to cleaning personnel. PIAM 2.0 treats all threats from all sources with the same priority, helping sustain security and safety across the entire workforce. There are numerous instances of renowned banking and financial institutions worldwide with complex physical and cyber security measures in place either losing or being fined millions and millions of dollars for leaking customer data, often through employee negligence. Although such employee negligence represents a typical form of an unintended insider threat, the loss of revenue and customer confidence remains equally devastating when compared to even the most severe form of externally generated cyber-attack.

In any event, no banking or financial institution wants to be put in this position. To help prevent insider threats, PIAM 2.0 provides an automated, preventative solution to help identify and prevent insider threats. The truth of the matter is that many high-profile cyber-attacks result from an individual gaining direct physical access to a server, through access phishing attempts to employees (including CEOs), or by gaining unauthorized network access by compromising a physical security device connected to the IP network.

Detecting such activities has been a longstanding challenge with traditional PACS and related security solutions that are limited in their ability to monitor potentially threatening activities. Examples include sharing or replicating physical access credentials; tailgating and piggybacking to gain entry to facilities and secured areas like data centers; policing and preventing unauthorized remote access requests; flagging frequent unauthorized access denials; and numerous other basic activities that indicate something is amiss. For far too long security professionals have relied on legacy, non-standardized systems in an attempt to manually uncover such activities. These costly and time-consuming tasks have only resulted in poor visibility or undetected anomalies that pose real long-term threats to organizations.

With the right tools in place, banking and financial institutions can monitor their entire IT ecosystem, including physical security networks, to scan for data breaches or insider threat behavior that would otherwise go undetected. While organizations want to proactively identify insider threats, knowing what to look for and where presents a significant challenge when dealing with such vast amounts of data. Modern PIAM 2.0 solutions employ advanced AI and machine learning to autonomously analyze and correlate myriad sources of data from system logs, batch data, and physical security

and access systems to uncover anomalies and abnormalities in real-time that pose potential threats. PIAM 2.0 solutions quickly spot risky identities, sites, IoT edge devices, doors, etc. across the entire enterprise to discover suspicious access anomalies that pose as insider threats, effectively alleviating risks and liabilities to your organization.

Implementing a zero-trust model is also a critical step for banking and financial institutions to minimize the risk profile of any organization or facility. The premise of zero trust is that no identity, end-point device, node or other element is to be trusted by default. Rather, every user, device, application/workload, and data flow must be continually validated using multi-factor authentication before access or other system responses are allowed, even if they have been trusted in the past. As the cybersecurity and physical security worlds continue to converge, it has become critically important to apply the same zero trust principles to traditional physical security and surveillance systems.

The job of implementing and enforcing a zero-trust model for physical-cyber security requires a number of policies and practices to be put in place. This begins with the deployment of a modern PIAM 2.0 solution that provides the data and metrics required to monitor individual activities and events across the enterprise. A modern, automated PIAM 2.0 solution provides enables the ability to:

• Identify and prioritize risky users and access processes that pose a threat
• Establish identity assurance through a strong multi-factor authentication architecture
• Track behaviors of known risky identities
• Limit lateral movement within a facility
• Enforce least privilege at every access point
• Discover misconfigured security access policies to maintain continuous compliance across the entire organization
• Enable sharing of KPIs to improve risk analysis and investigation between physical and cyber security teams
• Leverage deep learning techniques and automation that eliminate the need to create complex correlation rules

Implementing a zero trust physical-cyber security model based on a modern PIAM 2.0 solution ensures that banking and financial institutions will maintain continuous verification of identities and privileges to determine access and other system responses.

The Future of PIAM

The security industry has come a long way since the advent of PACS and legacy PIAM solutions. However, there is still much to be discovered in terms of data-automation as it relates to security. PIAM 2.0 sets new benchmarks in identity and visitor management, compliance, facility operations and occupancy management, emergency management and mustering, threat intelligence, SOC operations, and so much more. Such capabilities are already defining how companies are addressing digital transformation, so it becomes a more natural extension of those procedures and applications already in use today. PIAM 2.0 also underscores the growing imperative for enterprises to make use of data that is already available to them to facilitate higher levels of security, safety and efficiency. Imagine that this is just the beginning of PIAM 2.0. Contact us here to learn more.