Logical, physical security integration challenges


This article can also be found in the Premium Editorial Download "Information Security magazine: How to dig out rootkits."

Download it now to read this article plus other related content.

Integrating physical and logical security can bring many benefits to the enterprise, but a successful union isn't easy.

Typically, physical and logical security--also known as IT security--are separate operations in most enterprises. In fact, IT and physical security teams have tended to mix like oil and water. But marrying physical with logical security can reap considerable benefits.

Convergence enhances efficiency because user access to physical and IT resources is streamlined, reducing help desk calls. Employees can enjoy the ease of having a single device that gives them access to both the office building and the network. Better access management translates to improved security--and enhanced compliance with various regulatory requirements--because users only access the resources they are authorized to, and no more.

The U.S. government is sold on the benefits of physical and logical (PL) convergence. Its Personal Identity Verifi-cation (PIV) program, the result of Homeland Security Presidential Directive 12 (HSPD-12) (see "

    Requires Free Membership to View

HSPD-12 Com-pliance Not Easy"), aims to put smart cards in the hands of all federal employees and contractors. These cards will be used for physical and logical access.

However, any marriage takes work, and PL convergence is no exception. Just getting the two security teams together can be tricky. Then there's the complexity of combining heterogeneous systems, upgrading a patchwork of physical access systems, deploying smart cards and installing workstation software. We'll look at the challenges associated with PL convergence. What Are We Talking About, Exactly?

Physical and logical convergence sounds good to many IT security professionals, but there is some confusion about what it really is. PL convergence is about a single user authenticator and a single set of management processes for physical and IT identities and resources. The milestones for convergence--in typical order of maturity--are common authenticator, user lifecycle management, security information management and contextual authorization.

This was first published in September 2007

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: