Big Data In The Physical Security Market originally Published by Larry Anderson at SourceSecurity.com
Access control and video systems have always yielded a lot of data, although historically much of it has been stored on hard disk drives and later overwritten and/or dumped. A new trend is to compile that data over time, organize it, analyze it and then use it to provide insights into how the enterprise operates.
Analyzing Data From Different Sources And Departments
It’s part of a trend called Big Data, but so far its use in the physical security market has been limited. One company that has embraced the value of Big Data is Automation Integrated in Oklahoma City, Oklahoma, which began as a building automation contractor and software developer. Currently employing 40 people, Automation Integration now does about a third of its business related to security integration, including implementation of data analytics tools for several customers.
For end users, Big Data is an overlooked opportunity, says Jeff Houpt, President and CEO of Automation Integrated. “Your data is the single greatest untapped resource in operating your enterprise. You have to look at solutions that will help you use it to operate your business. The tools are getting better and better.”
Data analytics take sources from multiple systems in a building and/or enterprise – including information from security systems – and analyze behavioral and other trends to yield important information, some related to security. For example, data from a human resources system shows a person’s work schedule and what floor he or she should be working on, and an access control system can provide data on where in the building they are going. Analyzing the data together can point to anomalies that might suggest a security issue. Is an employee frequenting an area outside their usual work environment? Is somebody showing up hours early for their shift, and where are they going?
Insights Into Maintenance And Business Process Problems
Another benefit is maintenance. An access control system’s activity data can provide insights into alarms, credentials and badge histories, especially if correlated with system configuration data. This is called Automatic Fault Detection and Diagnostics (FDD): Is a door programmed wrong? Is the door contact bad? Why is this door likely to be held open? Can we predict failures in components?
“Rules-based systems analyze the data, which should be collected from as many sources as possible, including outside sources such as weather data, Department of Homeland Security (DHS) threat levels, and notifications about network security,” says Houpt. Other building systems, such as temperature and lighting controls, elevators, and other building automation systems, can also provide data insight.
Analytics tools are especially useful for enterprise-scale customers – the more data there is, the more useful. A large user might have 5,000 doors, 10,000 card holders and 100,000 card reads a day. Analyzing that data manually is impossible, but it lends itself to data analytics tools. “You can’t run a report on each door,” says Houpt. “With 5,000 doors, it’s too much data to review. It’s not a human scale problem; you need a machine between the people and the data.” He says using Big Data analytics tools enables end users to “turn mountains of data into piles of information, and that into stacks of usable insights.”
Problems identified through analytical analysis help define rules. “If you identify a new problem, your rules mine historical data to find all the other times you’ve had that same problem, identifying patterns,” says Houpt. Rules also help automate compliance to regulations such as the Dodd-Frank Act for the financial industry and Sarbanes-Oxley for public companies.
Applying Analytics For Security Operations
Off-the-shelf tools are available to assist in analysis of the mass of data. For example, Apache software such as Hadoop and Spark provide large-scale data processing in the cloud. Other systems include CouchDB, Cassandra, and Splunk. Systems can analyze relational (SQL or Structured Query Language) and non-relational (NoSQL) databases. In the security space, AMAG offers Symmetry CONNECT, a cloud-based system that provides data analysis along with other functionality (Automation Integrated is an AMAG integrator and Certified AMAG Developer).
While many large companies, especially banks and retail operations, use Big Data tools in their core businesses, they don’t tend to apply these tools to their security operations. “Security analytics is a pretty specialized area,” says Houpt. “Where we sit, we’re the contractor performing specialized services that are outside the customer’s core business.” Automation Integrated provides data analysis as a service to customers (and also is a reseller of AMAG Symmetry CONNECT).
But where to start? “For integrators, I would start to talk to manufacturers like AMAG about what they are doing,” says Houpt. “We hear a lot of buzz about Big Data, and people don’t understand what it is, what solutions there are, and what directions those solutions are going. Start reading about changes in technology every day – terminology and software practices. Your enterprise customers will be coming to you. You should be knowledgeable.” As manufacturers in the security space introduce Big Data products, outsourcing professional services from developers like Automation Integrated becomes an economical opportunity for integrators to gradually embrace new technology without having to transform their companies immediately.
“Many in our industry are stuck in about 1997,” Houpt says. “That is going to have to change. It’s time to upgrade yourself.”