Physical security is one area neglected by most of the people. We are hearing a lot about analytics these days. Here I would like to discuss about video analytics and how it helps physical security part of information security. The security industry is undergoing one of its biggest paradigms shifts in protecting life and property intelligently with video analytics.
It was during my SOC days, I understood the difference between IDS and IPS. IDS, a detective control and IPS, a preventive control. During those days, from a defensive approach, we configured the device in IPS mode, so that it blocks the malicious traffic. When we configured and used in detective mode, it used to alert us about the events so that we will look into the event detail and act accordingly. As per the incident management procedures, sometimes it may take few days. I was confused during those days, in the thought that, what if a hacker doing the malicious activity has achieved what he wanted in the mean time. From detection, it is high time for us to think about protection as per one of the old quotes “Prevention is better than cure”.
These days everyone is talking about SIEM. SIEM’s correlation features definitely will help the SOC to monitor the events efficiently and act accordingly. This was something related to a technical control. In Information Security, technical control is the only aspect. There are other important areas which we should consider like physical security. It is no more an admin or security work. Information Security team should start considering this as an important piece and develop policies, and the management should reserve/provide a good budget for physical security.
Normally most of the organizations use video motion detection camera systems and outdoor surveillance is like a reactive security measure. When entering into work in the morning, a person would see a break in, vandalism, or realize some equipment went missing then would react by looking back into archives of the camera system. This takes a lot of man-hours and is often very cumbersome. I always had doubts about this sort of monitoring when I saw different CCTV cameras in almost every part of the floor.
In one of my previous companies where I worked, once for an access related issue, I got access to the physical security operation center. I could see more than 15 TV’S and couple of engineers monitoring those. In one TV, I could see around 4 live video footages, around 60 camera feeds. How the physical security staff would be able to detect any fraudulent activities? In case of any illicit incident, how the team would be able to find the associated video footage. How much man-hours will it take to get that information. Is there any way where we can get real time data and act accordingly, having something detective to something preventive.
The turning point of my research was when I heard something like video analytics. With video analytics, we can set a wide perimeter around the organization and notify authorities to intervene before an incident ever occurs. This in turn saves our time, and secures the organization.
Using a combination of algorithms, video analytics analyzes captured video in real time and presents alerts about whatever the application is programmed to identify. In early versions, this was primarily motion. There are different vendors and technology platforms for Video Analytics. When went deeply, I understood that they all work on the same basic principles. They use pattern recognition and other algorithms to provide critical capabilities: Recognize unusual activities as they happen and notify the security system in real-time. Convert video files into a data asset that can be searched, managed and analyzed to improve security and business performance.
Camera teamed up with video analytical software can be programmed to give special attention to specific elements in the video frame, for example – computers, doors etc. This video analysis software also monitors video streams in near real-time, automatically generates alerts, and facilitates forensic analysis of historical data to identify specific incidents, trends and patterns. It enables users to organize, analyze and share the insight gained from data to make smarter decisions and promotes enhanced coordination within or across organizations or agencies.
It can also track people and other objects in the frame and send alarms if some suspicious activities occur. These alarms will go the security personnel’s and they will able to have a look at the monitor and act accordingly. Video analytics applications are now able to automatically filter out motion caused by wind, snow, rain and change of lighting.
Suppose if there are more than 5 people surrounded nearby entrance gate after 10 PM, then automatically an alert will get triggered and it notifies the corresponding security personnel, if it is configured to do so. So the security guards or physical security team members will be able to have a close look at it and act. By this way, before occurring an incident we would be able to prevent it. Another useful feature is it integration with the access control software. Suppose if someone try for an unauthorized access, then it will trigger cameras to “zoom in” on the event and record the time and other information in a searchable video log.
Video analytics can improve physical security and help you optimize the use of video surveillance.It can dramatically improve the effectiveness and response capability of your security staff.
By Aju Nair