By: Mark Feider

Physical security systems have always been critical to data centers. But now these systems—including surveillance cameras, video management systems (VMS), access control systems (ACS), automated license plate readers (ALPR), and intrusion systems—are connected to IT networks. As such, they can be a source of vulnerability for cyberattacks.

On the flip side, connected physical security devices collect a vast amount of information that data centers can use for valuable insights far beyond security. These systems are moving beyond being seen as simply a tool for risk mitigation. They can now be part of your data center’s overall digital transformation.

Having a unified system with a strong cybersecurity posture helps ensure that your system is protected from cyberattacks, provides valuable insights, and streamlines compliance.

Closing up Cyber Vulnerabilities

There’s a growing awareness of the cybersecurity of physical security systems. Outdated technology can leave data centers vulnerable to cyberattacks that exploit software vulnerabilities in connected systems. There’s no difference in the result if a server room is breached physically or through a cyberattack on a surveillance camera, air-conditioning system, or laptop.

As cyber threats grow, physical security and IT must work together to safeguard network infrastructure. A unified IT and physical security team can develop a comprehensive security program based on a common understanding of risk, responsibilities, strategies, and practices.

As a first step, your team can conduct a posture assessment to identify devices of concern. This involves:

• Creating an inventory of all network-connected cameras, door controllers, and associated management systems
• Identifying their functions and confirming their role/relevance
• Performing a vulnerability assessment of all connected physical security devices to identify models and manufacturers of concern
• Maintaining information about each physical security device (connectivity, firmware version, and configuration)
• Improving network design to segment older devices and reduce the potential for crossover attacks
• Documenting all users with knowledge of physical security devices and systems