In Depth

Combining IT and Physical Security: Taming the Two-Headed Beast

The worlds of IT and physical security are colliding. Find out what to do about it.

By Simone Kaplan

Page 7

Davidson sits on Oracle's product and corporate security steering committees with representatives from other departments. She has lunch every six weeks with the head of facilities, who handles physical security, but otherwise she sees no need for further integration. The corporate security committee provides a forum for all departments to contribute to policy creation, she says, and that collaboration covers all the bases.

The benefits of bringing physical and IT security under one umbrella are industry- specific, Witty says. It makes more sense for companies in industries with a strong health and safety focus, such as manufacturing or chemical production, she says. It also works better for companies whose physical delivery system for products could be easily disrupted, such as oil distribution. The physical and IT security leaders should communicate regularly, she says, but unless there's a real need, they don't necessarily need to be merged into one department or report to the same person.

But to Fox, security consolidation has made his life and the lives of Sprint's senior executives a lot easier by consolidating functions and allowing them to get a clear picture of the company's security status and its vulnerability levels. It also helps them do better business, he says. "Companies want to work with us more because they know we protect people and information in the most thorough manner," Fox says. "That's a very important thing to anyone who does business these days."