Physical security information management (PSIM): The basics
Physical security information management software synthesizes data from video, access control systems, and other physical sensors
By Steve Hunt
October 08, 2010 — CSO —
The concept that's become known as Physical Security Information Management (PSIM, pronounced P-sim) was introduced to the physical security world in 2006. The idea is that all the stuff of security is actually data. Data that, once contextualized and analyzed, becomes information for making better business decisions. It is applying the concepts of information management and business intelligence to the practices and technologies of physical and homeland security.
In a companion article you'll find a list of specialized PSIM solution providers.
Why PSIM mattersFirst, some background. At the moment, improvisational, fragmented, off-the-cuff security management is the norm. It's common to find security operations and traditional command-and-control centers using paper-based processes and not sharing information. Business units and IT departments rarely have access to data in corporate (a.k.a. physical) security departments. Events are managed separately.
See related stories Physical security risk and countermeasures and Scenarios: How physical and IT security can work together.
Access-control-related events are monitored and managed separately from intrusion detection systems, and separate also from environmental sensors and other alerting systems. Many times the people and systems are not even located in the same facility, inhibiting information sharing and correlating. Computers, software and networking are still approached with suspicion. While most security departments use personal computers and digital video storage, there is not a general acceptance of interoperability between systems, or of information sharing in general.
Unfortunately, it's likely that current trends will widen this gap even further.
Enter Physical Security Information Management
PSIM is the foundation of next-generation security management. It's not a single product, but rather a set of processes and supporting technologies for physical security management and reporting.
Effective PSIM requires both integration of technologies and coordination with the IT and security processes governing the management of organizational data. The theory has thrived amid dynamic change in the security industry precisely because of its composite nature and multiple benefits. PSIM helps extend security services, improve efficiency and effectiveness, and allow for better accountability. There are several key trends making it more valuable and affordable today:
-- Data management best practices are more pervasive. Regulatory compliance and management best practices dictate that computer systems and data be handled in standardized ways, such as according to the guidelines established by the International Organization for Standardization. Security departments are, in general, not compliant with these best practices.
-- Business executives are demanding more data. Business decisions are made throughout organizations by analyzing data. Security departments will be forced share security and risk data in ways business executives can understand and appreciate.