Banking on the Cloud
All financial institutions, no matter their size, have one thing in common: they all use services that reside in the Cloud.
The Cloud makes it possible for banks to use complex financial networks to operate locally, nationally and even globally for their customers. It is one of the reasons why you can walk up to any ATM in the world and complete a transaction, even though it isn’t your home institution.
As a matter of fact, financial institutions have been relying on vast worldwide networks for decades to safely and efficiently process millions of transactions a day. The economic and operational advantages of going digital — from centralizing storage to authorizing real-time access from anywhere to improving institution-wide data diagnostics and analysis — make a strong case for adding Cloud-based physical security services to the mix.
Understanding the Cloud
Despite their familiarity with the safety of Cloud-based services used by their financial institutions, corporate security managers seem very hesitant when it comes to considering the Cloud model for their physical security solutions. A majority of that reluctance stems from not understanding how physical security solutions would work in the Cloud and how that would benefit their operation.
To make a business case for Cloud-based physical security solutions, one first needs to clarify what kind of Cloud is being referenced. The three most prevalent Clouds in use today are public, private, and hybrid.
Public Cloud computing is what enables such common activities such as email and web surfing. Organizations such as Microsoft, Amazon, Rackspace, Google, Yahoo and many others have filled co-location centres around the world with hardware and equipment that anyone can use just by logging onto the Internet. There is also a form of public Clouds known as “software as a service” or SaaS. These public Cloud providers like Salesforce.com offer access to single or limited application sets that are available to users over the Internet.
Private Cloud computing delivers similar advantages to public Cloud, including scalability and self-service, but through a proprietary server environment. Unlike public Clouds, which deliver services to multiple organizations, a private Cloud is dedicated to a single organization.
Hybrid Cloud computing is basically a combination of both public and private Cloud. It uses a mix of on-premises (private Cloud) and third-party (public Cloud) services and orchestrates communication between the two platforms.
The institution’s current infrastructure and its electronic data security policies will ultimately dictate the most appropriate Cloud computing model for the organization.
Evaluating the potential benefits
While the fiscal advantages of migrating the institution’s physical security solution to the Cloud are certainly compelling, they only represent a fraction of the benefits that corporate security managers can achieve by changing their operating model to include Cloud-based services. Here are several more reasons to consider the transition:
1. Optimize the security processes you already support. Moving to the Cloud lets you lower your existing investment in physical security hardware, software, and facilities, while still complying with laws and regulatory pressures.
2. Become more agile. With the physical security solution residing in the Cloud, IT can react much faster and more effectively to changes in the business.
3. Optimize future data centre investments. Moving video surveillance storage to a Cloud solution frees up storage in existing data centre servers. In addition, using advanced technologies like Zipstream will improve the offloading of video from local DVR/NVR storage to the Cloud, which can have a significant ROI by reducing bandwidth consumption.
4. Acquire new skills. Cloud-based computing skills are essential in today’s business operations so it is important that your employees acquire the knowledge to keep pace with current technology tools.
5. Streamline upgrades. While there are costs associated with migrating to the Cloud, the long-term advantages are that it is easier to streamline upgrades and improved features across the organization simultaneously.
Beyond the growing list of benefits, corporate security managers are going to want to know things like:
Subscription costs: Do these change as their security operation grows?
Elasticity: Can the application shrink and grow as their security needs change? Going forward, will a Cloud-based physical security solution reduce on site security costs for new facilities?
Capital investment: What capital costs will they be able to avoid? A Cloud-based physical security solution can virtually eliminate costly traditional servers and DVRs.
Compliance risks: The risks and costs associated with compliance and non-compliance are of mission-critical concern in a highly regulated industry like finance.
Getting the most out of video analytics
The real value in any physical security solution is the data it generates and the insights the organization can glean from it. With the savings in capital investment from a Cloud-based solution, corporate security managers can afford to integrate more sophisticated video analytics into their systems to gain additional business intelligence. For instance, they can:
• Combine video, audio and location data with acoustic signature analysis to detect and identify sounds like gunshots, breaking glass and vehicle impact in order to provide security staff with better situational awareness.
• Use camera-embedded and server-based retail activity mapping and path analysis to measure foot traffic patterns and improve customer service.
• Integrate camera-embedded and full-featured edge processing of vehicle licence plate data for more immediate forensic evidence.
• Apply camera-embedded and Cloud-based analytics with predictive and prescriptive intelligence for visually verifying events to reduce costly false alarms.
• Add camera-embedded facial recognition at personnel entry turnstiles and biometric access locations to visually confirm identities.
Making security data actionable
To some corporate security managers, crunching “big data” from security systems into meaningful, actionable information might seem like a pipe dream. The sheer volume of devices collecting information and the massive amounts of unstructured data being captured appear too overwhelming to mine. But changing that mindset is imperative if they want to extract the full potential value of that data. Once managers acknowledge that all security data has potential value, the conversation can move from settling for legacy processes to adopting more progressive data-driven methods.
The first step might be to simply “store first, ask questions later.” After collecting the raw data, security managers can then use security data science (a process drawn from the fields of statistics, machine learning, data mining and predictive analysis) to ask the right questions that will elicit valuable intelligence from the assembled material.
But once all this security data has been ingested and processed, the next obvious questions are bound to be: Where will it go? And who will use it? This brings the discussion to the “Internet of Security Things,” a subset of the Internet of Things. The Internet of Security Things is composed of producers, analysis, storage and consumers of all things related or leveraged by security data (see Figure 1).
While all the data produced by “Security Things” like network cameras, access control devices and perimeter sensors might not be yet be actionable, it will be once the data undergoes forensic-predictive-prescriptive analysis. Forensic analysis provides security evidence. Predictive analysis projects future outcomes based on the success of previous actions. And prescriptive analysis determines the best course of action, given the security intelligence currently available.
Creating an ecosystem
Video data analysis is certainly useful from a security perspective, but it’s important to note that there is far more potential value outside the strict realm of security. As the variety of software and tools to treat data continue to expand, the data will eventually become the building blocks for creating a smarter environment, based on a complete security data ecosystem. In this scenario, financial institutions would be able to leverage the data to:
• Save energy. By analyzing video and audio sensor data the organization could determine occupancy and pedestrian flow and allocate network resource accordingly on the fly.
• Reduce investigation time. Video search analytics could be used to locate objects more quickly, or at least identify when and where they were last seen.
• Synthesize multi-location surveillance coverage. By comparing video events across locations, persons and objects of interest could be detected and tracked system wide.
• Reduce data storage costs. Eliminate multiple DVRs by streaming video sources like IP cameras directly to centralized storage.
• Protect important assets. Use multiple video sources to perform system-wide tracking of the institution’s most important assets.
• Improve traffic flow. Use video analytics to optimize parking usage, alleviate congestion and improve safety by detecting speeders and wrong-way drivers.
Adopting a proven operating model
The bottom line is that whether you realize it or not, Cloud-based solutions are being used every day in the financial space. The real question is this: If you trust the Cloud to handle your daily banking transactions, why not consider Cloud-based solutions for physical security as well?
Cloud-based solutions and services have been proven over time to be very secure and provide a growing number of advantages that can be shared across departments. Improved ROI and enhanced business insight through sophisticated data analysis are just a few of the potential benefits.
It just makes good business sense for corporate security officers to adopt a Cloud model for their physical security solutions so that their entire organization can reap the benefits of this new operating model.
Stephen Joseph is the Axis Communications business development manager for the banking and finance sector in North America (www.axis.com).
February 27-28, 2018