Building Actionable Security Intelligence - Protection of people, properties & profits from a Physical security perspective. A Vision White Paper - December 2006

1. Pro-active Security Management
Building Actionable Security Intelligence
”Protection of people, properties & profits from a Physical security perspective”
Vision White Paper
DECEMBER 2006

2. BUILDING
ACTIONABLE
SECURITY
INTELLIGENCE
PROTECTION
OF
PEOPLE,
PROPERTIES
&
PROFITS
FROM
A
PHYSICAL
SECURITY
PERSPECTIVE
VERSION;CONCEPT
©
COPYRIGHT
BY
GETRONICS
206
Page 2 (19)
EXECUTIVE SUMMARY
IT as “driver” for changes. Within the traditional enclosed chain of safety values a well-balanced
cohesion of service processes, technology and infrastructure is of great importance. Within this chain,
IP technology, XML & Web Services and Service Oriented Architecture (SOA) are the new ´business
enablers´ between the various business and management processes whereby accessibility, availability
and continuity are of great importance.
Through intelligent use of open standards it is possible to integrate various systems and
simultaneously monitor, control and manage these systems, independent of location. New
technologies enable the execution of primary processes, independent of location, distance and time.
Uniting and/or centralizing management tasks result in a reduction of operational costs and an
increase of security effectiveness.
Safety and security is of integral importance to all parties within and outside a company. It is a
mutual business interest whereby close co-operation between Facility Management, IT Management
and Security Management has become a requirement. With regard to management it is important to
pro-actively obtain an insight into the risks and events, both qualitatively and quantitatively. The
nature and frequency of irregularities as encountered is generally unclear. This information is however
of essential importance to the organization in order to manage the measures as taken or newly to be
taken. In addition it is important that, after a report of irregularities or events, corrective action is
taken immediately in order to minimize the damage as much as possible.
The strategic aim of Getronics PinkRoccade is to build actionable security intelligence through a
strategic security approach with an integral focus on the ‘security-technology alignment’. Our holistic
approach to building security management will give our clients a clear insight in the performance of
their organizational and technological security measures. Additional, they can control, manage and
monitor the protective measures (anytime, anywhere, anyplace) against business risks, such as;
• loss of productivity caused by calamities (fire, smoke and flooding);
• interruptions in the delivery of (IT) services (provision of information);
• criminality (sabotage, burglary, theft) and vandalism (damage and destruction);
• unauthorized access to facilities (workplaces, buildings and sites);
• failure of building control systems and building related systems;
• infringement of the security of employees and relations;
• false alarms and reports;
• breach of goodwill, image and/or reputation.
Our well balanced solutions are capable to support our clients mitigate those business risks and to
meet their security requirements and regulations by the establishment of an actionable and intelligent
dynamical security management platform. Our strategic approaches optimize our clients’ security
investments and will help to improve the performance, availability and scalability of our clients’
facilities.

3. BUILDING
ACTIONABLE
SECURITY
INTELLIGENCE
PROTECTION
OF
PEOPLE,
PROPERTIES
&
PROFITS
FROM
A
PHYSICAL
SECURITY
PERSPECTIVE
VERSION;CONCEPT
©
COPYRIGHT
BY
GETRONICS
206
Page 3 (19)
Building Actionable Security Intelligence
Protection of people, properties & profits from a Physical security perspective
CONTENTS
EXECUTIVE SUMMARY 2
1 INTRODUCTION 4
1.1. TRENDS 4
2 PRO-ACTIVE SECURITY 6
2.1. SECURITY INTELLIGENCE 6
2.2. SECURITY TRANSPARANCY 7
2.3. SECURITY INTEGRATION 9
3 INTELLIGENT DYNAMIC SECURITY MANAGEMENT 12
3.4. SECURITY COCKPIT 12
3.5. ESCALATION & REPORTING 13
4 PHYSICAL SECURITY 14
4.1. SECURITY CONTROL 14
4.2. SECURITY SERVICES 15
5 GETRONICS PINKROCCADE 16
5.1. IDSM™ 17
5.2. PHYSICAL SECURITY 18

4. BUILDING
ACTIONABLE
SECURITY
INTELLIGENCE
PROTECTION
OF
PEOPLE,
PROPERTIES
&
PROFITS
FROM
A
PHYSICAL
SECURITY
PERSPECTIVE
VERSION;CONCEPT
©
COPYRIGHT
BY
GETRONICS
206
Page 4 (19)
“Where the Metrics are”
CSOs count on physical security metrics to
evaluate their organizations' performance and
to communicate security's value to other
business executives
“That's why CSOs are hungry for metrics. It's not
good enough to maintain a quiet, reliable security
service until something goes wrong. Security
executives want to understand how their operations
are working and how they can improve. CEOs want
to know how the security function is faring by
looking at the department's data. And metrics can
provide the hard numbers and context on the
performance of the security function, proving that
nothing happening was the direct result of an
effective security management program.”
CSO Magazine –February 2005
Source: www.csoonline.com
1 INTRODUCTION
The threat of terrorism, vandalism and criminality affects the social-cultural society and the social and
economical course of events. This threat demands adequate and appropriate protection- and security
measures, both in the field of social security and industrial safety. The augmentation of industrial
safety and social security ranks high on the agenda of respectively entrepreneurs and politicians.
The social security problem is on the one hand of public and private interest and on the other hand of
mutual interest with regard to authorities, provinces, municipalities and entrepreneurs. Local
initiatives are increasingly taking place in order to improve the social security in municipalities, cities
and industrial areas. Co-operation in this field not only ensures the continuity of companies but also
the regional and/or local economical interests. In order to ensure the required safety, (new) working
relationships emerge on both national and international levels.
A striking aspect is the increasing importance as can be attached to the role of IT with regard to the
accomplishment of safety and security targets. The technological innovation and integration in the
field of IT effectively contributes to the efficient implementation of safety and security measures. By
this, synergetic advantages may be achieved, both within the public and private domain. This
document will primarily address the efficient and effective arrangement of organizational and
technological safety and security measures within the private domain.
1.1. TRENDS
Driven by law & legislation, organizations are forced to take various measures in order to ensure that
risks can be managed and safety can be secured (control). Getronics PinkRoccade observes among
others that physical security systems are being developed into high-quality IT systems, for example
through the use of XML & Web Services, Service Oriented Architecture (SOA), based on TCP/IP
Technology (convergence). Optimization of the effectiveness and functionality of the measures as
implemented and the application of technology can only be effectuated through integration (cost).
Through an effective and integral management of control, cost and convergence (See figure 1.1) one
is enabled to pro-actively anticipate future changes within the frameworks of security management.
With pro-active security management your organization is ready for the dynamics of tomorrow.
1.1.1. CONTROL
Industrial safety is highly important for every entrepreneur. Locally drafted legislation and regulations
and national and international directives and guidelines ensure proper entrepreneurship with an eye
for safety and security of people, means and possessions.
Examples of aforementioned legislation and
regulations, aimed at ensuring the continuity of the
organization and the management of risks are among
others:
• Sarbanes-Oxley (SOX),
• Basel II,
• Health Care and the Health Insurance
Portability and Accountability Act (HIPAA),
• Gramm-Leach-Billey Act (GLBA),
• Federal Information Security Management
Act (FISMA),
• Homeland Security Presidential Directive
(HSPD-7),
• Standard for Information Security
Management (NEN-ISO/IEC 17799) and
• Wet Bescherming Persoonsgegevens (WBP –
Law Personal Data Protection).
Organizations become more and more conscious of the fact that safety and security is of integral
importance to all parties within and outside a company. Industrial safety is no longer the
responsibility of only the Facility Manager for instance.

5. BUILDING
ACTIONABLE
SECURITY
INTELLIGENCE
PROTECTION
OF
PEOPLE,
PROPERTIES
&
PROFITS
FROM
A
PHYSICAL
SECURITY
PERSPECTIVE
VERSION;CONCEPT
©
COPYRIGHT
BY
GETRONICS
206
Page 5 (19)
Time to marry network and physical.
"People too often go unchallenged. If people see
somebody who they don't recognise accessing a PC
in the office, many fail to challenge that person –
assuming if they are there, then they must have a
right to."
"Biometrics is the only form of identification which
positively identifies the user as being the person
they say they are."
From the point at which an employee enters the
building, there is therefore a digital record of their
presence within the office (verified as being them -
rather than somebody with their card), which along
with digital records of their presence on a network
will give a far better overview of employee
behaviour and enable far quicker detection of
potential problems.
Simon Perry
Divisional Vice President of Security Strategy
Computer Associates
Source: www.silicon.com
It is a mutual business interest whereby close co-operation between Facility Management, IT
Management and Security Management has become a requirement. Large companies often appoint a
Chief Security Officer (CSO next to the CEO, CIO and CFO) or a Corporate Security Manager (CSM)
who is responsible for the overall safety and security policy of the company.
1.1.2. COST
The costs for safety and security, both for authorities and the business community, are annually
growing drastically, influenced by aforementioned developments and inspired by changing and more
stringent international and national legislation, norms and regulations. On account of this last one in
particular, authorities and companies are required to invest more and more in taking measures with
regard to both ‘physical security’ and ‘logical (IT) security’.
1.1.3. CONVERGENCE
The technological field is also subject to large developments. One of those is for instance the
convergence of ´physical security´ and ´logical security´ and thus the integration of physical security
systems and logical security systems. Physical security systems (building control and building related
systems) like Access Control Systems, Video Surveillance Systems, Fire & Safety Systems, HVAC
Systems, Building Power Systems and Lighting Systems are also important with regard to the
continuity of the company. Just like in case of IT systems, failure and/or loss of performance are
affecting productivity and continuity of the company.
The technology supporting an integrated security-
management solution is usually more straightforward
than the boardroom politics and procedural processes
required to make it happen. The path to successful
physical and logical integration of automated security-
management solutions must not only include a case for
how this will benefit the business as a whole but also
how it will help the individual stakeholders
(departments) who must come together to make it
happen. Generally, artificial barriers to change can be
overcome with the help of a comprehensive life cycle
cost/benefit analysis (Balance between security costs
and business value).
The following chapters will primarily deal with
technological developments in the field of ´physical
security´ and ‘logical security’ and the organizational
impact of this on the safety and security policy of
companies.
PRO ACTIVE
SECURITY MANAGEMENT
•INTELLIGENCE
•TRANSPARANCY
•INTEGRATION
CONVERGENCE
•TECHNOLOGY
COSTS
•EFFECTIVENESS
• EFFICIENCY
CONTROL
•INTEGRAL
RESPONSIBILITY
PRO ACTIVE
SECURITY MANAGEMENT
•INTELLIGENCE
•TRANSPARANCY
•INTEGRATION
CONVERGENCE
•TECHNOLOGY
COSTS
•EFFECTIVENESS
• EFFICIENCY
CONTROL
•INTEGRAL
RESPONSIBILITY
Figure 1.1 Pro-Active Security Management – Control, Convergence & Costs

6. BUILDING
ACTIONABLE
SECURITY
INTELLIGENCE
PROTECTION
OF
PEOPLE,
PROPERTIES
&
PROFITS
FROM
A
PHYSICAL
SECURITY
PERSPECTIVE
VERSION;CONCEPT
©
COPYRIGHT
BY
GETRONICS
206
Page 6 (19)
SECURITY INFRASTRUCTURE
• Converged communication & technology
• Data networking
• Control networking
SECURITY APPLICATIONS
• Business applications
• ICT management applications
• Building management applications
• Facility management applications
SECURITY MONITORING
• intelligent Dynamic Security Management™ platform
• Emergency, Incident & Event management
• automated workflow for logging, notification & verification
SECURITY MANAGEMENT
• Business Continuity Management
• Compliance & Risk Management
• Disaster Recovery
Access
&
Security
Fire
&
Safety
Lighting
Building
Power
Application
Middleware
Platform
Network
Data
Climate
&
Air
Logical
(ICT)
Physical
(Facilities)
iDSM™
BC
S
tr
a
te
g
ic
M
a
n
a
g
e
m
e
n
t
T
a
c
ti
c
a
l
M
a
n
a
g
e
m
e
n
t
O
p
e
r
a
ti
o
n
a
l
M
a
n
a
g
e
m
e
n
t
Security
Transparency
Security
Integration
SECURITY INFRASTRUCTURE
• Converged communication & technology
• Data networking
• Control networking
SECURITY APPLICATIONS
• Business applications
• ICT management applications
• Building management applications
• Facility management applications
SECURITY MONITORING
• intelligent Dynamic Security Management™ platform
• Emergency, Incident & Event management
• automated workflow for logging, notification & verification
SECURITY MANAGEMENT
• Business Continuity Management
• Compliance & Risk Management
• Disaster Recovery
Access
&
Security
Fire
&
Safety
Lighting
Building
Power
Application
Middleware
Platform
Network
Data
Climate
&
Air
Logical
(ICT)
Physical
(Facilities)
iDSM™
BC
S
tr
a
te
g
ic
M
a
n
a
g
e
m
e
n
t
T
a
c
ti
c
a
l
M
a
n
a
g
e
m
e
n
t
O
p
e
r
a
ti
o
n
a
l
M
a
n
a
g
e
m
e
n
t
Security
Transparency
Security
Integration
Figure 2.1: Building Security Intelligence (Security - Technology Alignment)
A comprehensive security
strategy better aligns
security goals with
corporate goals.
Most CSOs these days would
agree that security should
dance cheek to cheek with the
needs of the business. In a
post-9/11 world, companies
that hold the traditional view
of security as just another
cost centerfail to recognize
the importance of security to
day-to-day business activities.
CSO Fundamentals
Source: www.csoonline.com
2 PRO-ACTIVE SECURITY
Organizations are confronted with a complex of internal and external risks which may inflict damage
on the organization and her relations. Within the framework of the continuity of an organization it is
important that these risks are controlled to the maximum possible extent. The continuity of an
organization depends on a healthy balance between:
1. the risk components which may threaten the organization;
2. the variety of measures with may be taken both preventively and repressively in order to control
these risks and;
3. the costs involved by this in relation to the turnover / profit.
With regard to management it is important to pro-actively obtain an
insight into the risks and events, both qualitatively and quantitatively.
The nature and frequency of irregularities as encountered is generally
unclear. This information is however of essential importance to the
organization in order to manage the measures as taken or newly to be
taken. In addition it is important that, after a report of irregularities or
events, corrective action is taken immediately in order to minimize the
damage as much as possible.
Pro-active Security Management is aimed at:
1) safeguarding the short and long term continuity of the organization
itself and her relations;
2) protection of the image;
3) increasing the quality of the delivered products and services and
4) reduction of the costs.
Through intelligent use of the existing and new technologies it is possible to integrate, monitor and
manage business-critical systems or environments with maximum attention with regard to
availability, flexibility, effectiveness, comfort and safety.
2.1. SECURITY INTELLIGENCE
The arrangement of a clear and transparent process in order to manage the risks and the measures
linked to this is a continuous operational process which should be supported by effective and flexible
business applications in the field of security management. The defined processes, responsibilities and
roles contribute to the drafting of functional specifications in order to obtain an actionable security
management platform: Security-Technology Alignment.

7. BUILDING
ACTIONABLE
SECURITY
INTELLIGENCE
PROTECTION
OF
PEOPLE,
PROPERTIES
&
PROFITS
FROM
A
PHYSICAL
SECURITY
PERSPECTIVE
VERSION;CONCEPT
©
COPYRIGHT
BY
GETRONICS
206
Page 7 (19)
The convergence of physical and logical security is not a fad.
Security is no longer performed quietly in the basement of the
building, away from the cares of business managers. Now security
plays an instrumental role in compliance with regulations, protection
of personal information, and enabling many business processes.
Therefore, business managers are looking for ways to have better
security while also cutting costs and finding economies of scale. One
way that this can be achieved is by converging IT security with
overlapping corporate or physical security functions.
Trends 2005 – Security Convergence Gets Real
Source: Forrester Research
Many of the physical and IT security processes and procedures must be integrated at the technology
level, but it is not the technology that defines the integration. The business processes and procedures
define it; the technology implements it. (See figure 2.1) That is why the first step in integrating
physical and IT security is an examination of security-related business requirements and the physical
and IT security processes that support them. The integration of the business processes will determine
where integration of physical security and IT technology is required.
The gathering, storing, analyzing and securing of information and data in a proper manner contributes
to the effective managing and monitoring
of safety and security processes and
measures, the minimization of events /
incidents and in particular the efficient and
quick processing of communication.
In this context the arrangement and
specific use of information and data flows
is an important main point for every
company: Security Intelligence.
High-quality information and data flows
from both an organizational and a technological perspective provide an insight in the performance of
the company in the field of safety and security and contribute among others to 1) intelligent decision
making by the management and 2) the formation of a strategy for industrial safety and security.
By opting for an integral approach, by which physical security systems and logical (IT) security
systems are integrated into one intelligent dynamic security management platform, enhances the
insight into the level of safety, security and continuity of a company (security integration). The
integral arrangement of an intelligent security management platform enhances the effectiveness and
efficiency of the organization in the application of her safety and security policy (security
transparency). Integration of systems and processes also contributes to a reduction of operational
costs with regard to the preservation and safeguarding of the continuity of a company.
The next chapters will deal with Security Transparency and Security Integration in further detail.
2.2. SECURITY TRANSPARANCY
The primary process of a company is considered the starting point for defining a safety and security
policy. The safety and security measures as ensuing from this may affect the functional and physical
design of buildings, layouts, building control systems, building related systems and IT systems.
Introduction of new innovative technologies for managing and monitoring security measures will also
affects the company’s existing security organisation and processes. (Se figure 2.2)
PEOPLE
PROCESSES
TECHNOLOGY
ASSETS
Security Management
Facility Services
Control Networking
ICT Services
Data Networking
Safety
&
Security
Building
Automation
Data
Voice
Video
Facility
Management
Customer Relation
Management
ICT
Management
Human Resource
Management
Physical
Security
ICT
Security
Business Process Management
Business Continuity Management
Business Security Management
Security Management
Managed Facilities
Facility
Management
Customer Relation
Management
ICT
Management
Human Resource
Management
Physical
Security
ICT
Security
Business Process Management
Business Continuity Management
Business Security Management
Facility
Systems
ICT
Systems
(INTEGRATED)
SECURITY SYSTEM
IP Technology
PEOPLE
PROCESSES
TECHNOLOGY
ASSETS
PEOPLE
PROCESSES
TECHNOLOGY
ASSETS
Security Management
Facility Services
Control Networking
ICT Services
Data Networking
Safety
&
Security
Building
Automation
Data
Voice
Video
Facility
Management
Customer Relation
Management
ICT
Management
Human Resource
Management
Physical
Security
ICT
Security
Business Process Management
Business Continuity Management
Business Security Management
Security Management
Managed Facilities
Facility
Management
Customer Relation
Management
ICT
Management
Human Resource
Management
Physical
Security
ICT
Security
Business Process Management
Business Continuity Management
Business Security Management
Facility
Systems
ICT
Systems
(INTEGRATED)
SECURITY SYSTEM
IP Technology
Figure 2.2: Building Security Transparency (Intelligent Security Management Platform)

8. BUILDING
ACTIONABLE
SECURITY
INTELLIGENCE
PROTECTION
OF
PEOPLE,
PROPERTIES
&
PROFITS
FROM
A
PHYSICAL
SECURITY
PERSPECTIVE
VERSION;CONCEPT
©
COPYRIGHT
BY
GETRONICS
206
Page 8 (19)
Information-sharing among disparate
security functions increases.
Bringing team members into a more cohesive
organization with one strategic mission and
consistent goal will encourage collaboration
and help break down some of the walls that
can exist between people who previously had
prime allegiance to their individual security
function.
CSO Fundamentals
Source: www.csoonline.com
It is important for every company to take the risks into account and convert these into measures in
line with the prevailing legislation and regulations. The link between the safety and security policy of
a company and the coherence between strategy and structure of the company, the skills and know-
how of the employees and back-up by the management and supporting systems are determining
factors for a successful effectuation of the policy.
In this context the cohesion between `people´,`assets´,`processes´and `technology´ is the
determining factor in the way through which high-quality information and data flows should be
arranged and in the way through which integration of various information systems and applications is
arranged. Aforementioned integration is also dependent upon `interoperability´ of the systems and
applications and a determining factor with regard to the extent of convergence between `physical
security´ and ´logical security`.
The extent of convergence is also affecting the quality, measurability and effectiveness of the
implemented safety and security measures. The accessibility of systems and applications offers on the
one hand the option to effectively monitor the safety and security of a company and on the other
hand the option to arrange and manage the safety and security processes efficiently.
Organizational Issues: Security people of all types recognize security concepts that are used
by both sides, though they play out differently. For example, a firewall is a logical separation
between two networks in the IT environment, while in the physical environment the concept
of a firewall refers to a safety separation between two spaces as used in buildings. The
expression "demilitarized zone" is commonly used in military and IT security circles to denote
a special-use area protected at all boundaries. Intrusion detection and perimeter control are
two of the original security concepts through the centuries, and they are used with regard to
network protection by IT staff today. Access control holds basically the same meaning for
everyone. So do the terms biometrics, risk, vulnerability, and threat.
In addition, the two organizations share fundamentally similar internal structures and
processes.
For example, each has a head of security,
whatever the title, and each must address issues
of staff management, budgeting, and metrics for
measuring efficiency and success.
Both organizations also must coordinate
departmental goals with overall business
objectives. In IT, it's called security architecture,
or the aligning of IT security with business
requirements. Corporate security does this less
formally but still faces the same concerns.
Both corporate security and IT security already have their own separate incident-response
teams. Each group typically has representatives from human resources, legal, public
relations, the business units, and IT. These teams could and should consolidate, or at least
coordinate, their actions with regard to incident response and investigations.
2.2.1. SECURITY MANAGEMENT
In order to manage safety and security processes effectively it is important to properly define
ownership, responsibility and liability in a functional manner and embody this in the process.
On all levels of a company one should be aware (operational, tactical and strategic) of the
implemented measures with regard to safety and security and, wherever required, relevant
information and data should be made available on behalf of the management of the safety and
security targets. The availability of information and data (anywhere, anytime, anyplace) in case of
calamities, events and/or incidents is also a determining factor with regard to the speed of response,
response time and repair or recovery time.
An intelligent, actionable security management platform is among others aimed at providing the
policy-makers of a company an insight into the continuity of the company by generating reports about
risks, events or incidents, the organizational or economic impact and the corrective actions as taken
or to be taken – in real time.

9. BUILDING
ACTIONABLE
SECURITY
INTELLIGENCE
PROTECTION
OF
PEOPLE,
PROPERTIES
&
PROFITS
FROM
A
PHYSICAL
SECURITY
PERSPECTIVE
VERSION;CONCEPT
©
COPYRIGHT
BY
GETRONICS
206
Page 9 (19)
Benefits of centralised management
Managing users, their privileges and their credentials - a process called user provisioning - is one of the biggest challenges faced by
organisations. Typically, HR makes the first database entry for a new user, in support of payroll and other employee-related
functions. Security makes another entry, to provide an access control card/ID badge for physical access to facilities. IT makes a
third entry, to provide access to information systems. The results of inconsistencies between the three areas range from personal
inconvenience, such as an employee being denied access to parking or to the computer network, to significant corporate risk, such
as failure to suspend physical or network access privileges immediately upon termination.
Such inconsistencies motivate people to bypass security by manually affording access (holding a door open) or sharing information
system passwords. This often results in a person gaining access to areas and information to which he or she would not normally
have access. These types of access violations are undocumented. Furthermore, not having centrally managed users means that the
question 'Who has access to what?' cannot be answered quickly enough to provide ideal response times in the event of a suspected
breach or a heightened security condition.
Reducing the user provisioning steps from three down to one not only eliminates the security vulnerabilities and enforces consistent
role-based privileges across the entire organisation, but may drastically reduce the cost of managing users.
The convergence of physical security and IT – integrating physical and IT security management
Source: Forrester Research 2005
2.2.2. SECURITY MONITORING
A determining factor for successful safety and security policies are the cohesion between ‘people’,
‘assets’, ‘processes’ and ‘technology’. In order to obtain an insight into the domain of safety and
security it is necessary to monitor the environment, the business-critical processes, facilities and
systems in line with the safety and security policies (security balanced scorecard). The management
of safety and security processes within companies changes clearly from a reactive to a pro-active and
pre-active approach. It is crucial for the company to recognize the risks and react timely and quickly
whenever required in order to minimize (consequential) damage.
Through an efficient arrangement of information flows and the recording of data one obtains a
valuable source of data (best practices, lessons learned) with regard to the origin and repression of
accidents, threats or attacks from the inside or outside, events and (counter) actions. The
arrangement and specific use of information and data flows is an important main point for monitoring
safety and security measures.
In this context it is important that the gathering of security intelligence by aggregating, reducing,
correlating and prioritizing disparate security data from security devices, software technologies and
assets across an organization occurs in a proper manner. Converting and prioritizing this large volume
of data into intelligent, actionable information that can be real-time displayed and managed from a
single, centralized console (security cockpit) in an understandable, visual format will improve the
operational efficiencies and effectiveness in a dynamical way.
2.3. SECURITY INTEGRATION
The difference between traditional security operations and those being employed today can be
summed up in one word: technology. The advent of the Internet and other new technologies is
revolutionizing how people communicate, work, and seek entertainment. By incorporating
advancements in communication and information storage into access control, surveillance,
communications, and other physical security devices, systems have become less dependent on
personnel and their inherent skills to create a more secure environment.
The convergence of physical and logical security is not a fad; Security is no longer performed quietly
in the basement of the building, away from the cares of business managers. Now, security plays an
instrumental role in compliance with regulations, protection of personal information, and enabling
many business processes. Business managers are looking for ways to have better security while also
cutting costs and finding economies of scale. One way that this can be achieved is by converging IT
security with overlapping corporate or physical security functions.
Technology Integration: Technology can do many things, but it is not the exclusive answer
for all security needs. Experience has shown that in the most solid security programs,
technology is used to support operations. The key is to determine what needs to be
protected and then develop a program that uses technology to complement security
operations.
Technology cannot replace an entire security staff. Technology is not yet intuitive enough to
evaluate security conditions, identify offenders and make appropriate responses. Technology
still needs to be managed, serviced and monitored. One important design concept that can
help take advantage of technology is integration.

10. BUILDING
ACTIONABLE
SECURITY
INTELLIGENCE
PROTECTION
OF
PEOPLE,
PROPERTIES
&
PROFITS
FROM
A
PHYSICAL
SECURITY
PERSPECTIVE
VERSION;CONCEPT
©
COPYRIGHT
BY
GETRONICS
206
Page 10 (19)
Technology convergence.
Corporate security services-video surveillance, access
control and fraud detection, for example - are
increasingly database-driven and network-delivered. In
other words, IT is ever more tightly woven with physical
security.
CSO Fundamentals
Source: www.csoonline.com
While there are many systems, devices and software solutions in the security industry, most
are stand-alone systems. There are many good access-control, video-camera and intrusion-
detection systems, but all the solutions may not be available in a single package. Effective
security system integration involves careful planning and design. The payoff can be improved
security response to incidents.
Integration between IT and access protection systems will eventually lead to the first step to complete
convergence of `physical security´ and ´logical security`. At the same time new integration options
come into existence in the field of Identity & Access Management (Role Based Access Control & Single
Sign-On) for combined access control with regard to systems and facilities and in the domain of Asset
Management and Emergency, Incident & Event Management. Video Analytics, RFID, Biometrics and
Smartcards are IP innovative solutions which may enhance the effectiveness of safety and security.
An obvious trend in this context is the integration
in the field of access protection whereby IP
technology enables a wide-ranging integration of
video surveillance systems and access control
systems. By this an advanced access protection
platform comes into existence with a high degree
of flexibility and scalability.
Integration of video surveillance systems and access control systems is a first step to a growth model
for wide-ranging integration with other building control systems and the implementation of a holistic
approach to building security management.
2.3.1. SECURITY APPLICATIONS
The performance, availability and reliability of business-critical IT, building control systems and
building related systems are of great importance for the continuity of a company. Poor performance
or even breakdown affects the productivity and continuity of a company badly and may result in
undesired and needless operational risks.
In this new world of physical access control and IT convergence, 'open' is the operative word. Multi-
vendor support is only achievable through the use of IT industry standards such as XML, TCP/IP,
SNMP, LDAP and SMTP. Open industry standards contribute to the increase of application and system
integration of IT, building control systems and business related systems. The platform must support
commercial off-the-shelf operating systems and database platforms, user directories, report
generators and common administrative utilities for system backups and fault tolerance. Likewise, it
must seamlessly integrate with external applications, such as time and attendance systems, and
peripheral devices such as printers.
Secured
VPN
(www)
Security
Operations
Center
Remote Control Devices
Mobility
PUBLIC ENVIRONMENT
Gateway
Security Zone 2
END USER ENVIRONMENT
Dome camera
Indoor
camera
Biometrics
iris
In-
/outdoor
camera
Intelligent door
locker
RFID
portal
Card
reader
Indoor access
control gate
Web Services
IP Technology
Gateway
Video Storage &
Servers
Remote Security
Control & Monitoring
Remote Back-up
Servers
Video Surveillance
Application Servers
Access Control
Application
Servers
Security Control
Center
GETRONICS CYBER CENTER
IP Technology
Outdoor camera
Outdoor access
control gate
Security Zone 1
END USER ENVIRONMENT
Intelligent door
locker
Dome camera
Indoor camera
Biometrics `
fingerprint
Intelligent
door locker
Card reader
Web Services
Gateway
IP Technology
Secured
VPN
(www)
Security
Operations
Center
Secured
VPN
(www)
Security
Operations
Center
Remote Control Devices
Mobility
PUBLIC ENVIRONMENT
Remote Control Devices
Mobility
PUBLIC ENVIRONMENT
Gateway
Security Zone 2
END USER ENVIRONMENT
Dome camera
Indoor
camera
Biometrics
iris
In-
/outdoor
camera
Intelligent door
locker
RFID
portal
Card
reader
Indoor access
control gate
Web Services
IP Technology
Gateway
Security Zone 2
END USER ENVIRONMENT
Dome camera
Indoor
camera
Biometrics
iris
In-
/outdoor
camera
Intelligent door
locker
RFID
portal
Card
reader
Indoor access
control gate
Web Services
IP Technology
Gateway
Security Zone 2
END USER ENVIRONMENT
Dome camera
Indoor
camera
Biometrics
iris
In-
/outdoor
camera
Intelligent door
locker
RFID
portal
Card
reader
Indoor access
control gate
Web Services
IP Technology
Gateway
Video Storage &
Servers
Remote Security
Control & Monitoring
Remote Back-up
Servers
Video Surveillance
Application Servers
Access Control
Application
Servers
Security Control
Center
GETRONICS CYBER CENTER
IP Technology
Gateway
Video Storage &
Servers
Remote Security
Control & Monitoring
Remote Back-up
Servers
Video Surveillance
Application Servers
Access Control
Application
Servers
Security Control
Center
GETRONICS CYBER CENTER
IP Technology
Video Storage &
Servers
Remote Security
Control & Monitoring
Remote Back-up
Servers
Video Surveillance
Application Servers
Access Control
Application
Servers
Security Control
Center
GETRONICS CYBER CENTER
IP Technology
Outdoor camera
Outdoor access
control gate
Security Zone 1
END USER ENVIRONMENT
Intelligent door
locker
Dome camera
Indoor camera
Biometrics `
fingerprint
Intelligent
door locker
Card reader
Web Services
Gateway
IP Technology
Outdoor camera
Outdoor access
control gate
Security Zone 1
END USER ENVIRONMENT
Intelligent door
locker
Dome camera
Indoor camera
Biometrics `
fingerprint
Intelligent
door locker
Card reader
Web Services
Gateway
IP Technology
Figure 2.3: Building Security Integration (Integrated Security & Access Control)

11. BUILDING
ACTIONABLE
SECURITY
INTELLIGENCE
PROTECTION
OF
PEOPLE,
PROPERTIES
&
PROFITS
FROM
A
PHYSICAL
SECURITY
PERSPECTIVE
VERSION;CONCEPT
©
COPYRIGHT
BY
GETRONICS
206
Page 11 (19)
The convergence of physical and logical security is
not a fad.
Integration can provide an overall system that can do
more than any of the systems could do individually, a
system that is greater than the sum of its parts. Oh, the
possibilities--fire-alarm systems activating HVAC
equipment to perform smoke control while controlling
video cameras connected to the security system to show
a live view of the conditions or using information from a
card access system to set the HVAC system in an
individual office to occupied mode while commanding the
lighting system to light the way to the office.
Paul G. Turnbull
Siemens Building Technologies Inc.
Source: www.hpac.com
With such standards, enterprises are able to achieve real-time, bi-directional data exchange and
actions between security systems and other infrastructure applications, including HR and ERP
systems. Management of people's access rights becomes streamlined with policy-based management
across physical and logical security. With one step, an enterprise can set up or delete a complete set
of access rights for any employee.
Web-Enabled Software And Applications: Digital video and remote monitoring are not the
only security related operations employing technology today. Many facility operations are one
by one becoming Web-enabled, including access control, environmental monitors, lights, fire
alarms, and HVAC. These have long been regulated by software and other applications and
are now being managed and maintained via the Internet. The evolving power of the Internet,
wireless technology, and integration are creating very powerful management tools for daily
operations and for emergency management.
The integration of the various (technical) management platforms offers an organization the option to
arrange one effective, dynamic and flexible security management application in order to manage
business-critical IT, building control systems and building related systems. This offers entrepreneurs
the possibility to optimize processes on both the operational and management level which results in a
reduction of operational costs and enhanced safety and security within the company.
2.3.2. SECURITY INFRASTRUCTURE
The integration of building services control, made possible by today’s innovative automation
technology, offers facility managers, security chiefs, building owners and occupiers big benefits to
their business. Standalone control systems for security, access control, video surveillance, fire &
safety, HVAC, building power and lighting are limited, not being able to provide the full benefit
possible, with the availability of information often restricted to isolated areas. Response times
accordingly can be slow, with the consequence that facts become blurred. The implementation of an
holistic approach to building security management eliminates those weaknesses.
In an integrated security system, information is
shared between departments, enabling vital
building functions to be centralised. An integrated
security solution (a data management engine,
effectively) delivers to the user the big picture. This
enables automated security-control systems to
utilise all available information within the different
systems and monitor, control and manage these
simultaneously and independent of location. That is
when the real benefits can be realised; increasing
productivity, reducing costs (those of energy,
installation and operation), mitigating risk and
increase security and safety.
New technologies offers a growth model whereby operational security management processes and
tasks about alarming, signalling, login, monitoring, control, identification, authentication,
authorization and verification may be performed in a different manner. The arrangement of a dynamic
security management platform offers a company the option to eventually streamline and optimize not
only security management processes but in a phased manner also several operational processes, for
example:
• Identity & Access Management (integral part of security management);
• Energy Management;
• Asset Management;
• Health & Safety Management;
• Information Management (media and communication); and
• Operational Management.

12. BUILDING
ACTIONABLE
SECURITY
INTELLIGENCE
PROTECTION
OF
PEOPLE,
PROPERTIES
&
PROFITS
FROM
A
PHYSICAL
SECURITY
PERSPECTIVE
VERSION;CONCEPT
©
COPYRIGHT
BY
GETRONICS
206
Page 12 (19)
3 INTELLIGENT DYNAMIC
SECURITY MANAGEMENT
Integration of ‘physical security’ and ‘logical security’ offers a company many
advantages in terms of emergency, incident & event management and the
environmental safety and improvement of security in general.
An important part of the security policy management of many organizations is detection and reporting
of safety and security incidents. In addition to detection it is essential that a number of follow-up
actions are taken immediately:
• Investigation of the risk of the incident;
• Collection and safeguarding of evidence;
• Identify how the incident could happen;
• Institute or add once again security measures in order to prevent incidents in the future;
• Solving the consequences of the incident.
Companies avail themselves to various security tools, each with their own login and events procedure.
Often this amounts to such a great number of events a day that manual analysis is impossible, let
alone that connections between these events may be detected. In order to execute aforementioned
steps efficiently, the ‘intelligent dynamic security management’ platform offers an effective solution.
3.4. SECURITY COCKPIT
The intelligent dynamic security management platform offers a central cockpit for managing and
monitoring the various security systems. Additionally this platform provides an insight into the
performance of security systems and the coherence of security events through which present threats
may be detected faster and new threats may be prevented. The systems of third parties are
integrated within this platform into a high-end security platform.
3.4.1. DYNAMIC DASHBOARD
The arrangement of a intelligent dynamic security management platform on the basis of function, role
and responsibility contributes to pro-active managing and monitoring of security management
processes and systems. Through the application of customization it is possible to arrange various
‘dashboards’ like for instance for the CSO, Security Manager, Security Auditors, Facility and IT
Manager in which information, as relevant to them, is presented in detail (for example high-level
‘traffic light views’).
An intelligent dynamic security management
platform supported by real-time, rules-based
correlation should provide drill-down capabilities to
identify the true issue within a series of security
events. It even provides a library of predefined
correlation rules to help a security responsible
immediately analyzes security threats, right out of
the box. This platform also advanced vulnerability
correlation associates potential threats with
vulnerable assets, calculates an organization’s
overall security risk, and classifies and prioritizes
critical business assets – defining which assets
require immediate attention

13. BUILDING
ACTIONABLE
SECURITY
INTELLIGENCE
PROTECTION
OF
PEOPLE,
PROPERTIES
&
PROFITS
FROM
A
PHYSICAL
SECURITY
PERSPECTIVE
VERSION;CONCEPT
©
COPYRIGHT
BY
GETRONICS
206
Page 13 (19)
3.5. ESCALATION & REPORTING
An intelligent dynamic security management platform offers policy-based event notifications that are
targeted to specific roles within your enterprise. Its advanced alerting mechanisms escalate to the
persons involved by means of multiple methods and systems (voice response, paging, sms, e-mail,
workflow, etc.) and notify personnel of a security event and needed remediation actions. Dependent
on the type, the priority and the threat level, an incident may also be transmitted to the proper
authorities and/or third parties (emergency centre, incident room, police, fire department, etc.).
In addition an intelligent dynamic security management platform improves operational efficiencies by
“auto-discovering” what is in the enterprise environment. It collects not just events, but also reports,
status and more from diverse data sources throughout your infrastructure. It even assess and
respond to the health and availability of these security devices and applications.
Reports with regard to security incidents may be published additionally on a periodical basis (for
instance monthly).With its sophisticated, Web-based visual tools with role-based access you can
customize alert interfaces to reflect your business – allowing you to see your own workspace in new
and meaningful ways. The powerful Visualization Engine lets “investigators” create and work with
powerful visual representations of events in their environment.
Through integration of various existing security systems, among which IT systems, Access Control
Systems, Video Surveillance Systems, Fire & Safety Systems, HVAC Systems, Building Power Systems
and Lighting Systems, it is possible to provide technical insight in a dynamic manner into the
continuity of the company and in particular the level of safety and security of business-critical
environments.
3.5.1. IMPACT ON THE SECURITY POLICY
A intelligent dynamic security management platform centralized command and control console and
alerting features let organizations quickly take action and remediate threats, decreasing the risk of
critical business systems being compromised, minimizing downtime and helping to ensure business
continuity. The platform should provide tools to complete a post-event investigation — allowing
organizations to retrace the steps of a security incident or audit their security for compliance needs.
An intelligent dynamic security management platform offers organizations the option to effectuate the
security policy by:
• Efficiently and quickly offering a centralized insight into the performance of security
management processes (compliance, emergency, incident and event management) and
systems;
• Offering information in a customized manner to various stakeholders (CSO, Security
Manager, Security Auditors, Facility Manager, IT Manager etc.);
• Making information timely, adequately and in an efficient manner available in order to arrive
at intelligent decisions with regard to measures to be taken in case of undesired calamities,
events or incidents;
• Collecting and safeguarding of compliance and audit-relevant information in a reliable
manner.

14. BUILDING
ACTIONABLE
SECURITY
INTELLIGENCE
PROTECTION
OF
PEOPLE,
PROPERTIES
&
PROFITS
FROM
A
PHYSICAL
SECURITY
PERSPECTIVE
VERSION;CONCEPT
©
COPYRIGHT
BY
GETRONICS
206
Page 14 (19)
Best Practice Guidance in Physical
and Environmental Security (1
COBIT refers to the topic of physical and
environmental security as 'Managed
Facilities' with the business goal of
providing a suitable physical surrounding
which protects the critical assets and
people against man-made and natural
hazards. Success is measured by a
number of Key Goal Indicators which
include reductions in both the number of
physical security incidents and the
amount of downtime due to outage of
utilities, together with a measured
improvement in the cost/risk ratio.
IT Governance Institute
Source: COBIT Control Objectives – July 2000
4 PHYSICAL SECURITY
In order to safeguard continuity and counter company risks, it is highly important that
a company controls, monitors and protects her environment against undesired
influences from both inside and outside. Integration of building control systems and
building related systems contributes to the physical protection and safeguarding of the
environment, business-critical applications, means and employees. These systems may
thus without doubt be typified as business-critical systems.
Building control systems and building related systems are developed more and more on the basis of
open standards and architectures and, just like IT systems, are becoming more sensitive to so-called
‘cyber attacks’. Thus the emergence of a vicious security circle and in consequence an increased
dependence has become a fact.
Referring to Cobit the target for physical security is optimisation
i.e. to develop and implement a long-term plan for the facilities
required to support the organisation's business critical
environment. All facilities should be inventoried and classified
according to the organisation's ongoing risk management
process. Access should be strictly controlled on a job-need basis,
monitored continuously and visitors must be escorted at all
times. The environment should be monitored and controlled
through specialised equipment and equipment rooms become
'unmanned'. Preventive maintenance programmes must enforce
a strictly adherence to schedules and regular tests should
applied to sensitive equipment.
The facilities strategy and standards are aligned with IT services
availability targets and integrated with business continuity
planning and crisis management (Facility – IT Alignment).
Management reviews and optimises the facilities on a continual
basis, capitalising on opportunities to improve the business contribution.
4.1. SECURITY CONTROL
Managing and monitoring of reliability, comfort and safety is primarily aimed at the continuity of the
primary company processes insofar as important for the company. The type, extent and level of
security of and around (progression) processes is dependent on various (environment) factors and the
dynamics of a company. The business-specific risks and the safety measures to be taken thus clearly
differ per market sector and are dependent on the cumulative value and continuity of each division or
object within the company.
The required measures for physical protection and safety are determined among others by the
characteristics of a company and the functional importance of an object to be protected. The physical
safety and security measures are aimed in general at:
• management of the flow of people, means and goods in case these move within a location
and/or area to be specifically controlled;
• monitoring of actions by people and objects in case these move around within a location
and/or area to be specifically controlled;
• monitoring and managing of the availability of business-critical means, systems, installations
and infrastructures within a location and/or area to be specifically controlled.
Integration of building control systems and building related systems such as Access Control Systems,
Video Surveillance Systems, Fire & Safety Systems, HVAC Systems, Building Power Systems and
Lighting Systems may enhance the level of safety and security.

15. BUILDING
ACTIONABLE
SECURITY
INTELLIGENCE
PROTECTION
OF
PEOPLE,
PROPERTIES
&
PROFITS
FROM
A
PHYSICAL
SECURITY
PERSPECTIVE
VERSION;CONCEPT
©
COPYRIGHT
BY
GETRONICS
206
Page 15 (19)
Cost-cutting measures will likely
fuel the push to integrate
Forrester's Steve Hunt says
convergence projects mean money.
"End user organizations can save
money by streamlining historically
disparate security projects, while
vendors can capitalize on new
spending," Hunt said. "The
convergence market will grow rapidly
during the next five years as
enterprise risk management points
more companies to greater security
efficiencies and effectiveness."
Source: Wedded to physical and IT
security? At SearchSecurity.com
4.2. SECURITY SERVICES
Within the traditional enclosed chain of safety values a well-balanced cohesion of service processes,
technology and infrastructure is of great importance. Within this chain, IP technology is the new
´business enabler´ between the various business and management processes whereby accessibility,
availability and continuity are of great importance.
Physical security is primarily aimed at managing and monitoring
preventive measures against company risks such as:
• loss of productivity caused by calamities (fire, smoke,
flooding);
• interruptions in the delivery of (IT) services (information
provision);
• criminality (sabotage, burglary, theft) and vandalism
(damage and destruction);
• unauthorized access to facilities (workplaces, buildings
and sites);
• failure of building control systems and building related
systems;
• infringement of the safety of employees and relations;
• false alarms and reports;
• breach of goodwill, image and/or reputation
Uniting and/or centralization of security management functionalities results in enhancement of
security efficiency and will mitigate the abovementioned risk in a effective manner. Through the smart
use of open standards like for instance IP technology, XML & Web services it is possible to integrate
various physical security systems and monitor, control and manage these simultaneously and
independent of location. These new technologies enable the execution of security processes
independent of location, distance and time. The incorporation of information technology into physical
security systems will result in a large scale networked systems that extend the reach of command and
control capabilities, and through automated and intelligent monitoring provide more actionable
information to security operators.

16. BUILDING
ACTIONABLE
SECURITY
INTELLIGENCE
PROTECTION
OF
PEOPLE,
PROPERTIES
&
PROFITS
FROM
A
PHYSICAL
SECURITY
PERSPECTIVE
VERSION;CONCEPT
©
COPYRIGHT
BY
GETRONICS
206
Page 16 (19)
Examine your potential benefits:
• User management
• Regulatory compliance
• Perimeter security
enhancements
• Event management
• Incident investigation
• Risk management
Examine your operational costs:
• Overall system costs
• Integration risks
• Project management risks
• Training & education
• Management & maintenance
• Recovery
Examine your potential benefits:
• User management
• Regulatory compliance
• Perimeter security
enhancements
• Event management
• Incident investigation
• Risk management
Examine your operational costs:
• Overall system costs
• Integration risks
• Project management risks
• Training & education
• Management & maintenance
• Recovery
Optimizes your security
investments and will help
to improve the
performance, availability
and scalability of your
facilities.
Identifies your critical
business continuity and
recovery needs within your
facilities.
Integrates your important
security requirements and
recent mandates with the
advantage of innovative
solutions and technologies
to ensure your facilities.
Enables a central point of
control for managing and
monitoring security within
your facilities.
Optimizes your security
investments and will help
to improve the
performance, availability
and scalability of your
facilities.
Identifies your critical
business continuity and
recovery needs within your
facilities.
Integrates your important
security requirements and
recent mandates with the
advantage of innovative
solutions and technologies
to ensure your facilities.
Enables a central point of
control for managing and
monitoring security within
your facilities.
5 GETRONICS PINKROCCADE
Why Getronics PinkRoccade?
Our strategic approach to security combined with our ability to deliver end-to-end
solutions sets us
apart from our competitors. Our approach is based on seeing both the challenges and
opportunities facing our clients. Security is not just a cost, it is a business enabler. It
facilitates more effective means of reaching customers and new ways of collaborative
working. Our proposals provide pragmatic solutions to meet clients’ needs. As business
priorities evolve, our security solutions change in step. In this way, we help our clients
to maintain high levels of trust with their customers, partners and suppliers.
End-to-end solutions
Many companies offer security services but few can deliver a comprehensive, strategic
security solution. Drawing on our global resources, we deliver every aspect of the
security solution, anywhere in the world.
Track record
Getronics PinkRoccade has been trusted to manage complex ICT environments for
blue chip companies in many different sectors, all over the world, for more than two
decades. We have many long-term customer relationships based on our proven ability
to deliver what we promise.
Innovative business models
Getronics is at the forefront of innovative contractual arrangements with clients. We
believe that strategic security systems can drive profit growth and are willing to be
measured and rewarded in part on this basis. We have developed methods for
identifying how enhanced security systems bring business benefits to clients and are
able to offer a shared reward approach to these opportunities.
A flexible approach
Our solutions are built on evolutionary principles, taking a stage-by-stage approach.
We begin by identifying the most urgent priorities and address these first. We show
our clients clear, measurable benefits and only then do we move onto the next stages.
Our aim is to ensure that the client stays fully in control and invests in success.

17. BUILDING
ACTIONABLE
SECURITY
INTELLIGENCE
PROTECTION
OF
PEOPLE,
PROPERTIES
&
PROFITS
FROM
A
PHYSICAL
SECURITY
PERSPECTIVE
VERSION;CONCEPT
©
COPYRIGHT
BY
GETRONICS
206
Page 17 (19)
5.1. IDSM™
The scope of Getronics PinkRoccade’s iDSM™ solution (intelligent Dynamical Security
Management™) conducts the delivery of a centralized intelligent dynamic security
management platform to ensure the company’s continuity including;
• customization of real-time, pro-active, dynamic and coordinated views of
security conditions and threats enterprise-wide.
• integration of automated workflow management systems and/or voice
response systems for logging, notification and verification of security incidents
in line with the security compliance (rules and regulations) and priorities.
Our strategic aim is to ensure that the client stays fully in control by managing their business
continuity through real-time configuration, monitoring, troubleshooting and management of systems,
assets & buildings, people, and their related supporting and critical infrastructure in relation to their
security compliances, regulations and measures.
OUR VALUE PROPOSITION
Pro-active management (plan, do, check, act), monitoring (alarms, loggings,
notifications and verifications) and analysis (security emergencies, incidents and
events) of physical and logical security systems and measures to ensure the company’s
continuity.
With iDSM™ we offer our clients a strategic security solution which will increase their security within
the enterprise environment by;
• real-time monitoring and management of all security aspects from a centralized
management cockpit and roll-based personalized dashboards based on regulatory
compliance requirements.
• gaining control through seamlessly integrated logical and physical security management
information systems into a intelligent dynamic security management platform.
• providing access to expert information (best practices & lessons learned), dynamic guidance
tailored to the specific characteristics of emergencies, incidents or events, and measurement
and reporting of the effectiveness of the organization's response to improve the company’s
security requirements and response procedures.
OUR SERVICE CAPABILITIES
Plan
Advise (vision & scope), examine (regulations, processes & controls), define and design
(functionality, rules & roles), and engineering (technology) of intelligent Dynamic
Security Management (iDSM™) platform.
Build
Development (built & test) and implementation (policies & processes) of intelligent
Dynamic Security Management (iDSM™) platform.
Deploy
Roll-out, migration and integration of intelligent Dynamic Security Management
(iDSM™) platform.
Manage
(Remote) Management (configuration & performance management), monitoring &
troubleshooting (response & recovery) and auditing (assess & report) of an intelligent
Dynamic Security Management platform in line with regulatory compliance
requirements.
The strategic approach of iDSM™ optimizes your security investments and will help to improve the
performance, availability and scalability of your facilities. Our iDSM™ approach integrates your
important security requirements and recent mandates with the advantage of innovative solutions and
technologies to ensure your facilities.
Our solution’s benefits will: 1. enables business continuity, 2. reduces costs, 3. improves operational
efficiencies, 4. mitigates risks, 5. supports regulatory compliance, 6. enables operational and
situational awareness, 7. improves discussion making, and 8. reduce insurance premiums.

18. BUILDING
ACTIONABLE
SECURITY
INTELLIGENCE
PROTECTION
OF
PEOPLE,
PROPERTIES
&
PROFITS
FROM
A
PHYSICAL
SECURITY
PERSPECTIVE
VERSION;CONCEPT
©
COPYRIGHT
BY
GETRONICS
206
Page 18 (19)
5.2. PHYSICAL SECURITY
The scope of Getronics PinkRoccade’s Physical security solution conducts the delivery of
a integrated security platform for controlling, monitoring and managing the enterprise
facilities including;
• integration of physical security with logical security applications and systems
to create a single point of control,
• integration with external emergency and security application and systems
(e.g. Police, Fire Brigades, Hospital Emergency Centre, Territory Control
Centers, Alarm Centers).
Our strategic aim is to ensure that the client stays fully in control by controlling and protecting
systems, assets & buildings, people, and their related supporting and critical infrastructure against
threats that are associated with the physical environment.
OUR VALUE PROPOSITION
Management & monitoring of security measures taken to protect systems, assets &
buildings, people, and their related supporting and critical infrastructure against threats
that are associated with the physical environment.
With Physical security we offer our clients a strategic security solution which will increase their
security within the physical environment by;
• monitoring the actions of people or objects as they move through specific observed locations
or area’s.
• managing the flow of people or assets as they move through specific controlled locations or
area’s.
• controlling and monitoring the availability of critical assets, systems or infrastructures within
specific protected enterprise environment.
OUR SERVICE CAPABILITIES
Plan
Advise (vision & scope), examine (regulations, processes & controls), define and design
(functionality), and engineering (technology) of physical security applications, controls,
systems and their related critical infrastructures.
Build
Development, built, test (technology) and implementation (policies & processes) of
physical security applications, controls, systems and their related critical
infrastructures.
Deploy
Roll-out, migration and integration of physical security applications, controls, systems
and their related critical infrastructures.
Manage
(Remote) Management (identity, access & configuration management), monitoring
(surveillance and control) and auditing (assess & report) of the systems, assets &
buildings, people, and their related supporting and critical infrastructure in line with
regulatory compliance requirements.
The strategic approach of Physical security optimizes your security investments and will help to
improve the performance, availability and scalability of your facilities. Our Physical security approach
integrates your important security requirements and recent mandates with the advantage of
innovative solutions and technologies to ensure your facilities.
Our solution’s benefits will: 1. increases productivity (improved functionality/efficiency), 2. improves
business continuity (peer-to-peer control), 3. reduces operational costs (energy, installation and
operation), 4. reduces risks, and 5. increases security and safety.

19. R. van Oostenbrugge
Business Development Manager
E-mail: ronald.vanoostenbrugge@getronics.com
P.J. Cocu
Solution Consultant Security
E-mail: paulus.cocu@getronics.com