Articles

Novell Honeywell Q&A

Spokespeople

Ivan Hurtt Product Marketing Manager, Novell

Peter Fehl Marketing Manager, Honeywell

Novell and Honeywell recently announced a unique technology integration delivering a secure access and provisioning solution to protect an organization’s physical and logical assets. Curt Blakeney speaks with Ivan Hurtt, product marketing manager at Novell, and Peter Fehl, marketing manager at Honeywell, regarding this integration and what it means for the future.

Q: Describe the technology integration and the benefits it brings to customers.

Ivan Hurtt: This technology integrates Novell’s identity management solution into Honeywell's access control security platform, allowing customers to tie the physical security and logical security worlds together. By integrating these two technologies, physical access to buildings is linked closely with logical access to computers and network resources. Similarly, actions to revoke an employee's physical access can be used to trigger automated network deprovisioning on the logical side. With this convergence, organizations can automatically provision and control user access across disparate systems, while also gaining a holistic view of access occurrences. By being able to view who is accessing what – whether it be accounting files, computer applications, or a specific wing of a building – enterprises can rest assured that their various assets are secure.

Peter Fehl: The solution allows an organization to create a single unified security policy across the entire organization removing the security silos of the past. The result is a more secure environment and tighter compliance. This solution also reduces cost and increases productivity for customers by simplifying the process of manually managing identity information across several systems. Now, user data can be automatically synchronized across multiple facilities and systems. Security personnel, both IT and physical, can maintain a single point of management for all users, update role changes, and terminate user access. The end result is tighter security controls across all organizational systems.

Q. What are the current security trends that drove this integration?

Peter Fehl: We saw a trend first start in the Federal space. President Bush signed the Homeland Security Presidential Directive – 12 (HSPD-12) as a result of growing security concerns and mandated that Federal agencies implement a personal identification verification system. This was the event that really started driving true convergence of physical and logical security. Now, non-Federal businesses are seeing the increased security a converged market brings as well as the cost benefits.

Ivan Hurtt: Without this integration, enterprises have to manually provision and deprovision user access to all enterprise assets. Think about it, each employee, contractor, partner, etc. must be assigned or denied access to every application on the network, as well as various physical locations within the enterprise. Performing these processes manually not only costs a significant amount of time and money, but also leaves gaps in enterprise security. Whether you bring the physical and IT security departments together or keep them separate, each needs information the other has – it’s that simple. Since this information has to be shared without increasing the burden on either department, this integration helps both to make decisions without being in a vacuum.

Q. Will physical and logical security continue to converge? Is this the future?

Ivan Hurtt: Absolutely. With the nature of business, the convergence of physical and logical security is inevitably the future. Enterprises must manage the added complexities that stem from business processes such as mergers and acquisitions, product integrations, and personnel growth. In order to effectively manage these challenges, physical and logical security professionals must combine efforts and technologies to increase enterprise security and productivity. For example, if an employee or contractor is denied building access on his last day of work but can still access the network remotely for days or even weeks later, there is a window for disaster. In order to ensure an enterprise is completely secure, these two disciplines must be tied together.

Peter Fehl: It is also important to note that this convergence does not negate the need for either security practice. In integrating physical and logical security, this solution allows each department to focus on more strategic initiatives. Manually provisioning and deprovisioning users is a laborious process that will eat up both physical and logical resources. Bringing these two together allows each side to independently focus on more tactical security initiatives. The solution created by Honeywell and Novell was purposely designed to bend to the way organizations do business, not the other way around.

Q. Are there specific industries that will benefit from this convergence?

Peter Fehl: With the amount of personal data out there and increasing security risks, converged physical and logical security strategies can benefit a number of companies and industries. Today, the risk of being out of compliance can range from criminal charges to facilities being shut down at a moments notice. Compliance has become a critical business initiative for all industries but sectors like banking, pharmaceutical, and utilities carry the most risk. The flip side of the coin is the productivity benefits a converged solution can provide; the more complicated the organization, the more ROI they will derive from the solution.

Ivan Hurtt: It’s obvious that certain high-risk industries such as government and financial services would benefit from this convergence. While integration began as a government initiative, any industry with security concerns, such as healthcare or chemical organizations, can benefit from this convergence. By addressing the various regulatory requirements facing industries today – HIPAA, FIPS, SOX, TWIC, etc. – organizations can ensure they are compliant by integrating physical and logical security efforts.

Go Back