Transcript PS-4 - TMCnet
Slide 1
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 2
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 3
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 4
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 5
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 6
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 7
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 8
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 9
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 10
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 11
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 12
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 13
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 14
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 15
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 16
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 17
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 18
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 19
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 20
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 21
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 2
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 3
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 4
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 5
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 6
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 7
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 8
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 9
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 10
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 11
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 12
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 13
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 14
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 15
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 16
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 17
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 18
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 19
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 20
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003
Slide 21
Sellers, Resellers,
Integrators, Consultants
What Are Their Roles??
Presenter
Colin Keogh
Keogh and Associates
Keogh and Associates Copyright 2003
Physical Security
Physical security is about protecting tangible
assets from harm. These assets can include
(but are not limited to) people, buildings,
vehicles, documents, food and drink,
pharmaceuticals, consumer or industrial
products, art, museum artifacts, and money.
The harm to be avoided can include theft,
destruction, vandalism, sabotage,
espionage, or tampering.
Keogh and Associates Copyright 2003
MANUFACTURER
RESELLER
INTEGRATOR
CONSULTANT
SECURITY SYSTEM
Keogh and Associates Copyright 2003
Consultants
Consultants can help with your complete
security plan and implementaion. They can
also recommend integrators and resellers
that they have worked with in the past.
Their knowledge of the industry will save
you thousands of dollars and hundreds of
hours.
Keogh and Associates Copyright 2003
Vendors
The biometric vendors manufacture the
hardware or write the software. They
do not supply complete integrated
solutions. They work with resellers
and integrators as their interface to the
end user.
Keogh and Associates Copyright 2003
Integrators
Integrators work closely with leading
biometric technology vendors and
independently keep abreast of the latest
developments in the biometrics sector, they
can provide solutions specific to each
customer's security requirements. They are
independent of the manufacturer so they can
let the need drive the solution.
Keogh and Associates Copyright 2003
Resellers
Resellers are retail partners for a
manufacturer. They specialize in that
manufacturer’s products and usually carry
solution based software for the
manufacturer’s hardware. Resellers let the
hardware drive the solution. Give them
your specifications and let them respond
with their solution.
Keogh and Associates Copyright 2003
Security
Triangle
Something you know
Keogh and Associates Copyright 2003
There is no single biometric that
fits all and each deployment
situation must be viewed on its own
merits; this way, the requirements
shape the biometric solution, the
biometric solution does not shape
the requirements.
Keogh and Associates Copyright 2003
The RFP
• Describe what is needed not how to achieve
it
• Allow vendors to tender solutions
• Make the vendor prove that their integrated
product meets your requirements
• Develop an evaluation model to compare
the different solutions
Keogh and Associates Copyright 2003
Security Threats
20%
5%
75%
People
Property
Information Technology
Keogh and Associates Copyright 2003
Physical Security
Security Systems
Access Control
Software and
middleware
Physical Plant
Security
Personnel
Security
Biometric
Integration
Policy Review / Assurance / Tests / Audit / Certification
Training Education, Best Practices, Info Sharing
Policies, Procedures, Standards
Risk Assessment
Keogh and Associates Copyright 2003
Security Components
Security
Policy
Security
Awareness
Security
Organization
Physical
Security
Personnel
Security
Threat
Assessment
IT Security
Incident
Analysis
Security
Training
Keogh and Associates Copyright 2003
Top Security Mistakes
• Security threats and risks are not analyzed
prior to selection of security technology and
design
• Corporations fail to deal with the awareness
and operational aspects of security
• Lack of robust security policy definition or
non-adherence to security policies
• Absence of non-periodic security audits
• Lackadaisical implementation of physical
security
Keogh and Associates Copyright 2003
Security Mistakes By
Management
• Assigning untrained people to maintain
security
• Failing to understand the relationship of
physical security to the business problem
• Failing to deal with the operational aspects
of security
• Authorizing reactive, short-term fixes
leading to problems re-emerging
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Anticipated Security Expenditures for 2003-2004
Expenditure Areas
Increased
%
Stayed the Same
%
Decreased
&
Internal security personnel expenditures
32
52
11
Internal security operations expenditures
40
50
7
Security consulting expenditures
23
43
27
Contract guard expenditures
32
37
22
General personnel screening expenditures
34
49
12
Access control expenditures
55
31
8
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
Keogh and Associates Copyright 2003
PROTECTION
DETECTION
REACTION
Keogh and Associates Copyright 2003