As with many types of technology, within the life-safety and security disciplines there has been a push to combine and integrate systems, pulling more information together into a central access point. This allows for decisions to be made based on multiple perspectives and with a greater understanding of the larger picture. While the degree of information and aggregated systems varies, many organizations have a central location into which these items all consolidate, which is usually a security office, control center or security operations center.
This approach allows this central location to be the focus of hardening, redundancies, and features for survivability. The facility can be designed to accommodate emergency personnel and decision makers in one location to easily organize and communicate the response as well as other related efficiencies and advantages. However, what happens if this facility is compromised or experiences a critical failure? What if the facility or area becomes inaccessible, or it is best not to bring many people together into the same location?
A response to this issue can include setting up a redundant or back-up location. In the case of larger organizations this secondary location may be in another state or region. It may be that there is justification, based on activity level, that both locations apportion the load between them and are available to take on the other locations responsibility if needed. This strategy keeps each location ready and avoids having a back-up location sitting for an undetermined amount of time without constant verification that it is working.
To take this shared concept one step further, what can be assigned to whatever location where various personnel are usually present or can easily access? Distributed architecture relies on the ability to communicate between locations and provide connectivity to a central source of truth/reporting. The potential for a distributed approach improves if you: have interconnectivity between multiple physical locations; can deploy systems within client interfaces that do not require applications; have central systems that mirror to other locations; and if there are base levels of survivability at multiple locations and process exists to allow for decentralization of response decisions.
How distributed should your security operations be? What is appropriate for your organization?
To be clear: I am not advocating for one approach or another, as there are many factors to consider and this will vary from place to place based on regulations, available resources, and your organization’s objectives. Considering the question around this topic is the take-away and should be included in your periodic evaluation of security and life-safety operations for long term planning
I am interested in how your organization addresses these issues. As always, your feedback is welcome.